Cyber security analyst jobs in Union, NY - 596 jobs

Job Description Forhyre is seeking a talented individual that will be able to provide security architecture support and interface across the program as needed. This support includes, but is not limited to, cybersecurity solutions, providing technical strategy for solutions, guidance, policy, and implementations. The successful candidate for this position is a highly motivated individual, with a strong IT security background who excels integrating, operating, and deploying security technology and solutions and interacts well with both internal teams and clients. Note: U.S. citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Develop and implement security policies and controls to support the Cyber Security framework Manage the existing cyber security training program across global, multilingual business Assists in ensuring global Information security program meets all industry regulations, standards, and compliance requirements Drive adoption of infrastructure security best practices and work with Information Technology teams to ensure security standards are maintained Implement technology to proactively scan Information Technology environment for security breaches and suspicious activity Continuous improvement in the areas of Information Security technologies, techniques and processes Develops and maintains an effective system for the distribution of regular key performance indicator reports and dashboard Ability to interpret penetration test results and describe issues and fixes to non-security expert Responsible for leading an accurate & comprehensive status reporting to the executive steering committee Create and implement SOP/ process improvement initiatives to achieve outcomes that align or exceed the expectations of strategic roadmap Skills & Experience Bachelor's degree and 12+ years of experience; additional years of directly applicable experience may be accepted in lieu of a degree. Certified Information Systems Security Professional (CISSP) 8+ years hands-on experience designing or implementing security solutions, including all related documentation and artifacts Analytical ability, problem-solving skills, and ability to break down complex problems into actionable steps Extensive experience in design and development of enterprise security architectures. Experience must include a wide range of work in creating diagrams and documentation with all components that comprise IT systems including network topology. Strong knowledge and experience in secure enterprise architecture design, especially with regard to IAM, NDR, EDR, SIEM, AI/ML, and other cybersecurity tools and resultant applications Experience selecting effective methods, techniques, and evaluation criteria to achieve desired outcomes Previous experience developing architectures, strategies, strategic plans, roadmaps, and technical standards for the federal IT enterprise environment. Vulnerability Assessment testing and/or Penetration Testing (preferred) Robotic Process Automation/Intelligent Automation (preferred) Business case development supporting security technology solutions (preferred) Additional certifications demonstrating cybersecurity/technical mastery (preferred)

Job Title: Cyber Command Forensic Analyst SCOPE OF SERVICES: The forensics Analyst will investigate network intrusions and other cyber incidents to determine cause, extent and consequences of the breach. TASKS: · Research and develop new techniques, and procedures to continually improve the digital forensics process. · Produce high quality written work product presenting complex technical issues clearly and concisely. · Managing and maintaining the analysis labs and forensics tools leveraged for investigations. · Ensuring data is collected and preserved within industry standard best practices and in alignment evidence integrity requirements. · Assisting the Cyber Emergency Response Team during critical incidents. · Investigate network intrusions and other cybersecurity incidents to determine the cause and extent of the breach. Includes ability to perform host -based and network -based forensic analysis. MANDATORY SKILLS/EXPERIENCE: · Minimum 4 years of experience in Threat Management/Forensics Investigations/Incident Response environment · Proficient in performing digital forensic investigations on a variety of platforms and operating systems with a deep understanding of digital forensics processes and tools. Requirements DESIRABLE SKILLS/EXPERIENCE: · Experience with a wide range of forensic tools (FTK, X -Ways, SIFT, AXIOM, EnCase, etc.) · Experience with memory analysis tools (i.e. Volatility, MemProcFS) · Experience with Linux and open source tools · Experience investigating intrusions on Windows and Linux/Unix operating systems · Experience with performing forensics collections in cloud environments (AWS, Azure, GCP) · Knowledge of gathering, accessing, and assessing evidence from computer systems and electronic devices · Knowledge of virtual environments · Knowledge of forensic imaging techniques · Knowledge of Microsoft Windows operating system and Windows artifacts · Knowledge of Linux/UNIX operating systems and artifacts · Knowledge of mac OS operating system and forensics artifacts · Knowledge of file systems · Strong analytical skills Skills: · Incident Management · Threat Management · Cyber Security

