Cyber Security Analyst Jobs in Struthers, OH

A growing Columbus client has retained us to identify a Cyber Security Analyst. The ideal candidate aligns with the responsibilities and qualifications outlined below. Responsibilities: Monitor security systems and tools for signs of unauthorized access, security breaches, and other suspicious activities. Conduct in-depth analysis of security alerts and incidents to identify patterns and trends indicative of cyber threats. Investigate security breaches and incidents promptly, determining the root cause and implementing corrective actions. Perform regular vulnerability assessments and penetration testing to identify weaknesses in systems and applications. Monitor network traffic for unusual activity and potential security threats. Develop and maintain security incident response procedures to ensure effective response to security incidents. Enforce security policies and procedures to ensure compliance with industry standards and regulations. Assist in the development and maintenance of security documentation, including policies, standards, and guidelines. Qualifications: 4+ years in cyber security roles, with a focus on threat detection, incident response, and vulnerability assessment. Strong knowledge of networking protocols, security architectures, and tools used for penetration testing and vulnerability scanning. Familiarity with security frameworks such as NIST, ISO 27001, or CIS Controls. Proficiency in security technologies such as firewalls, intrusion detection/prevention systems, and endpoint security solutions. Analytical mindset with the ability to analyze and respond to security events and incidents effectively. Ethical and professional integrity, with a commitment to maintaining confidentiality and data privacy.

Discover where good grows at Bob Evans Restaurants! We have an exciting opportunity to join the IT team as a Cybersecurity Analyst. This position is a hybrid remote role requiring a minimum of 3 days a week in our New Albany, Ohio restaurant support center. Apply today if you are seeking a robust and fulfilling cybersecurity position. IT Cybersecurity Analyst POSITION REPORT TO: Sr. Director of Cybersecurity & Infrastructure POSITION LOCATION: Bob Evans Restaurant Support Center, New Albany, Ohio Statement of Purpose: The IT Cybersecurity Analyst will oversee the IT cybersecurity elements related to PCI 4.x, Sarbanes-Oxley (SOX), as well as internal audits and assessments. This position is responsible for various critical aspects of cybersecurity, including not limited to ensuring compliance with regulatory requirements, conducting training sessions to educate employees on cybersecurity best practices, running simulations to prepare for potential security incidents, responding effectively to any cybersecurity breaches, and actively hunting for threats within the organization's network. Other responsibilities include enhancing the cybersecurity posture of the organization by implementing robust security measures, identifying vulnerabilities, and developing strategies to mitigate risks. Accountabilities Lead and manage our annual PCI 4.x compliance efforts, including audits and gap remediation. Work cybersecurity incidents and address exposure daily inside of Microsoft Defender 365, Sentinel SIEM solution, and Microsoft Purview. Utilize Microsoft Purview to manage DLP, Information Protection, Classification, Retention, and Information barriers in Microsoft 365 and Azure database/lakehouse and storage accounts. Collaborate with peer IT teams as they develop new features and address security requirements. Your extensive technical expertise will assist them in designing solutions resilient to current and future threats. Execute architecture, code, and application reviews to identify vulnerabilities. Work closely with each team to promptly and effectively resolve any identified issues. Oversee SOW completion, costs, and invoice resolution for assigned audits and security projects. Knowledge A solid understanding of IT and cybersecurity architecture throughout the systems development lifecycle, including cloud security, requirements development, implementation, and maintenance. Proficient in cloud computing platforms encompassing IaaS, PaaS, and SaaS delivery models. Key technologies include Azure Applications, Firewalls, Microsoft365, Cloud Access, Private Access, and Conditional Access. Knowledgeable in system security exposure, vulnerabilities, and remediation techniques. Exceptional written and verbal communication skills, with the ability to present complex technical information clearly and concisely to diverse audiences. Demonstrates initiative and self-motivation to advance initiatives despite ambiguity and incomplete knowledge Strong sense of ownership, urgency, and drive. Proven teamwork skills and resourcefulness. Education/Experience Bachelor's degree in Cybersecurity, MIS, CS, or related field, or equivalent work experience. Solid understanding of MS Defender 365, Endpoint Security, MS Sentinel, and Purview. Certification in progress or completion in Azure Security, CISSP, CCSP, or SSCP. Experience responding to security incidents, risks, and developing mitigation plans for Microsoft Azure tenants and cloud-managed devices. Experience in security architecture, including the design, implementation, support, and evaluation of security-focused tools and services. Experience using threat modeling or other risk identification techniques. Experience in customer-centric/retail IT is preferred. Travel Requirements: None

