Cyber security analyst jobs in Spring, TX

**Our client, a leading energy company, is seeking a Cyber Security Engineer to join their team. As a Cyber Security Engineer, you will be part of the Security Operations team supporting the IAM and Vulnerability Management programs. The ideal candidate will have strong problem-solving skills, adaptability, and effective communication, which will align successfully in the organization.** **Job Title:** Cyber Security Engineer **Location:** Houston, Princeton, or Utah (Hybrid, 1-3 days/week in the office) + Support Identity and Access Management (IAM) initiatives, including Azure SSO and Okta. + Assist in vulnerability management by identifying, tracking, and prioritizing security risks. + Maintain and configure security tools such as IDS/IPS, endpoint protection, and SIEM systems. + Support incident response activities, including investigation and reporting of security incidents. + Collaborate with IT and infrastructure teams to ensure security and compliance across the organization. **What's Needed?** (Max of 5) + 2-5 years of experience in cybersecurity or related roles. + Experience with IAM technologies, specifically **Azure SSO** and **Okta** . + Knowledge of security tools, networking, cloud security, and operating systems. + Strong analytical and problem-solving skills with attention to detail. + Ability to communicate technical concepts effectively and work collaboratively in a team. **What's in it for me?** + Hybrid work environment with flexibility to work 1-3 days in the office. + Opportunity to work on a variety of cybersecurity projects, including IAM and vulnerability management. + Potential to convert to full-time based on performance and business need. + Exposure to modern security tools and technologies in a hands-on environment. + Collaborative and supportive team culture. If this is a role that interests you and you'd like to learn more, click apply now and a recruiter will be in touch with you to discuss this great opportunity. We look forward to speaking with you! **About ManpowerGroup, Parent Company of:** **Manpower, Experis, Talent Solutions, and Jefferson Wells** _ManpowerGroup (NYSE: MAN), the leading global workforce solutions company, helps organizations transform in a fast-changing world of work by sourcing, assessing, developing, and managing the talent that enables them to win. We develop innovative solutions for hundreds of thousands of organizations every year, providing them with skilled talent while finding meaningful, sustainable employment for millions of people across a wide range of industries and skills. Our expert family of brands -_ **_Manpower, Experis, Talent Solutions, and Jefferson Wells_** _-_ creates substantial value for candidates and clients across more than 75 countries and territories and has done so for over 70 years. We are recognized consistently for our diversity - as a best place to work for Women, Inclusion, Equality and Disability and in 2022 ManpowerGroup was named one of the World's Most Ethical Companies for the 13th year - all confirming our position as the brand of choice for in-demand talent. ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee's race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.

The Cybersecurity Analyst will be responsible for safeguarding the organization's information systems, infrastructure, and data through proactive monitoring, analysis, and in supporting the implementation of advanced security solutions. This position plays a vital role in maintaining a secure technology environment by leveraging tools such as Cisco XDR, Cisco Firepower, Cisco Endpoint, Cisco ASA, Fortinet Gateways, and Duo MFA. The ideal candidate will possess 3-5 years of hands-on experience in network and server hardening, threat detection and response, and disaster recovery planning and execution. Working closely with IT operations, this role ensures that all systems are resilient, compliant, and protected against evolving cyber threats. Key Responsibilities Security Operations & Monitoring · Implement, configure, and manage Cisco XDR, Cisco Endpoint Security, and Fortinet Gateways to ensure proactive threat detection and response. · Monitor network and endpoint activities for security incidents using advanced SIEM and XDR tools. · Investigate, analyze, and respond to security breaches, threats, and vulnerabilities. Network & Infrastructure Security · Manage and maintain Cisco Firepower and Cisco ASA firewalls to ensure secure and efficient traffic management. · Administer Duo Multi-Factor Authentication (MFA) for secure user access and identity protection. · Perform network hardening to reduce the attack surface, following best practices and compliance standards. Server & System Hardening · Conduct server hardening across Windows and Linux systems, ensuring compliance with internal and regulatory standards. · Review and implement secure configurations, patch management, and vulnerability remediation. Disaster Recovery & Continuity · Participate in DR drills and testing to validate readiness and response effectiveness. Policy, Documentation & Compliance · Maintain up-to-date documentation of network security configurations, standards, and incident response procedures. · Support compliance initiatives (e.g., NIST, ISO 27001, or CIS Controls) through audits and reporting. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements - Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience). - 3-5 years of hands-on experience managing and securing enterprise networks and systems. - Proven experience with: - Cisco XDR, Cisco Firepower, Cisco ASA, Cisco Endpoint - Fortinet Gateways - Duo MFA - Server and Network Hardening - Disaster Recovery implementation and testing - Strong understanding of TCP/IP, VPNs, IDS/IPS, and secure network design principles. - Familiarity with incident response, threat intelligence, and vulnerability management processes. - Cisco certifications such as CCNA, CCNP (Enterprise, Security, or equivalent). - Experience with other routing protocols (EIGRP, BGP) and advanced firewall features. - Familiarity with automation tools (Python, Ansible, Netmiko) for network management. - Experience in high-availability enterprise or government environments.

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Job Responsibilities: We are seeking a highly skilled and motivated Cyber Security Specialist to join our cybersecurity programmatic assessment team. The Cyber Security Specialist will assist the Department of Energy (DOE) in monitoring and assessing the Department's cyber programs performance while considering compliance with Federal Information Security Modernization Act (FISMA) implementation requirements. This position will lead and participate in comprehensive or focused cybersecurity assessments, creation of assessment reports, and presenting the assessment results to senior management. Assessment areas can be tailored to best assess the sites implementation and may include program management, account management, risk management, configuration management, contingency planning, incident response, system security plans, security controls assessments, Plan of Action and Milestones reviews, and vulnerability scan reviews. Other duties and responsibilities: · Plan, execute, and lead cybersecurity assessments across the department. · Help develop assessment objectives that will provide value to the program and department. · Evaluate the efficiency, effectiveness and performance of operation processes with department security policies and related government regulations. · Conduct subject matter expert interviews in order to develop an understanding of the current cybersecurity policies, processes, procedures, and risks to the department. · Assess the exposures resulting from ineffective or missing control practices. · Develop rigorous best practice recommendations to improve cybersecurity on all levels. · Develop assessment findings and prepare assessment reports. · Provide written and verbal reports of assessment results. · Other duties as specified by manager or organization. Position Requirements: · Must possess at least a bachelors degree from an accredited university or college, in such fields as an engineering discipline, business administration, security management, computer science, or information management or equivalent combination of education and experience. · 5 years of experience in cybersecurity risk and compliance, IT governance, IT assessments, or an IT/cybersecurity-related field. · Must be a U.S. citizen. · Ability to successfully receive and maintain a DOE Q/SCI (TS/SCI) Clearance. · Must have detailed knowledge of NIST requirements and DOE policies and procedures. · Must have detailed knowledge of DOE missions, sites, facilities, operations, and organizational roles and responsibilities. · Must be able to demonstrate detailed knowledge in cybersecurity management programs, including classified and unclassified computer systems, broad working knowledge of state-of-the-art computer security applications, and familiarity with current and emerging information technologies as they apply to the protection of classified information. · Must be knowledgeable about computer networks, penetration techniques, viruses, classified computer systems, Federal computer security requirements and techniques, national standards, and comparable industrial/commercial applications. · Must have familiarity with a broad range of tools and techniques used for network scanning, automated penetration testing, data encryption, and virus detection. · Must have a demonstrated ability to develop reports and presentations (oral and written) that are understandable to a management audience. · Must have excellent oral and written communication skills, and a proven ability to meet deadlines and perform under pressure in an uncertain environment. Desired Skills, Knowledge, and Abilities: Previous experience as a cybersecurity assessor in a similar function. Previous experience as an Information System Security Manager (ISSM). Previous experience managing a cybersecurity program. A solid understanding of DOE missions, sites, facilities, operations, and organizational roles and responsibilities. Possess one or more nationally recognized certifications. Job Type: Full-time Pay: $75.00 - $95.00 per hour Benefits: 401(k) 401(k) matching Dental insurance Health insurance Health savings account Life insurance Paid time off Work Location: Remote