As a Program Security Specialist, you will be responsible for identifying, analyzing, and mitigating threats to AFRL systems and networks. You will work with a team of security professionals to develop and implement strategies to protect against cyberattacks and other security threats. You will also be responsible for staying up to date with the latest security trends and technologies and for conducting ongoing assessments of the DoD's security posture. Process and maintain Data Loss Prevention external media waivers for NIPR and SIPR networks and assist non-waivered SIPR users with downloading data to external media. Request the provisioning of SIPR user accounts and assist those users with re-enabling and re-provisioning issues. Gather artifacts from the Program Managers of various divisions and branches within the Aerospace Systems Directorate to process Risk Management Framework packages for IATTs and ATOs. Perform investigations and compile reports of Trellix malware incidents occurring on the Defense Research and Engineering Network in accordance with the basic steps of incident response (containment, eradication, recovery, post-incident activity). Perform investigations and compile reports of Classified Message Incidents in accordance with the basic steps of incident response (containment, eradication, recovery, post-incident activity). Reconcile Keyboard-Video-Mouse (KVM) switch user agreements with the 88th Wing Cybersecurity Office's records. Requirements Familiarity with Windows Active Directory Familiarity with NIST Risk Management Framework Familiarity with trouble ticket applications (BMC Remedy, SolarWinds) Basic understanding of networking concepts Basic understanding of security controls Active Secret clearance (or above) Active CompTIA Security+ (or DoD 8570 equivalent) Must be able to lift and carry up to 25 pounds with or without accommodation. Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Elsevier employs 9,200 people worldwide, including over 2,500 technologists. We have supported the work of our research and health partners for more than 140 years. Growing from our roots in publishing, we offer knowledge and valuable analytics that help our users make breakthroughs and drive societal progress. About the role: You will be entrusted as the senior most technical member of incident response handler for our global information security organization About the team: This global team supports the Information Security department's goals and objectives by addressing escalations, and evaluation of technology controls providing key insight and research in new threats, exploits, and mitigation techniques Key Responsibilities: Help improve the resilience and readiness of security protection and mitigation technologies and processes which ensure the confidentiality, integrity, and availability of the organization's assets, information, data, and IT services in an efficient manner. Develop and execute security incident response plans, conduct cyber forensic investigations on physical endpoints and cloud platforms, independently lead the full life-cycle of incident response investigations of all reported security incidents. Develop comprehensive incident reports and investigation summaries. Develop and collect intelligence to proactively detect and identify high-confidence threats to the brand, service infrastructure and enterprise users and systems. Responsible for analyzing/validating security control requirements and tuning, defining the mitigation rules, scripting and performing changes or mitigating attacks, and assisting with troubleshooting support related to any issues which may arise from security detection or protection technologies. Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team's effectiveness. Lead analysis and review security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats. Requirements Advanced knowledge of security of cloud agnostic infrastructure. Ability to conduct forensic and incident response investigations. Understanding of incident response and risk mitigation workflow and planning. Analysis of security events for anomalous activity. Identification of emerging security threats. Able to develop and implement security improvement and remediation programs. Vulnerability assessment, exploitation techniques, malware reverse engineering, threat analysis, and security threat and incident reporting. Investigation and navigation in Cloud and Web-based environments. Licensing/certification required (at least one of the following): CCFE, GCFE, CISSP, CISM, SANS, GIAC, ISACA, CSRIC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification

. Hybrid work schedule in Chantilly, VA. or Columbus, OH. Must have Active Secret Clearance willingness to obtain a TS/SCI clearance. Business Development (Cyber Engineer) Columbus, OH. (3 days Hybrid onsite) A minimum of 25% travel. It could be up to 60% at times depending on demand. Principal Cyber Engineer - Chantilly, VA office with flexibility to work from our Columbus, OH main offices. Periodic travel to Columbus, OH, especially during the proposals, may be necessary. This position reports to the Cyber Solutions Division Manager. As a Principal Cyber Engineer, Portfolio Growth, you will play a crucial role in bridging technical solutions with business needs. You will be responsible for capturing and executing contracts across federal and commercial markets. This position requires strong leadership and coordination skills to manage project teams in a matrixed organization. Responsibilities Program Management Define project/program requirements, identifying all elements of cost, schedule, and technical performance. Assess the impact of scope, schedule, and budget change requests on the task and take requisite action. Provide input on the required skill set mix necessary to execute major programs. Prepare and deliver presentations to internal management and external customers, providing reviews and updates on technical aspects, cost, and schedule. Actively manage risk using risk management fundamentals and terminology. Monitor the use of Earned Value Management (EVM) analysis by managers to make responsible decisions about the performance of subcontractors, partners, and others. Assess the program impacts of scope, schedule, and budget change requests and ensure that the requisite action is taken. Establish program performance metrics that ensure control of program execution and adherence to the strategic business plan. Proactively communicate with customers to ensure they are an integral part of the project for clarification of requirements and regular assessment of implementation progress. Build client relationships to sustain and expand business opportunities; strategically identify high growth/value opportunities. Manage or coordinate third-party activities, both external and internal. Business Development Demonstrated understanding of capture processes to win new business Translating the technical approach into the program's schedule and budget. Ensure timely development and delivery of compliant, responsive, innovative, and integrated technical solutions and management approaches that are competitive, cost-effective, and vetted with the customer prior to RFP release. Establishing review procedures to ensure that proposed technical work can be accomplished as described within proposed cost. Coordinating the selection of proposal team member organizations (strategic partners, sub-contractors, universities, divisions, etc.) and the efforts of the proposal team. Mentoring & Leadership Serves as an influential coach/mentor to technical and professional staff alike Contributes input to the business unit strategic planning process Prepares and presents presentations to internal and customer senior leadership to provide reviews and updates on technical aspects, cost, and schedule. Ensures that programs and projects conduct safety assessments. Establishes guidelines for ensuring that adequate workplace safety measures that increase staff safety and foster a healthy work environment Drive development of technical capabilities, including identifying new areas to develop, areas to shape out of, and help see client's strengths and weaknesses Participate in investment discussion for research, capital, and training Develop and maintain relationships with key technical leaders to foster project collaboration opportunities, technical skillset development, and technical quality Key Qualifications Education & Experience Bachelor's Degree in Computer Science, Computer Engineering, Electrical Engineering, or other related field to Cyber; or an equivalent combination of education and or experience in a related field Prefer a masters or PHD but not required. At least 12 years of experience demonstrating progressive responsibility in business development, program management or technical management Technical Execution Track record of leading the technical design and execution of reverse engineering, vulnerability research, or other CNO related projects Seasoned experience in the full lifecycle of projects (requirements, design, research/engineering, test, documentation, and maintenance) Ability to speak to customers at varying levels of technical knowledge to relate value propositions to their mission Capture and Proposals Demonstrated ability to grow the scope of programs through on-contract growth Multiple examples of leading the entire technical solutioning and written volume for competitive proposals Administrative Ability to travel up to 25% of the time Active SECRET clearance with willingness to obtain a TS/SCI clearance Preferred Qualifications Experience acting as a dual-hatted senior engineer and program manager for Cyber projects Material participation in multi-year capture efforts Active TS clearance with SCI eligibility. Helpful to have experience in any of the areas below: Demonstrated expertise with debuggers Demonstrated expertise with dynamic and static binary analysis, and source code audits Demonstrated expertise with network protocols Demonstrated expertise with reverse engineering tools (e.g., IDA Pro, Ghidra, Binary Ninja, objdump, etc.) Experience searching and finding vulnerabilities in complex software. Demonstrated expertise in VR task automation (e.g., IDA and/or Ghidra scripts) Demonstrated fuzzing experience Highly experienced with reverse engineering compiled programs (C/C++) Highly experienced in reading common assembly languages (x86, x86-64, ARM) Experience developing in scripting languages (Python) Experience with debuggers and decompilers (gdb, Binja, IDA Pro) Experience with Android or Linux kernel vulnerability research and development Develop software to run in user-mode or kernel-mode Strong understanding in reading assembly language and using debugging tools Experience with a disassembler for vulnerability research (Ghidra, IDA Pro, Binary Ninja) Experience with one or more assembly languages (x86, x64, ARM, MIPS, PowerPC, etc.) Experience with one or more debuggers (WinDbg, OllyDbg, Gbd) Experience with vulnerability research on one or more operating systems: Android, iOS, Windows, Linux, MacOS, VxWorks, Knowledge of advanced exploitation techniques (ret2libc,use-after-free, type confusion) Knowledge of exploit protection techniques (DEP, ASLR/NX) Ability to code in C Understanding of network protocols