At Honeywell, we make a lot of incredible things. But most importantly, we make the future, and are looking for people to join our team global team of future shapers. When you join Honeywell, you become a member of our performance culture comprised of diverse leaders, thinkers, innovators, dreamers and doers who are changing the future. Our people are committed to each other and to the realization of our vision through their unique job functions. Our businesses embrace the challenges of innovation so that we define the future. And our global opportunities are endless for you to grow and get recognized for your passion to perform. We are seeking a creative and forward-thinking cybersecurity engineer to develop and enhance cyber security solutions to address unique security challenges in critical infrastructure and industrial businesses. This position is responsible for providing on-site cyber security services associated with industrial Process Control Networks for Honeywell customers in the Oil and Gas; Hydrocarbon Processing; Power Generation; Pulp, Paper & Printing; Continuous Web Solutions; Petrochemicals; Life Sciences; and Metals, Minerals and Mining markets. Services provided include on-site consulting, troubleshooting, network designs, implementation, assessments, and other related tasks as identified Services provided include on-site and offsite consulting, troubleshooting, network designs, implementation, assessments, and other related tasks as identified. Key Responsibilities: * Assume a leadership role in operations teams, serving as a mentor to junior members and ensuring that assigned projects are delivered on time, within budget and to customer satisfaction. * Stay technically current with cybersecurity solutions and maintain expert knowledge in designated network disciplines. * Serve as a Subject Matter Expert (SME) on assigned Honeywell Solutions or Products for the team. * Maintain relevant cybersecurity certifications such as CISSP, GICSP, or similar. * Master current industry security standards (e.g., IEC-62443, ISO 27000). * Build strong relationships with internal and external customers by providing accurate and efficient technical/engineering support. * Diagnose problems and provide timely, accurate technical solutions in response to customer inquiries, questions, and issues. * Uphold industrial safety awareness through the completion of pertinent safety certifications. Basic Qualifications: * Bachelor's degree in computer-related fields (e.g., Computer Science, Computer Information Systems, Electronics) or equivalent experience. * 7+ years of experience in Networking, endpoint security, and conducting audits/assessments in IT security. * 5+ years of experience in Security Projects. * 3+ years of experience in Cybersecurity Vulnerability or Risk assessment. * Cisco Certified Network/Design/Security Professional (at least one certification). * GICSP/CISSP Certified Information Systems Security Professional or similar security certification. * Advanced Cyber Security certifications such as GRID, CISM, or CISA. * Proficient in vulnerability scanning and assessments using tools like Nessus and NMAP. * Proven experience designing or deploying large projects leveraging virtualization, preferably VMware. * Network Security Experience: Firewalls, ACL, IDS, IPS, SIEM, particularly with Cisco Routers, Switches, or Firewalls. * Advanced experience with Microsoft Active Directory including creating and modifying Group Policy Objects. * Advanced experience implementing and troubleshooting DNS, WSUS, and Terminal Server. * Experience with antivirus systems and backup & restore solutions. * Experience providing network services on customer sites. * Excellent written and oral communication skills. * Ability to lead teams of engineers successfully complete complex projects involving multiple disciplines across multiple sites or process areas. * Willingness to travel 60-75%. Preferred Qualifications and Experience * 5 years' experience in Operational Technology (OT). * VMware Professional (VCP-DCV) certification. * IEC-62443 Expert Certification * Knowledge of networking protocols including HSRP, STP, RSTP, MSTP, VLAN, 802.1q, IPv4, IPv6, RIPv2, OSPF, EIGRP, DNS, NTP, EtherChannel, FTP, TFTP, and SSH. * Awareness of cybersecurity best practices and recommendations. * Mastery in preparing functional and detailed design specifications. * Excellent troubleshooting skills to resolve complex network, application, or system integration issues. ABOUT HONEYWELL Honeywell International Inc. (Nasdaq: HON) invents and commercializes technologies that address some of the world's most critical challenges around energy, safety, security, air travel, productivity, and global urbanization. We are a leading software-industrial company committed to introducing state-of-the-art technology solutions to improve efficiency, productivity, sustainability, and safety in high-growth businesses in broad-based, attractive industrial end markets. Our products and solutions enable a safer, more comfortable, and more productive world, enhancing the quality of life of people around the globe. Learn more about Honeywell: click here THE BUSINESS UNIT Honeywell Building Automation (BA) is a leading global provider of products, software, solutions, and technologies that enable building owners and occupants to ensure their facilities are safe, energy efficient, sustainable, and productive. BA products and services include advanced software applications for building control and optimization; sensors, switches, control systems, and instruments for energy management; access control; video surveillance; fire products; and installation, maintenance, and upgrades of systems. Revenues in 2022 for BA were $6B and there are approximately 18,000 employees globally.

At Honeywell, we make a lot of incredible things. But most importantly, we make the future, and are looking for people to join our team global team of future shapers. When you join Honeywell, you become a member of our performance culture comprised of diverse leaders, thinkers, innovators, dreamers and doers who are changing the future. Our people are committed to each other and to the realization of our vision through their unique job functions. Our businesses embrace the challenges of innovation so that we define the future. And our global opportunities are endless for you to grow and get recognized for your passion to perform. We are seeking a creative and forward-thinking cybersecurity engineer to develop and enhance cyber security solutions to address unique security challenges in critical infrastructure and industrial businesses. This position is responsible for providing on-site cyber security services associated with industrial Process Control Networks for Honeywell customers in the Oil and Gas; Hydrocarbon Processing; Power Generation; Pulp, Paper & Printing; Continuous Web Solutions; Petrochemicals; Life Sciences; and Metals, Minerals and Mining markets. Services provided include on-site consulting, troubleshooting, network designs, implementation, assessments, and other related tasks as identified Services provided include on-site and offsite consulting, troubleshooting, network designs, implementation, assessments, and other related tasks as identified. Basic Qualifications: Bachelor's degree in computer-related fields (e.g., Computer Science, Computer Information Systems, Electronics) or equivalent experience. 7+ years of experience in Networking, endpoint security, and conducting audits/assessments in IT security. 5+ years of experience in Security Projects. 3+ years of experience in Cybersecurity Vulnerability or Risk assessment. Cisco Certified Network/Design/Security Professional (at least one certification). GICSP/CISSP Certified Information Systems Security Professional or similar security certification. Advanced Cyber Security certifications such as GRID, CISM, or CISA. Proficient in vulnerability scanning and assessments using tools like Nessus and NMAP. Proven experience designing or deploying large projects leveraging virtualization, preferably VMware. Network Security Experience: Firewalls, ACL, IDS, IPS, SIEM, particularly with Cisco Routers, Switches, or Firewalls. Advanced experience with Microsoft Active Directory including creating and modifying Group Policy Objects. Advanced experience implementing and troubleshooting DNS, WSUS, and Terminal Server. Experience with antivirus systems and backup & restore solutions. Experience providing network services on customer sites. Excellent written and oral communication skills. Ability to lead teams of engineers successfully complete complex projects involving multiple disciplines across multiple sites or process areas. Willingness to travel 60-75%. Preferred Qualifications and Experience 5 years' experience in Operational Technology (OT). VMware Professional (VCP-DCV) certification. IEC-62443 Expert Certification Knowledge of networking protocols including HSRP, STP, RSTP, MSTP, VLAN, 802.1q, IPv4, IPv6, RIPv2, OSPF, EIGRP, DNS, NTP, EtherChannel, FTP, TFTP, and SSH. Awareness of cybersecurity best practices and recommendations. Mastery in preparing functional and detailed design specifications. Excellent troubleshooting skills to resolve complex network, application, or system integration issues. ABOUT HONEYWELL Honeywell International Inc. (Nasdaq: HON) invents and commercializes technologies that address some of the world's most critical challenges around energy, safety, security, air travel, productivity, and global urbanization. We are a leading software-industrial company committed to introducing state-of-the-art technology solutions to improve efficiency, productivity, sustainability, and safety in high-growth businesses in broad-based, attractive industrial end markets. Our products and solutions enable a safer, more comfortable, and more productive world, enhancing the quality of life of people around the globe. Learn more about Honeywell: click here THE BUSINESS UNIT Honeywell Building Automation (BA) is a leading global provider of products, software, solutions, and technologies that enable building owners and occupants to ensure their facilities are safe, energy efficient, sustainable, and productive. BA products and services include advanced software applications for building control and optimization; sensors, switches, control systems, and instruments for energy management; access control; video surveillance; fire products; and installation, maintenance, and upgrades of systems. Revenues in 2022 for BA were $6B and there are approximately 18,000 employees globally. Key Responsibilities: Assume a leadership role in operations teams, serving as a mentor to junior members and ensuring that assigned projects are delivered on time, within budget and to customer satisfaction. Stay technically current with cybersecurity solutions and maintain expert knowledge in designated network disciplines. Serve as a Subject Matter Expert (SME) on assigned Honeywell Solutions or Products for the team. Maintain relevant cybersecurity certifications such as CISSP, GICSP, or similar. Master current industry security standards (e.g., IEC-62443, ISO 27000). Build strong relationships with internal and external customers by providing accurate and efficient technical/engineering support. Diagnose problems and provide timely, accurate technical solutions in response to customer inquiries, questions, and issues. Uphold industrial safety awareness through the completion of pertinent safety certifications.

Work authorisation Needed : US Citizens and Greencard Contract duration (in months)* 6+ Months Implementation Partner: Infosys Provide highly available network based security services to match business needs. In-depth operational experience providing authentication, authorization, and accounting (AAA) services and automated mac authentication bypass functionality are the key components for this role. The candidate will utilize strong communication skills as well as enterprise level understanding of network and security technologies to deliver solutions that are both technically sound and supportable. Responsibilities - Provide Level 2 support consistent with Network data and voice support models - Provide network based authentication, authorization, and accounting services - Implement and support an 802.1x capable network infrastructure - Understanding of PKI / certificate based authentication - Allow Mac Authentication Bypass (MAB) functionality through the use of the Great Bay Beacon appliance - Generation of custom rule sets for accurate profiling and network placement of client systems - Enterprise level experience designing, implementing, and operating the Cisco ACS 5.x platform - Experience with Cisco Firewall, VPN, and IPS/ IDS systems - Recommendations of system changes in support of operational needs and system efficiencies - Generation of technology documentation and diagramming with tools such as MS Word and Visio - Ensure network access control systems meet compliance and auditing requirements - Plan network changes - Resolve network problems - Participate in review meetings as required to support network implementation activities - Provide recovery and restoration of the network in event of a disaster or major incident Security and Controls - Comply and contribute to completing Security and Controls process regarding Network data and voice technologies Technologies: TACACS / Radius, AAA, Firewalls, VPN, Intrusion Prevention Systems, MAC Authentication Bypass, PKI, Dynamic routing, L2 / L3 Switching Equipment: Cisco Access Control Server 5.x, Great Bay Beacon, Cisco ASA Firewall, Cisco IPS Module, NNM, BMC suits, Loglogic, Netscout, RSA EnVision / Splunk Syslog servers, Orion monitoring tools Additional Information All your information will be kept confidential according to EEO guidelines.