We are looking for a: Cyber Security Engineer Working with product development teams, this role will need to understand systems and software integration, manage the cybersecurity process, prototype, and integrate solutions in the railway sector. The resource will be responsible for: To review, evaluate and implement Cybersecurity solutions Knowledge of C/C++ and Linux To design and develop cyber architecture standards Monitoring the cyber threat landscape in order to rapidly identify potential threats and risk assessment; Assisting in ensuring measures and procedures used at network nodes support the security integrity of the network and comply with applicable directives Technical requirements: Understanding of system and network security Familiarity with Cryptography Algorithms, Security Software Libraries Familiarity with Penetration testing and/or Fuzz testing techniques Familiarity with information security best practices Minimum Education Bachelor's Degree in Computer/Electrical Engineering or equivalent. Location : Pittsburgh, PA Benefits offered by Teoresi, Inc. Teoresi, Inc. provides the following company insurance policies: Health, Vision, Dental, Life, Long Term Disability (LTD) and Short Term Disability (STD). Other benefits offered include 401(K) plan, Flexible Spending Account (FSA), Vacation, Sick paid leave and Holidays. We are happy to receive your application! 😀 We also inform you that, by sending your application, all your data will be processed in accordance with our privacy policy, which you can view at the following link ********************************************************

Full Time On Site in Pottstown, PA Hours 8am-5pm Monday-Friday Salary $80-100k based on experience + benefits COMPANY INFO With 25 years of experience, the company is in it for the long-haul. We provide every professional IT service you will need to keep your business moving forward. Our IT solutions are available nationwide with local technicians ready and waiting to help you with any issue you might have. With services and technicians available 24 hours a day, 7 days a week, and 365 days a year, we are truly IT's best friend. We believe that adding a personal touch to each client call is the secret to a successful business relationship. When you work with us, you won't be dealing with subcontractors who don't understand the nuts and bolts of our company. Each technician is a employee, so we can guarantee our high level of service on every call. When you need a technician, someone will be out to see you within 48 hours of your initial call. CORE VALUES Client First: We prioritize our clients by delivering white-glove service, ensuring they receive the highest level of care and attention. Every interaction is guided by respect, empathy, and a commitment to exceeding expectations. Work Ethic: We believe in giving our best every day. Our team is driven, dedicated, and always striving for excellence in everything we do. Communication: Clear, honest, and proactive communication is key to our success. We foster an open environment where information flows seamlessly between clients, colleagues, and leadership. Teamwork: Collaboration is at the heart of our culture. We support one another, share knowledge, and work together to achieve our goals, creating a positive and productive workplace. Reputation: Our dedication to excellence has earned us outstanding reviews and referrals. We take pride in maintaining a strong reputation built on trust, quality, and client satisfaction. Professionalism: We represent ourselves and our company with the utmost professionalism at all times. From our appearance to our interactions, we uphold the highest standards of integrity and respect. The Cyber Security Engineer provides and supports all the company clients' network security systems and data from cyber attacks, also monitoring and completing other security tasks to company standards. ESSENTIAL JOB FUNCTIONS Maintain excellent client service as the driving philosophy of the company System hardening - implement security configuration on servers and networks to minimize attack surfaces Security awareness training - educate company employees and clients with best practices and safe computing habits Data encryption - develop and adopt encryption protocols to protect sensitive data at rest and in transit Penetration testing - show how secure our clients are and identify where the vulnerabilities are. Vulnerability assessment - run network and system scans to identify potential weaknesses and security gaps Incident response - investigate and respond to any prospective or actual infiltration and/or breach encountered by the company and/or its clients, including malware infections, unauthorized access and any type of data breach Security architecture design - create and implement security strategies, including access controls, intrusion detection systems and all firewall configurations and rules Threat analysis and reporting - monitor emerging cyber threats and trends to identify or detect possible risk, with document reporting Security policy enforcement - develop and enforce security practices and policies to ensure compliance with IT industry standards QUALIFICATIONS SonicWall, Fortinet, and Meraki firewall experience Ability to script and automate security tasks Ethical hacking skills, to better understand loopholes an attacker will use Knowledge of network protocols and encryption technologies Excellent problem-solving skills Excellent written and verbal communication skills Bachelor's degree in computer science, cybersecurity or similar field CompTIA security is a plus 3+ years of network security experience required Demonstrate the ability to anticipate and solve technical/security problems or resolve issues CEH preferred CISSP preferred BENEFITS Eligibility to participate in our Major Medical/Prescription Plans, Dental and Vision the first of the month following sixty days of employment. Earn a maximum of up to 10 days of Paid Time Off (PTO) per year accrued within the first service year. PTO cannot be used during the first 90 days of employment, but it begins accruing as of the hire date. Upon completion of the first year, an additional 2 days of PTO begins accruing that next year and each year thereafter. Upon completion of the first year of service, an employee receives his/her birthday off, paid--or another day within one week of his/her birthday. The company observes six (6) company holidays: New Year's Day, Memorial Day, Independence Day, Labor Day, Thanksgiving, and Christmas. New employees are not paid for any such holidays falling within his/her 90-day probationary period. Employees are eligible to participate in additional voluntary benefits such as Term Life, AD&D, Short-Term Disability, and Critical Illness. They have the option to enroll in such plans either through ADP TotalSource at the time of hire, or after 60 days through Colonial Life. Employees are eligible to participate in the company's 401K plan after completing six months of employment (as long as the employee is at least 21 years of age). The company is currently matching dollar for dollar up to a maximum of 4% of the employee's annual salary.