Why you'll love this role: As a Software Cyber Security Engineer III with a strong focus on secure software development using Angular, .NET, and SQL Server technologies, you will play a critical role in designing, implementing, and maintaining secure applications while ensuring compliance with industry security standards (OWASP, SOC 2, GDPR, etc.). This is an exciting opportunity for an experienced engineer who is passionate about cybersecurity and enjoys working in a collaborative and fast-paced environment. What You'll Be Doing: Secure Software Development: Design, develop, and maintain secure software solutions by embedding security best practices across the Software Development Life Cycle (SDLC). Vulnerability Assessment & Penetration Testing: Identify and mitigate security vulnerabilities through regular assessments, code reviews, and penetration testing. Security Protocols & Encryption: Implement and improve security protocols, encryption techniques, and authentication mechanisms to protect sensitive data. Incident Response & Investigation: Investigate security incidents, identify root causes, and implement corrective actions to prevent future threats. Collaboration & Mentorship: Partner with product managers, architects, and engineering teams to integrate security requirements into development processes. Mentor junior engineers in secure coding practices. Compliance & Standards: Ensure software compliance with internal and external security standards such as OWASP Top 10, SOC 2, and GDPR. Automation & Tooling: Develop and automate security tools and processes to enhance overall security posture. What you bring: Bachelor's degree in computer science or a related field. Master's Degree preferred. Minimum of 5 years of experience with a bachelor's degree or 3 years with a master's degree in security-focused software engineering roles. Proficiency in Angular, C#, .NET, SQL Server, Web API, NodeJS, JavaScript Expertise in secure coding practices, vulnerability management, and penetration testing. Strong knowledge of cryptography, encryption algorithms, and authentication techniques. Experience with security tools such as Burp Suite, OWASP ZAP, Nessus, Metasploit. Familiarity with cloud security and DevSecOps practices in AWS, Azure, or GCP. Strong understanding of product development life cycles and system-level design. Preferred Qualifications: Master's degree in computer science or related field. 7+ years of experience in cybersecurity and software engineering roles. Knowledge of secure coding standards (OWASP, SANS). Experience with security automation tools and CI/CD integration. Understanding of containerization technologies like Docker and Kubernetes. Knowledge of Windows and Linux-based system configurations. Who we are: KARL STORZ is an independent, family-owned company headquartered in Germany's renowned MedTech manufacturing region. For 80 years, we have pioneered the most groundbreaking innovations in minimally invasive surgery and OR integration to benefit patients and healthcare providers alike. With more than 9,000 associates worldwide and 1,800 in the US, we pride ourselves on harnessing cutting-edge technology, precise workmanship, and unrivaled customer support to help healthcare facilities manage costs, streamline operations, and deliver positive patient outcomes. With onsite locations and field opportunities across the country, we attract a diverse and talented staff, unified by the desire to foster positive change in the world. Because it is not just about the tools we create-it is about the lives we change, together. #LI-NM1

About the Company: Meneses Law is an accomplished law firm with an outstanding track record of providing immigration services with the highest professional standards to our clients. We work with thousands of clients across the United States on Adjustment of Status, Visas, Petitions, Labor Certifications, Citizenships, Deportations, Waivers, DACA Renewals, and Asylum matters. Our headquarters is based out of Houston, Texas and with the expansion to other major cities, our aim is to assist clients to achieve their objectives as placidly and efficiently as possible while minimizing the legal and regulatory risks. The law firm is built on its reputation of providing exceptional customer service delivery coupled with appropriate and outstanding skills, fast turnaround, and the know-how expert of our legal tea Job Summary The Cyber Security Engineer is responsible for designing, implementing, and maintaining robust security measures to protect the organization's data, systems, and networks from cyber threats. This role involves assessing vulnerabilities, deploying security tools, monitoring for potential threats, and ensuring compliance with industry regulations and best practices. The ideal candidate will have experience in penetration testing, vulnerability management, and securing enterprise systems, along with a solid understanding of network security and regulatory compliance. Essential Functions / Responsibilities Security Protocols & Policies: Develop and implement security protocols, policies, and architecture to safeguard organizational assets. Security Tool Configuration: Configure, maintain, and optimize firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and endpoint security tools. Vulnerability Assessments: Conduct regular vulnerability assessments and penetration testing to identify and resolve security weaknesses. Risk Management: Evaluate and mitigate security risks by recommending system upgrades, patches, and secure configurations. Compliance: Ensure compliance with industry regulations and standards such as NIST, ISO 27001, HIPAA, and PCI-DSS. Threat Monitoring: Monitor networks, systems, and applications for suspicious activity or breaches, leveraging SIEM tools and other monitoring solutions. Incident Response: Lead investigations of security incidents, conduct root cause analysis, and implement corrective actions. Incident Response Plans: Develop and execute incident response plans and conduct regular security drills to ensure preparedness. Security Awareness: Promote cybersecurity awareness across the organization, focusing on topics like phishing, social engineering, and password hygiene. Cross-functional Collaboration: Work closely with IT, DevOps, and other departments to integrate security controls into all business processes and platforms. Vendor Management: Liaise with third-party vendors to assess and manage risks associated with external systems and software. Documentation: Maintain accurate and up-to-date documentation of security policies, incident reports, and audit trails. Investigation: Effectively investigate security incidents in a timely manner, in coordination with the Incident Response (IR) team. Reporting: Prepare and deliver detailed daily, weekly, and monthly security reports for executive leadership. On-Call Support: Participate in a rotating on-call schedule to support security operations and incident response as needed. Projects: Lead or contribute to the planning, development, and implementation of assigned cybersecurity initiatives. Perform any other tasks or functions deemed necessary to the daily operations of the employer. Required Skills and Abilities Security Tools Expertise: In-depth knowledge of firewalls, SIEM, antivirus software, and endpoint protection systems. Networking Knowledge: Strong understanding of networking protocols including OSI Model, TCP/IP, DNS, VPNs, HTTP/S, End to End encryption protocols. and other related technologies. Cloud Security: Familiarity with securing cloud environments (AWS, Azure). Scripting Skills: Proficiency in scripting languages such as Python, PowerShell, or Bash for automation and threat detection. Penetration Testing & Vulnerability Scanning: Experience with tools like Rapid7, Nessus, Metasploit, Burp Suite, or Kali Linux for vulnerability scanning and penetration testing. Security Incident Analysis: Ability to analyze security logs from network and system devices to identify and mitigate threats. Frameworks & Standards: Familiarity with cybersecurity frameworks like NIST CSF, CIS Controls, ISO 27001, and understanding of security best practices. Regulatory Compliance: Knowledge of regulatory requirements including HIPAA, PCI-DSS, and their implementation in organizational security frameworks. Problem-Solving & Critical Thinking: Strong ability to analyze complex security problems and provide effective solutions. Communication Skills: Excellent written and verbal communication skills for preparing security reports and presenting findings to both technical and non-technical stakeholders. Adaptability & Learning: Eagerness to stay current with emerging cyber threats, security technologies, and methodologies. Desired Qualifications: Certifications: : One or more industry-recognized cybersecurity certifications such as: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) CompTIA Security+ Microsoft Excel & PowerPoint Preferred: Certified Information Security Manager (CISM) Certified Cloud Security Professional (CCSP) Offensive Security Certified Professional (OSCP) Linux Expertise: Proficiency in Linux, with experience in using Kali Linux for penetration testing and vulnerability analysis. Networking Experience: Hands-on experience with networking protocols and technologies, such as OSI Model, routers, switches, and firewalls. Pen Testing Experience: Proven experience in penetration testing, including conducting red team exercises and vulnerability exploitation. Educational / Experience Requirements: Degree: Bachelor's degree in computer science, Information Security, or a related field. Experience: Minimum of 3+ years of experience in cybersecurity, IT security, or a related field. Experience with securing cloud environments (AWS, Azure) and managing cloud security controls is highly desirable. DevSecOps experience and familiarity with securing CI/CD pipelines is a plus. Job Types: Full-time Compensation: Meneses Law believes in Work Life Balance. Operation hours are from 8 a.m. to 5 p.m. plus 2 Saturdays a month for certain positions. Being hired by Meneses Law as a Cyber Security Engineer means that you will have the opportunity to: Earn salary of $70,000 - $90,000 (depending on experience) Be part of a positive culture Earn individual and team incentives Start an incredible career Benefits for Working at Meneses Law: High Associate Salaries Work with state-of-the-art technology Name Recognition & Prestige Immigration Law Firm Sophisticated, Challenging Work Structured Training Programs Meaningful Career Advancement Opportunities Excellent Benefits (Medical (80% ER contribution, Dental (No-Cost to employee), Vision, Life Insurance (Paid), 2 weeks of PTO, 10 days of paid holidays Work Life Balance Schedule Birthday and Anniversary rewards

Job Description Job Title: Information Security Analyst - Governance, Risk & Compliance (GRC) Level II Job Location: Downtown Houston, TX 77002 *Prospective candidates MUST be located in the HOUSTON, TX area. Job Type: Contract/Full-Time *This contract position has a duration of 6-months. Job Schedule: Mon-Fri 8AM-5PM/Hybrid *Exact hybrid schedule will be determined by direct manager. Job Salary:$52-$54/hour *Depending on experience. This Information Security Analyst- Governance, Risk & Compliance (GRC) Level II role will design and implement a scalable Cloud and Third-Party Cybersecurity Risk Management Framework aligned with NIST, ISO 27001, and other relevant standards. Key Requirements: Develop and maintain risk assessment procedures and questionnaires tailored for cloud services and third-party applications. Define security review workflows for vendor onboarding, contract renewals, and offboarding. Integrate cybersecurity risk activities with procurement, legal, and enterprise architecture processes. Conduct technical and compliance assessments focusing on: Data classification and regulatory alignment (e.g., HIPAA, CJIS, PCI, GDPR) Encryption standards and access controls Review vendor responses to security questionnaires and validate supporting documentation (e.g., SOC 2 reports, ISO certifications, penetration test results). Analyze risks associated with APIs, SaaS integrations, homegrown plug-ins, and third-party application stores. Role and Responsibilities Collaborate with internal stakeholders to define third-party cybersecurity roles and responsibilities. Partner with legal and procurement teams to ensure contracts include appropriate security terms (e.g., data handling, breach notification, audit rights). Provide security guidance to project teams evaluating or implementing cloud-based or externally hosted solutions. Scheduled Milestones and Deliverables Support the development of cloud security baselines and governance controls. Recommend mitigation strategies and track remediation efforts. Evaluate cloud service configurations (e.g., AWS, Azure, Google Cloud, SaaS platforms) for alignment with enterprise security policies and industry best practices. Metrics to be Utilized to Measure the Performance Maintain and update a centralized inventory of critical cloud services and third-party vendors. Develop and present risk dashboards and executive-level summaries to communicate risk posture and assessment outcomes. Track security exceptions, risk acceptance approvals, and remediation timelines across third-party engagements. Participate in governance forums such as the Cybersecurity Review Committee (CRC) and provide input on vendor-related risks. Requirements Education: High School diploma, or G.E.D. equivalency from an accredited educational institution. - Required Bachelor's degree in Computer Science, Information Security, Information Technology, Risk Management, or similar area of study from an accredited college or university. - Preferred Experience: (5)-Five years of work experience in an Information Security, Information Technology, Computer Science, IT Risk Management or related field. Knowledge, Skills, and Abilities (KSAs): Experience designing, implementing, and executing IT Risk Management projects, cloud solutions, cybersecurity governance, and technologies across complex, large-scale environments. Ability to build and maintain strong relationships across departments/teams and effectively communicate information security risks and controls to stakeholders and leadership. A passion for cybersecurity, self-starter mentality, flexibility, and willingness to take on new challenges and ability to thrive in a team environment. Applicants for this position will be subject to a criminal background check that includes being fingerprinted. This applies to any position with network access to Criminal Justice Information Services (CJIS) or access to an area where CJIS is received, maintained, or stored either manually or electronically (i.e., custodian, maintenance). Automatic Disqualification: Convictions, probation, or deferred adjudication for any Felony, and any Class A Misdemeanor Convictions, probation, or deferred adjudication for a Class B Misdemeanor, if within the previous 10 years Open arrest for any criminal offense (Felony or Misdemeanor) Family Violence conviction

Senior Security Analyst FLSA Class: EXEMPT Responsible to: Lead Security Architect The Senior Security Analyst - Compliance will ensuring our organization's adherence to regulatory requirements, industry standards, and internal policies. The Senior Analyst will collaborate across IT, Security, Legal, Engineering, and Business units to monitor compliance posture, support audits, manage security assessments, and strengthen our risk and compliance framework. What You'll Do: * Compliance & Regulatory Oversight * Monitor, assess, and maintain compliance with frameworks such as SOC 2, NIST, and ISO 27001, as applicable. * Support certification, attestation, and regulatory audit activities. * Maintain evidence repositories and coordinate responses for internal and external audits. * Policy & Procedure Management * Develop, maintain, and enforce security policies, standards, and procedures. * Educate employees on compliance requirements and best practices. * Ensure alignment of security operations with company policies and legal obligations. * Risk Management & Assessments * Conduct security and compliance risk assessments across systems, vendors, and business processes. * Support regular vulnerability assessments and penetration testing to identify and address system weaknesses. * Monitor, prioritize, and manage risks from IT and Operational Technology (OT) environments * Track remediation efforts and verify corrective actions are implemented. * Integrate vulnerability scanning tools for live risk scoring * Maintain and manage a centralized risk register tied to controls, with real-time updates. * Security Awareness & Training * Support ongoing compliance training initiatives. * Communicate regulatory and policy updates to stakeholders. * Monitoring & Reporting * Track compliance metrics and prepare regular reports for leadership, IT Security Council, and audit committees, as required. * Monitor security systems, including SIEM tools, EDR, DLP, IPS systems, and other security tools to identify and respond to potential threats in real time. * Support investigations of security incidents, perform root cause analysis, and coordinate remediation efforts to minimize impact. * Maintain and manage updates to policies (e.g. cybersecurity, incident response, disaster recovery) in a centralized, version-controlled repository. * Escalate non-compliance issues and propose remediation strategies. Other Requirements: * Bachelor's degree in Information Security, Computer Science, Risk Management, or related field (or equivalent work experience). * 5+ years of experience in information security, compliance, or risk management, with at least 2 years of experience in a senior or lead role. * Strong knowledge of regulatory frameworks such as SOC 2, ISO 27001, NIST CSF, GDPR, or CCPA. * Experience supporting audits, evidence gathering, and compliance assessments. * Familiarity with GRC (Governance, Risk, and Compliance) platforms (e.g., Drata, OneTrust, Archer, ServiceNow GRC). * Excellent written and verbal communication skills. Nice to have: * Relevant certifications such as CISA, CISSP, CISM, or CCSK. * Experience in cloud security compliance (AWS, Azure, GCP). * Knowledge of third-party/vendor risk management. VoltaGrid is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, sex, marital status, veteran status, sexual orientation, genetic information, arrest record, or any other characteristic protected by applicable federal, state or local laws. Our management team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities, and general treatment during employment.