DR is seeking a dynamic and analytical Information Security Analyst to join one of our top clients in Mason, OH. If you are looking for an opportunity to join a large organization and work within a team-oriented culture, please apply today! Position Overview/Responsibilities for the Information Security Analyst: Manages, configures, and updates security systems, including SIEM, IDS/IPS, firewalls, endpoint protection, proxies, email security, web portals, and Data Loss Prevention (DLP). Investigates phishing emails and malware threats, coordinating with support teams for containment, remediation, and recovery. Safeguards confidential data, systems, and facilities to ensure security and compliance. Develops and enforces IT security policies, procedures, and best practices. Stays informed on emerging cyber threats and vulnerabilities, adapting security procedures as needed. Maintains expertise in core operating systems, applications, networking, and security frameworks. Ensures compliance with regulations such as ADA, HIPAA, HITECH, PCI, PII, HITRUST, and ISO 27002. Executes approved IT security service requests in accordance with standard protocols. Promotes IT security awareness and best practices across the organization. Required Skills for Sales Analyst: 2-5 years of experience in IT or IS Experience with major standards such as: SOC 1-2, ISO 27001/2, PCI DSS, HITRUST, SANS, NIST Demonstrated experience in implementing compliance frameworks for financial services organization or organizations with similar information security needs and requirements Familiarity and understanding of broad range of IT hardware and software products Strong project management skills Experience managing typical enterprise security and intrusion detection systems Bachelor's degree computer science, IT or equivalent What's in it for you? - Competitive compensation package - Full Benefits; Medical, Vision, Dental, and more! - Opportunity to get in with an industry-leading organization - Close-knit and team-oriented culture Why IDR? - 25+ Years of Proven Industry Experience in 4 major markets - Employee Stock Ownership Program - Medical, Dental, Vision, and Life Insurance - ClearlyRated's Best of Staffing Client and Talent Award winner 11 years in a row

*Hybrid in Pittsburgh, PA* We are looking for an expert to manage and support Mainframe Security Environments, with a heavy focus on RACF, ACF2, and TopSecret. The successful candidate will have proven experience managing and enhancing such environments. This is a contract to hire opportunity. Applicants must be willing and able to work on a w2 basis and convert to FTE following contract duration. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance. Rate: $60 - $70 / hr. w2 Responsibilities Manage and support the mainframe security environment, focusing on RACF, ACF2, and TopSecret Enhance security setups for existing products and engineer solutions for new products Support and maintain third-party and in-house security management solutions Evaluate current security setups, identify gaps, and recommend improvements Collaborate with various teams to resolve security and system vulnerabilities Provide necessary information and support during audits Experience Requirements Key Technical Skills: Experience supporting mainframe security environments, focusing on RACF, ACF2, and TopSecret Soft Skills: Strong communication skills Effective teamwork and collaboration Problem-solving and analytical thinking Attention to detail Ability to work independently and manage time effectively Additional Requirements: Experience in mainframe security environments Ability to work with cross-functional teams Strong understanding of security best practices and compliance requirements Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range. W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality. Please be advised- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an Eliassen.com email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact ********************. Job ID:

Our healthcare client is hiring an Information Security Principal Engineer for a 6+month contract. Demonstrates specialized & comprehensive knowledge in Information security management practices, disciplines, regulations, industry standards, related frameworks, project management principles, and methodologies, security engineering concepts, security operations model; industry standards around architecture principles. Demonstrates exceptional skills in managing multiple projects and priorities in order to meet strategic goals and timelines. Exhibits the ability to plan, manage and implement highly complex enterprise architecture and security implementations, enhancements or modifications that require in-depth knowledge across multiple technical areas and business segments. Exhibits exceptional understanding of emerging regulatory and healthcare issues in order to develop internal and external checks and controls to ensure proper governance, security and quality of information assets. Demonstrates exceptional troubleshooting and collaborative skills required to identify, analyze and resolve complicated security issues. Demonstrates advanced proficiency in creating detailed documentation, perform budget planning and oversight, and providing input on infrastructure strategic planning, technology standards, and information security and risk practices. Required Experience: At least twelve (12) years industry related experience, including experience in one to two IT disciplines (such as technical architecture, network management, application development, middleware, information analysis, database management or operations) in a multi-tier environment. At least six (6) years experience with information security, regulatory compliance and risk management concepts. At least three (3) years experience with Identity and Access Management, user provisioning, Role Based Access Control, or control self-assessment methodologies and security awareness training. Experience working with Managed Security Service Providers (MSSPs) and Cloud providers. Demonstrates comprehensive knowledge and understanding of Information security principles, general and IT controls General understanding of networking and communication techniques including WANs, LANs, Internet, Intranet, protocols, such as TCP/IP and their impact on security. Knowledge of basic database query techniques & data mining to analyze data or other related database functionality. Knowledge of Microsoft Active Directory, UNIX, and Clinical Applications. Experience implementing application level security in clinical and financial systems (e.g., Epic, Lawson) CISSP certification

IT Security Engineer at hMetrix Join us at hMetrix and play a crucial role in safeguarding sensitive healthcare data and ensuring the security of our innovative data analytics solutions. As an IT Security Engineer, you will be instrumental in maintaining our HITRUST and HIPAA compliance posture, while also designing, developing, and optimizing our SIEM and SOAR capabilities. You will collaborate closely with IT, development, and compliance teams to build and maintain a secure and compliant system infrastructure that protects our clients and their data. Your success will be measured by the effectiveness of our security controls and the efficiency of our incident response processes. Key Responsibilities Ensure security controls align with HITRUST and HIPAA Frameworks. Assist in policy and procedure development. Verify IT-related policies, procedures, and standards are current and aligned with control requirements. Contribute to the preparation and execution of audits. Participate in security reviews and assessments, assist in identifying and mitigating security vulnerabilities within our analytic applications. Ensure that security considerations are integrated into the application development lifecycle (SDLC). Contribute to the improvement of application security by implementing automated security checks within the software deployment pipeline. Collaborate with IT and development teams to implement secure configurations and practices across our cloud and on-premise environments. Contribute to the strategic direction and ongoing optimization of our SIEM/SOAR platform (Google SecOps). Design, develop, and implement SOAR playbooks to automate incident response workflows and security tasks. Ensure the SIEM/SOAR environment is configured to efficiently collect and retain necessary evidence for security investigations and compliance purposes. Identify common hardware, software, network, or system problems and research solutions to engineer efficient solutions to recurring issues. Effectively communicate security-related information to technical and non-technical audiences, including senior leadership. Qualifications & Technical Skills Essential: Bachelor's degree in related fields such as Computer Science, Information Security, Computer Engineering (or equivalent experience) Minimum five years of relevant experience in an IT security role with a focus on security operations and compliance Experience with cloud security in GCP and/or AWS environments. Experience with Microsoft Intune or another enterprise MDM solution. Experience with automation and scripting languages such as Python, PowerShell, and Linux Shell Experience with SIEM and SOAR platforms Desirable: Relevant security certifications (e.g., Security+, CISSP, etc.) Familiarity with HITRUST, CSF, and HIPAA Security Rule requirements Experience with enterprise Microsoft and Linux infrastructure Experience in firewalls, intrusion detection systems, and endpoint security solutions Excellent written and verbal communication skills Benefits Competitive salary with an annual bonus. Fully vested 401(k) plan with employer match. Fully paid medical, dental, and vision benefits for employees and dependents. Opportunities for growth with continuous mentorship and peer support. About hMetrix “hMetrix is the most flexible and responsive analytic vendor we have ever worked with. They have a deep understanding of our work, making our relationship much more effective than any other we've experienced.” For nearly two decades, hMetrix has been at the forefront of healthcare analytics, partnering with providers, payers, HIEs, and state entities. Our work spans robust data collection, scalable integration, data science, and intuitive visualization. We are committed to solving real-world healthcare problems through data-driven innovation. At hMetrix, we define problems collaboratively with our clients and tailor data resources and technologies to meet their needs. Our participatory work style ensures accurate, relevant results and efficient, scalable resource utilization. Our team's recent achievements include: Serving as health care subject matter experts to support local policy initiatives to improve care coordination and reduce health care expenditures for over 2 million beneficiaries with $10B in health care expenditures. Identifying over $100 million in actionable annual savings through advanced algorithms and deep knowledge of healthcare episodes of care. Reducing data processing time by over 90% through advanced technology and automation. Enhancing error detection in healthcare data, saving weeks of manual work. Join us at hMetrix and contribute to fascinating and rewarding projects that make a tangible impact in the healthcare industry. We value diversity and strive to create a family-friendly culture that fosters inclusion and growth for better business performance.

SourcePro Search is conducting a search for a highly skilled Senior Information Security Analyst to join a dynamic team in Cleveland, OH, contributing to the development and execution of advanced cybersecurity strategies. The ideal candidate will play a vital role in maintaining a secure environment through incident response, threat hunting, security assessments, and enhancing IT inventory controls. This is an excellent opportunity to work on innovative security initiatives and collaborate with global teams to protect and empower global operations. What You'll Do: Cybersecurity Initiatives: Collaborate with Division and Global teams to execute key initiatives of the Division Information Security Plan. Incident Response: Investigate and resolve cybersecurity incidents in partnership with Network, Infrastructure, and the Global SOC team. NIST CSF Assessments: Lead the NIST Cybersecurity Framework (CSF) assessment process, identifying gaps and implementing solutions. Pen Testing & Vulnerability Management: Manage penetration testing and vulnerability remediation, offering consulting support to infrastructure teams. Project Security Support: Drive security efforts for major initiatives, including Power BI and ERP system upgrades, ensuring comprehensive security measures. IT Supply Chain Security: Oversee vendor assessments and improve controls for SAAS and application inventory processes. Thought Leadership: Stay ahead of trends in IAM, SASE, and Zero-Trust, contributing innovative solutions to the security landscape. Cybersecurity Awareness: Support the rollout of impactful training programs for IT staff and end users in collaboration with the Director. Performance Monitoring: Develop, monitor, and maintain KPIs and SLAs to measure and ensure peak security performance. Policy Development: Enhance policies and procedures to continuously improve cyber defenses across Division and Global teams. What You'll Bring: Education & Experience: Bachelor's Degree in a relevant field. 6+ years of experience in information security. Certifications: CISSP, CCSP, CISM, or similar certifications are highly desirable. Technical Expertise: Prior experience in IT Systems Administration with a focus on security. Deep knowledge of cybersecurity frameworks and standards such as NIST, ISO, SOC2, GDPR, HIPAA, and PCI. Hands-on experience with penetration testing, vulnerability assessments, and remediation coordination. Proficiency in application and development security (SecDevOps, secure SDLC), infrastructure/network security (NGFW, SASE, Zero-Trust, EDR), and cloud security (Azure, AWS, Google). Industry Knowledge: Experience in the manufacturing and distribution industries is preferred, especially with global, distributed teams.

ITS Technologies has an opening for a senior-level position within the Information Security team. Responsibilities include monitoring and investigation of alerts, administration of software used by the team, and researching and implementing improvements to our Information Security posture. This position requires 8+ years of hands-on experience in multiple areas of Information Security, and knowledge and skills in areas such as networking, Windows, Linux, and Cloud platforms. #LI-JM2 Responsibilities Respond to alerts, events, and incidents Perform detailed investigation and analysis of events Use personal knowledge, skills, and tools to monitor for threats Develop and implement monitoring rules and alerts During investigations act as the go-to person for junior members of the team Troubleshoot and support software and devices used by the Information Security team Maintain situational awareness about the entire Information Technology environment Regularly provide ideas and recommendations to improve the Information Security posture Awareness and understanding of current topics and threats occurring in the Information Security community Provide training to other members of the Information Security Implement new Information Security tools and products Create policies, playbooks, how-to guides, and other documentation Act as a technical leader on threat and vulnerability management by reviewing and analyzing vulnerability data to identify trends and patterns. Additionally, collaborate with colleagues in prioritizing vulnerability fixes and developing remediation plans. Provide technical guidance on secure system design and configurations Collaborate with the rest of the security team to enhance overall security posture Proactively hunt for cyber threats and vulnerabilities within the organization's environment Analyze security data and logs from multiple sources (DLP, SIEM, EDR tools, etc.) to detect anomalous activity Build and improve detection mechanisms to identify malicious behavior Perform incident response tasks related to emerging threats and vulnerabilities Act as a liaison between security, other technical teams, and the business to align security practices Additionally, the role involves participating in cross-departmental security projects, staying updated on industry trends, and advocating for information security through awareness initiatives Qualifications Minimum 8-10 years of experience in an Information Security role Experience working with the following: Cloud security tools and concepts Firewalls, IPS, WAF, SIEM, and EDR technologies DLP Tools and Technology Vulnerability scanning and threat analysis tools Email Protection and Phishing solutions Hands-on administration with a broad security understanding of one or more products such as anti-malware/anti-virus, firewalls, web proxies, SIEMs, vulnerability scanners, penetration testing, email filtering, DLP, etc. Fluency in SIEM systems with proven ability to understand all the inputs/data sources Ability and strong understanding of how to monitor networks for security breaches and analyzing network traffic, activity logs and system alerts Hands on experience with responding to security events, threats and/or incidents by investigating and analyzing to identify root causes Proven ability to prepare reports on security events, incidents, and threats Ability to protect systems by using and maintaining software like firewalls and data encryption programs to protect sensitive information Capable of conducting security assessments, vulnerability testing (scanning) and risk analysis with having key abilities to identify vulnerabilities and assess their risk and impact to the organization Proven ability to create documentation for security related plans including incident response and disaster recovery plans Strong problem-solving skills to investigate and understand security events Ability to think critically and innovatively about the security solutions that can keep data secure Understanding of TCP/IP and networking Knowledge of best practices and frameworks used in Information Security Capable of explaining technical information to both I.T. and non-technical audiences Detailed orientated Ability to handle multiple projects and prioritize critical work Desire to self-educate on the ever-changing landscape of cyber tactics Superior written and verbal communication skills Bachelor's degree in computer science, information security, or related, preferred Certifications such as CISSP, CEH, Security+ etc., preferred Experience with Azure and AWS platforms is preferred