6+ years of experience in multiple industry risk, control and governance disciplines (e.g. Audit, Business Continuity Planning, and Regulatory Compliance). In-depth understanding of information technology and business continuity principles and best practices across the industry as well as project management principles. Broad knowledge of information and technology risk management policies, methods, standards, tools, and processes (e.g. ISO, COSO, COBIT) as well as knowledge of compliance, legal, internal / external audit & regulatory requirements. Significant expertise in the collaboration, facilitation and coordination of the mitigation of risks. Adept at navigating governance structures. Ability to manage and analyze data. Experience raising awareness of information and technology risk throughout an organization. Understanding of metrics development and reporting. Strong problem solving and program execution skills. Ability to prioritize and drive difficult decisions among business partners. Ability to solve or to collaborate in solving very complex risk issues that span legal, compliance and regulatory obligations across various lines of business and shared service areas of the company. Ability to prioritize and drive difficult decisions among business partners Strong client relationship management experience and influencing skills. Strong interpersonal and oral/written communication skills, able to build relationships with people at all levels. Experience developing and delivering presentations to all levels of management. Strong ability to develop, lead and manage a professional staff. Qualifications PLEASE NOTE: While technical experience is a plus, this is not a technical information security position. It is best filled by someone with information security management or information technology audit experience. This is a leadership position requiring strong communication and analytical skills. Additional Information Job Status: Contract Eligibility: H1B/EAD Green Card/ Green Card/ US Citizens Share the Profiles to ********************* Contact: ************ Keep the subject line with Job Title and Location

Primary Purpose The Sr. Cybersecurity Specialist - OT design and implement systems and processes of Sempra's security functions across operational technologies (OT), ensuring the 24/7 protection of Sempra's assets and data against the dynamically changing threat landscape. The Sr. Specialist -OT is responsible for the design and implementation of security across OT solutions to ensure Sempra's endpoints, servers, networks, and databases are always protected. This position coordinates with lines of business and development teams to ensure security controls are in place from design through deployment. This position works closely with cyber operations to ensure operational technologies are incorporated in functions, such as security monitoring, threat and vulnerability, and incident response. Duties and Responsibilities Delivery & Execution Standards Setting: Provides incident response plans and procedures for foreseeable incidents and continuously update the incident response playbook in line with emerging threats and leading industry standards Develops and maintains incident response, threat and vulnerability, and security monitoring documentation Oversees and leads Cybersecurity Specialists - OT, ensuring the specialists follow incident handling procedures and processes. Project Delivery: Drives the planning, execution, and management of multi-faceted projects related to Cyber security operations center Responsible for the design and implementation of activities related to security monitoring and incident response Oversee OT Specialist participation and ensure OT Specialist provide quality technical and procedural documents. Compliance: Implements OT security operations in accordance with industry standards and practices (i.e. NIST SP 800-82 AND ISO/IEC 62443) Responsible for ensuring assigned projects and activities within the functional areas meet all compliance and architecture standards Ensures proper oversight for solutions and artifacts Ensures re-use through implementation of shared technology assets Value Delivery, Strategy, and Planning Functional Area Strategy Coordinates activities of incident response, threat and vulnerability analysis, and security monitoring for operational technologies to ensure timely detection, prevention, and response to security incidents Coordinates the implementation of requirements and recommendations to OT / critical infrastructure Researches SCADA vendors and CISA advisory documents Works with all business lines to ensure that incidents are quickly identified and remediated and to define recommended threat mitigation actions Participates in business continuity plans in business lines Maintains alignment with IT governance/risk objectives in solution delivery Drives quick escalation and resolution during major incidents; prioritizes actions to ensure maximum protection of company assets and data Provides detailed explanations of security events and their impact on specific parts of the business Train OT Specialists and IT personnel to improve cross-training. Emerging Technology Incorporates areas of IT and OT convergence; works closely with IT to secure technologies Drives continuous improvement across OT Incident response, threat and vulnerability, and security monitoring functions; ensures functions remain up to date with the current threat landscape Drives innovation and identifies emerging technologies to sustain and automate the cyber security operations Drives tabletop exercises with playbooks and pertest Reviews of OT architectures for OT security improvements Collaboration Works with cross-functional IT and enterprise teams to build alignment and model commitment to high performance as “one team” Drives the relationship and communications to across business lines to ensure security is embedded within solutions Performs other duties as assigned (no more than 5% of duties)