Minimum Qualifications: • Bachelor's Degree or equivalent work experience • 3+ years of experience in a SOC, Cloud security, IT, or related cybersecurity field • 3+ years of experience in Azure, AWS, GCP, or other cloud services (IaaS, PaaS, or SaaS) • 3+ years of experience in utilizing cloud security solutions, EDR, and posture management products • 3+ years of experience with security frameworks such as NIST 800-171, MITRE, ISO 27001, or similar frameworks Preferred Qualifications: •Experience with Prisma Cloud or similar CSPM/CNAAP tools •Familiarity with scripting/automation tools (Python, PowerShell, or Bash) for configuration and reporting. •Industry certifications such as Sec+, CCSP, or relevant GIAC certifications. •Analytical abilities, including process analysis and development, problem-solving, and root cause analysis. Responsibilities: Job Overview: The Cloud and Endpoint Security team is committed to enhancing our cybersecurity framework to protect our digital assets and infrastructure. We are seeking motivated and skilled professionals to join our Cloud and Endpoint Security team. The team interfaces with many departments to ensure security tools are integrated where possible and provides the incident response team with the tools to be effective. The Security Engineer will be instrumental in driving our cybersecurity posture, focusing on the protection of cloud environments and endpoints. This role involves implementing security measures across the cloud and endpoint landscape, working with the incident response team, Cloud infrastructure, and Data Governance on tool integrations and alert refinement. Your responsibilities may include, but are not limited to: •Configure and refine cloud security tools to prevent, detect, and report. •Coordinate with DevOps and patch teams to ensure timely remediation of misconfigurations and vulnerabilities. •Collaborate with the incident response team to refine alerting and logging capabilities provided by cloud security tools. •Assist in the development of organizational security strategies that align with business objectives and industry best practices. •Stay updated with the latest cybersecurity threats, trends, and technologies, incorporating them into Airlock configurations where applicable. •Support the development and maintenance of incident response plans and secure access protocols.

Our client has an immediate need for a PAM Security Engineer, who is responsible for working on multiple initiatives/deliverables simultaneously and to interface with other initiatives that have an impact on their domain. Requirements: Bachelor's Degree in a technical field is a plus Delinea Cloud Experience (formerly Thicotic, CyberArc would also be good) Experience in industry leading implementation and or migration of PAM solutions (Delinea and/or BeyondTrust highly desirable) Industry recognized technical certifications are desirable (CISSP, CISM, etc). Familiarity with security and privacy regulations impacting financial services such as SOX and GDPR. Excellent written and verbal communications skills Proven organizational skills with the ability to develop a detailed work plan to ensure project success Demonstrated troubleshooting and problem-solving skills and the ability to work collaboratively with other teams to resolve issues Strong requirements elicitation and conflict resolution skills Ability to self-direct and work independently Implementing PAM solutions in client environments Assessing and troubleshooting PAM solution installations Daily operations of PAM solutions Responsibilities: Act as the subject matter expert and provide thought leadership on the PAM efforts and coordinate implementation in line with industry best practices and organizational or stakeholder requirements Work with the broader ISG group and other relevant stakeholders, such as Data Governance and Risk functions, to understand requirements and translate them into use cases for implementation Work with the relevant engineering and support groups to align policies with desirable requirements Provide support as needed for operationalization and train internal staff as appropriate. Develop and recommend Privileged Access Management policies, operational runbooks and other documentation as needed Execution of project tasks, escalating where appropriate to relevant stakeholders to maintain deliverable quality and timelines Why Work for ConsultUSA: ConsultUSA offers competitive salaries, major medical (PPO or HDHP w/ HSA), dental, and vision insurance plans, and 401k plan with immediate eligibility for both salary and hourly employees ConsultUSA hosts several outings and events, holiday and summer parties, and volunteer opportunities throughout the year for employees We will work with you to obtain training for in-demand technologies and prepare you for industry-recognized certification exams ConsultUSA offers Business Analysis and Project Management training through our Project Management Institute (PMI) award-winning sister company, PMCentersUSA How to Apply: To submit your application, please click the “Apply Now” button located at the top and bottom of the page. ConsultUSA is committed to providing equal employment opportunities (EEO) to all qualified employees and applicants for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, age, disability, genetic information, marital status, pregnancy, ancestry, or status as a covered veteran as well as any other prohibited criteria under any applicable federal, state, and local laws applicable to ConsultUSA. For a complete listing of all ConsultUSA jobs please visit ******************

Lead Security Architect Client Industry: Enterprise Financial Services Terms: Direct Hire, sponsorship not available Compensation: 170-190k base+15% bonus Pioneer Our Next-Gen Security Infrastructure We're searching for a Lead Security Architect with expertise in defense-in-depth strategies and a talent for designing effective security solutions. If you appreciate well-structured zero-trust architecture and find satisfaction in properly hardening systems beyond the basics, this role could be an excellent fit. What You'll Build: Forward-thinking security architecture that balances robust protection with business agility Comprehensive cloud security strategies across multiple environments Container security frameworks that earn developer buy-in Advanced encryption implementations that anticipate emerging threats Security standards that streamline compliance efforts The Technical Arsenal You Bring: 6-10 years of security architecture experience in complex environments CISSP certification and other relevant credentials (CISM, cloud architecture) Bachelor's degree in Computer Science or related field (Master's appreciated) Deep expertise in: Enterprise cloud security (AWS/Azure) Container security orchestration Network defense architecture Encryption frameworks and key management Working knowledge of NIST, ISO 27001, and regulatory requirements Why This Role Matters: You'll be our technical cornerstone for security decisions, working directly with leadership to shape our security posture while mentoring team members. Your architectural decisions will have lasting impact on our enterprise security for years to come. If you enjoy solving complex security challenges, have a knack for analyzing threat models, and take pride in building security that enables rather than blocks, we should definitely connect.

Network Firewall Engineer Recruiting for this role ends on May 31, 2025 Work you'll do Provides engineering, security compliance and administration of the firewalls. The position works closely with other Deloitte groups and vendors to provide exceptional customer support. Including the Deloitte Cyber organization for any requests about security compliance from the different agencies and to mitigate any gaps. Creates configurations and scripts for enterprise deployment of solutions that align business and DT - US strategies. Responsible for providing second level incident support, defining, and updating standards, ensuring compliance on all internal and external projects, enforcing consistent policies and processes. Contributes to the transition of new technologies between Architecture and Engineering and confirms all appropriate documents and processes are developed. Responsibilities: Manages the day-to-day activities of design, analysis, planning, and implementation. Oversees the development and evaluation of network performance criteria and measurement methods for short-team and long-term needs including capacity. Evaluates network architecture design, in addition to feasibility and cost studies Monitors performance and health, ensures capacity planning is performed, and assesses and makes recommendations for improvement. Provide skilled expertise for the compliance, engineering, administration and 24x7 operations of the firewalls serving the Deloitte Federal practice. Perform routine assessments of system hardening in accordance with DOD security technical implementation guides (STIGs). Ensure the maximum information assurance (IA) compliance of DODIN-N systems Lead service request fulfilment for firewall policy and other security extension changes (VPN, IPS, URL Filtering, Application Control, etc.). Provide visibility and insight to assist customers with firewall activity and usage information. For the Federal firewalls, first responder to monitored alerts, incidents, and issues. Lead the follow through with firm and vendor resources to close out availability, performance, and security incidents that involve firewalls. Accountable for executing tasks according to established standards, procedures, and processes. Assist to develop new standards, procedures and processes. Performs other job-related duties as assigned. Ability to manage support cases with external technology vendors. The team Deloitte Technology US (DT - US) helps power Deloitte's success, which serves many of the world's largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence. The ~3,000 professionals in DT - US deliver services including: Cyber Security Technology Support Technology & Infrastructure Applications Relationship Management Strategy & Communications Project Management Financials Technology & Infrastructure The Technology and Infrastructure Organization works together to transform how DT - US deploys technologies and services to meet the dynamic needs of Deloitte professionals and help increase their productivity. Required Qualifications: 8+ years in supporting infrastructure environments but not limited to security/firewall, networks, systems 3+ years of experience in related experience in firewall environments performing engineering (hardware and software) and operations. Bachelor's degree in Computer Science, Computer Engineering, Business Administration or similar and/or additional relevant professional experience. Ability to travel 0-10%, on average, based on the work you do and the clients and industries/sectors you serve Must be a US Citizen (GPS initiatives) Preferred Qualifications: Expert level knowledge of Checkpoint or Palo Alto. Advanced level skill in firewall policy management. Knowledge of monitoring tools and commands to ensure quick resolution to issues. Hands-on experience with security policy and automation tools such as Firemon, Tufin. Algosec... Knowledge on Scripting language. Knowledge of LAN/WAN and network protocols. Experience in security assessments and audits, ensuring compliance with industry standards and best practices, and addressing vulnerabilities proactively. Knowledge of applying DoD STIGs to network equipment Knowledge of information assurance (IA) compliance of DODIN-N systems Information for applicants with a need for accommodation: ************************************************************************************************************ The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $88,600 to $181,900. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. EA_ExpHire #LH-1

Harrington Starr are seeking a Regional Division Information Security Officer who will lead executive engagement, cyber due diligence support and business cyber strategy leadership for the US region Role can be based in either New York or Phildelphia on a hybrid model Some of the key activities will include: Provide cyber briefings for legal entity boards, risk and operating committees, and represents cyber to regional clients, exchanges, auditors and regulators Engage in cyber and technology incidents as the regional delegate for the Global Chief Information Security Officer. Evaluate, and prioritize cybersecurity risks, and to develop and implement effective risk mitigation strategies Maintaining relationships with other departments, external partners, and stakeholders, and to work effectively in a team environment across locations and timezones Leading a team of cyber professionals in the US region Working with the global cyber leadership team on the central strategy In order to be suitable you will need: Experience in a cyber security leadership role with demonstrable stakeholder management experience up to C level A strong understanding of the US cyber regulatory landscape including experience leading internal and external regulatory requirements A strong understanding of cyber security including: IAM, application security, security engineering and incident management People management and leadership experience Financial services experience ideally in gained from working in a highly regulated global environment across different timezones. Please send your resume for immediate consideration.

⭐ Information Security Officer | Butler, PA | Hybrid | $70,000 - $150,000 - FTE ⭐ Are you passionate about cybersecurity and protecting critical financial data? Do you thrive in high-stakes environments where your leadership shapes the organization's security posture? Looking for a role where you drive strategy and influence cross-functional teams? This could be your next big move! The Company: Join a reputable financial institution dedicated to innovation, integrity, and security. With a strong culture of compliance and customer trust, they're committed to staying ahead of cyber threats while fostering a collaborative work environment. The Role: As the Information Security Officer (ISO), you'll lead the institution's cybersecurity strategy and operations. You'll develop and manage the Information Security Program, ensure regulatory compliance (FFIEC, GLBA, NIST), and act as the go-to expert for cyber risk mitigation. This is a high-impact role with direct exposure to executive leadership and decision-making! What You'll Do: Design, implement, and maintain the organization's security framework Conduct regular risk assessments and manage the incident response plan Monitor network and systems for vulnerabilities and threats Collaborate with IT to enforce MFA, encryption, and secure access controls Lead third-party security reviews and ensure compliance with FDIC, OCC, and other regulators Deliver employee training, phishing simulations, and awareness programs Serve as primary contact for cybersecurity incidents and recovery efforts Support business continuity planning from a security perspective What You Need: Certifications preferred (not a must): CISSP, CISM, CRISC, GIAC Deep knowledge of cybersecurity tools (SIEM, IDS/IPS), incident response, and network security Strong communication skills and a proactive, solutions-driven mindset Familiarity with FFIEC, GLBA, NIST compliances Perks & Benefits: Competitive salary + full benefits Flexible hybrid work environment Paid industry certifications and ongoing training Leadership role with strategic influence Collaborative culture with cross-functional support ⭐ Information Security Officer | Butler, PA | Hybrid | $70,000 - $150,000 - FTE ⭐