Experienced Technologists. Common Sense Approach. Indigo Beam was born of Bluware, Inc. Based in the heart of the Energy Corridor in Houston, TX, since 1986, we have experience solving the business problems of some of the most dynamic and demanding industries with a common sense approach and disciplined focus in using technology intelligently. Our consultants bring to bear a wealth of experience and deep expertise in the Power and Utilities, Oil and Gas, Public Sector and Healthcare industries. Our extensive reference list demonstrates our commitment to our many satisfied clients with whom we have built long-term relationships. Software Innovation to Solve Business Problems We partner with our clients to create innovative mobile, Geographic Information System (GIS) and Web applications they need for the long haul. The results are strategic, technology-driven solutions that are intuitive, scalable, and sustainable. Our custom applications are intentionally designed to work in complete harmony with third-party Enterprise Resource Planning (ERP), content management, and database solutions within client organizations. Job Description SUMMARY The Security Analyst detects, manages and reduces the impact of cybersecurity threats to the organization. They are responsible for proactively managing the security of the network and identifying weaknesses of company infrastructure (software, hardware and networks). ESSENTIAL/ NON-ESSENTIAL JOB FUNCTIONS Investigate security alerts / notifications from SPLUNK Work with the process automation team on cybersecurity initiatives Perform risk assessments and maintain the risk register Utilize Mimecast and ForcePoint for web and email monitoring Review IT small project charters for security risks Assist in the completion of vendor SSAE16's Work with the infrastructure team on mitigating penetration testing findings Plan, implement and upgrade security technical measures and controls Establish plans and protocols to protect data and information systems against unauthorized access, modification and/or destruction Perform vulnerability testing and security assessments Conduct internal security audits / compliance testing Recommend and install appropriate technical tools and countermeasures Define, implement and maintain corporate security policies Provide input into security awareness communications Utilize in-house tools to manage DLP EDUCATION AND EXPERIENCE REQUIREMENTS Required Education and Experience: Bachelor's degree in Computer Science or the equivalent (e.g. Math, Electrical Engineering, Cyber Security, etc.) 5+ years of experience IDS/IPS, penetration and vulnerability testing TCP/IP, computer networking, routing and switching Windows, UNIX and Linux operating systems Network protocols and packet analysis tools Preferred Education and Experience: Degree preferred Data Loss Prevention (DLP) tools, anti-virus / anti-malware tools Firewall and intrusion detection/prevention protocols C, C++, C#, Java or PHP programming languages Security Information and Event Management (SIEM) CERTIFICATIONS CISSP, CCE, CEH, GCFE, GCFA, GCIH, GCIA, CCFE, CPT, CREA, CompTIA A+ would be desirable certifications though other comparable certifications and experience would be considered SUPERVISORY RESPONSIBILITIES Supervises others: No BUDGETARY RESPONSIBILITIES No, but all team members provide input into the annual planning process and tool evaluation/selections TRAVEL REQUIREMENTS No COMPETENCIES · Self-starter who is able to work independently while supporting the needs of the team · Excellent oral and written communication skills · Strong decision making skills · Comfortable interacting with all levels of management Additional Information All your information will be kept confidential according to EEO guidelines.

About the Role We are seeking a Security Analyst to join our Security Operations team. This role is ideal for someone with prior cybersecurity experience who is ready to take ownership of monitoring, analyzing, and responding to security events in a dynamic MSP environment. You will be the first line of defense in identifying potential breaches, escalating incidents, and ensuring our clients remain secure and compliant. Key Responsibilities Maintain, and tune security tools to identify vulnerabilities, anomalous activities, and misconfigurations Monitor, analyze, and gather data for security events, alerts, and incidents to identify threats and anomalies Escalate potential breaches and coordinate with senior analysts for incident response Support security awareness campaigns and phishing defense programs Recommend improvements to tools, processes, and playbooks Develop, implement, and enforce security policies, procedures, and best practices Assist with proactive threat hunting and detection of suspicious activities Qualifications 1-2 years of experience in cybersecurity, SOC, or information security roles Familiarity with attack techniques, endpoint protection, malware behavior, and cloud defense strategies Experience automating repetitive tasks and scripting for analysis or reporting Familiarity with log analysis and query languages Strong communication skills and ability to work in a fast-paced environment Understanding of regulatory and compliance frameworks Preferred Certifications: CompTIA Security+, CySA+, GSEC, or similar

Houston, TX 6+ Months Primary : Mandatory to have good hands-on experience in one or more skills on the below products & technologies Firewalls (Checkpoint, Palo Alto), McAfee SIEM 9.6, McAfee Web Gateway, McAfee Web Reporter, McAfee Email Gateway RSA Token, Proof Point, CyberArc, IDS/IPS, Tufin, Cyber Security. Good to Have Skills: Madient, Assessment, Forescout, Incident Management ITIL: Incident Management, Change management Certifications for Manager: CISSP for SOC Manager/Lead, Security+, CEH Certifications for Analyst: Security+, CEH Please provide: 1. Certificate numbers and Expiry Date Additional Information All your information will be kept confidential according to EEO guidelines.

Ventures Unlimited is a service centric organization. Our success begins with our ability to apply our relationships, leverage technologies, and identify talent - often in combination - to an endless array of real-world customer needs Position : IT Security Engineer Location: Houston, TX Duration: Full Time Job Description : The IT Security Engineer will support all Client personnel, both local and remote, by providing reliable and efficient security support services. Network Security The candidate will report to local management team and work with senior technical architects, leads and SMEs. This position requires strong knowledge in security operations. Candidates should be very experienced in large scale network security design, deployment and support. Work with vendors to resolve problems via ticketing portals and escalating issues to team lead and/or management as needed. Meet with client and partners as needed. Provide regular status summaries and reports to team lead and/or management as required. The successful applicant will be rewarded with a wide variety of technologies to master along with a closely-knit, enthusiastic team and plenty of room to grow their career within the division or within other divisions of Wipro as appropriate. Perform application and infrastructure security vulnerability assessments. Research and respond to identified security vulnerabilities. Assume rotational 7x24 on-call duties with other team members. Respond to client requests and other project tasking as needed. Qualifications, Skills & Education Required: • Good communication, presentation and interpersonal skills • Bachelor's degree in a technical field (engineering, sciences, etc.) from an accredited college/university or additional 5 years of overall security experience • Must have a sound knowledge and change management experience on ITIL V3 • Strong Networking background combined with Strong Security • Must have ability to support flexible schedule in support of 7x24 staff. • Relevant certifications such as GSEC, CCSA, CCSE,CISSP, etc. • Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), SIEM, antivirus, antimalware, antispam and unified threat management (UTM). • Must be well versed in TCP/IP, IPSec, SSL, PKI, VLANs, system hardening, and troubleshooting. • Experience with application and infrastructure security auditing processes. Thanks & Regards Rahul Kumar Ventures Unlimited Inc. Tel: ************ Ext - 157 / Mobile : ************ Additional Information Contact "Rahul Kumar " for more details at ************ Ext:157

Description About Us: By combining a rich legacy in the power and gas compression space with pioneering technology, INNIO brings our customers affordable, reliable, and sustainable energy solutions for today-and tomorrow. We are helping to meet today's energy needs with 64 GW of installed capacity and 48,000 of our powerful Jenbacher and Waukesha engines, which can be found in more than 100 countries. And, by harnessing our history of energy industry firsts along with the power of digital innovation, we will continue to deliver for the future. Welcome to a World of Innovation and Inspiration! Welcome to INNIO!Work Structure: The Information Security Engineer will be based at our Houston, TX office in a hybrid capacity, with a combination of onsite & remote workdays. Occasional travel to data centers or branch offices as needed in the US, Canada and/or Mexico. Position Responsibilities: The Information Security Engineer will focus on incident response & automation including coordinating day‑to‑day incident handling with internal teams and SOC Provider: triage, scoping, containment, recovery, and documentation. Maintain and improve response playbooks, runbooks, enrichment pipelines, and case workflows; ensure consistency and auditability. Prioritize and deliver automation for high‑volume tasks (enrichment, correlation, evidence collection, notifications, containment actions). Tune alerts and data pipelines to improve signal‑to‑noise and reduce manual touches; track and report on detection/response quality metrics. Translate incident lessons into preventive controls and configuration changes (identity, endpoint, AD, cloud) in partnership with platform owners. Keep risk records and asset mappings up‑to‑date; link incidents to risks, treatments, and control improvements. Prepare audit evidence and contribute to policy/procedure updates to sustain ISMS compliance. Mentor analysts on triage methods, documentation quality, and safe automation practices; participate in tabletop exercises. Minimum Requirements: 4+ years in incident response or security engineering with measurable improvements to detection/response and workflow automation. Proficiency with enterprise security tooling (e.g., EDR/MDR, log analytics/SIEM, identity/AD, M365 security) and case management platforms. Scripting/query ability for automation and investigations (e.g., Python, PowerShell, KQL/SPL/SQL‑like). Experience operating within an ISMS and supporting ISO 27001/27005 processes and audits. Strong cross‑functional communication and documentation skills. Preferred Skills: Designing automation backlogs and value tracking (time saved, error reduction, MTTR impact). Exposure to risk tooling (ServiceNow IRM or similar) and control mapping (e.g., MITRE ATT&CK). Hardened identity/endpoint/AD change implementations and validation via purple‑team/attack simulation. Certifications such as GCFA, GCIA, GCIH, Azure Security Engineer, Microsoft Security Operations Analyst, or equivalent. INNIO offers a great work environment, professional development, challenging careers, and competitive compensation. INNIO is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender (including pregnancy), sexual orientation, gender identity or expression, age, disability, veteran status or any other characteristics protected by law.

Job Details Deer Park - Deer Park, TX Full TimeDescription Shift Hours: M-W & F 8:30 AM - 5:15 PM TH 8:30 AM - 5:45 PM and On-Call The Information Security Analyst is responsible for working with and providing support to the ISM and IS&T Team in maintaining security best practices and regulatory requirements. Essential Job Duties and Responsibilities Consistently meet all Shell FCU Service Commitments; Shell FCU Employee Creed and Shell FCU Service Distinctions Accountable to maintain knowledge of and comply with all applicable rules and regulations required within the scope of duties, including, but not limited to, the Bank Secrecy Act Required to attend annual training sessions as instructed or scheduled. Perform job duties and responsibilities in compliance with Shell FCU policies, procedures, philosophy, and standards of performance. Assist security team in identifying current security and compliance requirements and recommend security solutions or actions. Assess network threats such as computer viruses and malware, perform vulnerability assessment in support of penetration analysis, operate host and network intrusion/prevention programs, administer access/ monitoring of critical systems, review critical system logs, identify, and document unique local threats/vulnerabilities and recommend remedial action. Work with ISM/Network Team security standards and practices to install, design, configure and maintain security applications that protect against malware, encrypt information, and ward off hackers and other bad actors. Maintain the security and health of the network from misuse through neglect, lack of training, or malevolence from internal and external sources. Monitor programs and processes that keep outsiders from gaining access to Shell FCU private networks and data. Prepare for and provide rapid response to security threats such as virus, worms, or other malicious attacks. Assist in the preservation, identification, extraction, and documentation of evidence stored in computers. Perform log reviews on a predefined basis, to detect anomalous activity. Perform network vulnerability scans and make recommendations based on findings. Conduct forensic analyses when necessary. Utilize cybersecurity tools to periodically test the corporate environment and verify end user best practices to maintain strong security practices. Work with IS&T staff to continually review and maintain security hardening standards within newly deployed systems, codes, updates, upgrades, or patches. Assist in patch management and firmware updates to maintain optimal levels of security. Support anomaly detection and trending tools to provide in-depth analysis of events detected by these applications. Included in this position will be the overall maintenance of the environments, configuration upgrades and tuning, incident response escalations, and 1st level NOC support for all alerts detected. Respond to network security incidents through remediation efforts including implementation of a secure infrastructure, the secure repair of technology components and assist in the development of incident response and recovery processes. Support IS&T staff on security-related projects including design, configuration, deployment and maintenance of policy enforcement tools, techniques, and reporting. Participate in business continuity / disaster recovery planning and Change Management / Change Configuration processes and reviews. Effectively communicate security information gathered from security tools, logs, evolving risks, and reported incidents by employees, to management or security teams. Perform additional duties, as assigned. Shell Federal Credit Union is an equal opportunity and an affirmative action employer and committed to providing equal opportunity for all employees and applicants for employment, without regard to race, religion, color, sex, sexual orientation, gender identity, national origin, age, citizenship status, marital status, protected veteran status, mental and/or physical disability, pregnancy, or any basis prohibited by State or Federal law. Qualifications To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Knowledge and Skills Experience: Three or more years' strong Windows and Windows Network administration, database systems and network connectivity skills. Three or more years' experience performing security related tasks for a medium to large enterprise. Education / Training: Two-year degree; Cybersecurity degree and/or equivalent related experience or certification. Two or more years' systems development, information security, PC support and network/systems administration experience. Current, Industry standard recognized certification in information security (ex: Security+, CEH certification) Good knowledge/experience working with following products a plus: Windows Server Technologies, Cisco Routers/Switches/Firewalls, Websense, Symantec Endpoint Protection, IDS/IPS, Cisco CSA, Windows Active Directory Infrastructure, Linux based systems, Kali Linux, Threat Hunting, Honeypots, Wireshark, NESSUS, Penetration Testing Tools, Dell KACE, working knowledge of Python. Job Requirements: Knowledge of credit union products and services Positive, welcoming, and helpful demeanor Must be able to communicate information technology and security procedures and requirements to users and key Management. Must possess functional knowledge regarding regulatory issues pertaining to security in a financial institution. Must have strong analytical and problem-solving skills with the ability to clearly present and communicate technical and management concepts. Advanced computer skills Must possess professional verbal communication skills. Position requires participation in on-call rotations as needed or assigned. Position will at times require participation in after-hours or weekend work. Must be prepared to participate in Disaster Recovery, Business Continuity, or Incident Response scenarios. Ability to multitask in a fast-paced environment. Ability to handle workloads during emergencies or stressful time sensitive situations. Ability to work in open-concept workspace/environment. Physical Demands: While performing the duties of this job, the employee is regularly required to bend and stand. May at times be able to lift, carry and/or move up to 15 pounds. Working Conditions Exposure to potential hazardous conditions-robbery. Employees are to receive detailed instructions and procedures to be followed to minimize risk. In accordance with the American with Disabilities Act, it is possible that requirements may be modified to reasonably accommodate disabled individuals. However, no accommodations will be made which may pose serious health or safety risks to the employee or others or which impose undue hardships on the organization. This is not a complete statement of all duties and responsibilities comprising this position. Job descriptions are not intended and do not create employment contracts. The organization maintains its status as an at-will employer. Employees can be terminated for any reason not prohibited by law. This organization uses E-Verify in its hiring practices to achieve a lawful workforce.