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Cyber Security Analyst - REMOTE. In this role, you will safeguard critical systems and drive innovation in security practices. As a proactive professional, you will contribute to a collaborative environment that prioritizes data protection and infrastructure security. Your work will have a significant impact on maintaining the integrity of our systems and ensuring a safe digital landscape. Join us to make a difference in cybersecurity.Accountabilities Lead efforts to monitor and maintain security across servers, networks, and endpoints. Administer and enhance network security defenses to prevent breaches. Analyze vulnerabilities and implement solutions to strengthen system integrity. Respond to and investigate cyber incidents, ensuring timely resolution and documentation. Develop and maintain security policies, standards, and guidelines aligned with best practices. Collaborate with IT teams to ensure security controls, compliance and risk management strategies are effective. Educate staff on cybersecurity awareness and best practices. Requirements Minimum 5 years of experience in cybersecurity, network engineering, or system analysis. Strong knowledge of incident response, intrusion detection, and risk management. Proficiency in analyzing complex systems and security audit results. Excellent communication and problem-solving skills. Bachelor's degree in Computer Science or related field (preferred). Certifications such as CISSP, CEH, or CISA (preferred). Experience with Windows Server, Linux, Cisco, and security tools like Wireshark (preferred). Benefits Comprehensive health-related benefits including medical, vision, and dental care. 401(k) plan with company contributions. Company-paid life insurance. Tuition reimbursement program. Minimum of 18 days of paid time off per year plus paid holidays. Participation in an annual bonus plan. Why Apply Through Jobgether? We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.#LI-CL1We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives. This role is required to sit ONSITE in our Malvern, PA office Monday through Thursday with Friday remote. Must be eligible to work in the U.S. without requiring sponsorship now or in the future. Who is Customers Bank? Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with. We get you further, faster. Focused on you: We provide every customer with a single point of contact. A dedicated team member who's committed to meeting your needs today and tomorrow. On the leading edge: We're innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead. Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we're a partner you can trust. What you'll do: Documentation & Communication: Develop and maintain workflows to create, maintain, and update information security documentation in support of internal and external audit requirements. Control Testing & Evaluation: Under the direction information security management, execute testing procedures to assess the design and effectiveness of key information security controls across business units, technology, and operational processes. Track control effectiveness and KRI/KPI for inclusion in risk assessment reports. Issue Identification & Reporting: Document test results, identify control deficiencies, and provide clear recommendations for remediation. Identify and track exceptions to the Bank's security policies and procedures. Audit readiness and response: Assist information security team with gathering evidence/artifacts for internal and external audits. Collaboration: Work closely with business process owners, auditors, compliance, and risk teams to ensure timely resolution of identified issues. Continuous Monitoring: Participate in ongoing monitoring and follow-up activities to confirm remediation effectiveness and sustainability. What do you need? Must-Haves 2+ years of experience in internal audit, cyber security, or IT risk management, Knowledge of information security and IT risk control frameworks (e.g., COSO, COBIT, NIST). Understanding of financial, operational, and IT control environments. Strong analytical skills with attention to detail and accuracy. Excellent written and verbal communication skills Bachelor's degree in information systems, cyber risk, or related field. Key Skills Understanding of information technology infrastructure (networking, Active Directory, backups, etc.) and security concepts (role-based access control, least privilege, defense in depth, etc.). Experience in developing and maintaining documentation strategies for information security policies, standards, and operating procedures. Proficiency with Microsoft Office applications (Excel, Word, PowerPoint). Develop and maintain working relationships with audit, GRC, and IT teams to promote continuous control awareness and improvements. Nice-to-Haves Professional certifications such as CIA, CISSP, CISA, Microsoft certifications, or CRMA. Experience in Banking, financial services, or other highly regulated industries. Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also provide “reasonable accommodations”, upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws. Diversity Statement: At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let's take on tomorrow.

Primary Responsibilities: The Analyst will provide value add analysis and research as part of the Strategic, Defense, and Shareholder Advisory team within the Advisory business. In this role, the Analyst will create client presentations regarding hostile activity, proxy fights, shareholder activism, and corporate governance. The Analyst will work on live activism and raid defense situations, as well as create materials for use in client presentations, internal meetings, and marketing initiatives. The Analyst will work in a team environment within Evercore's Strategic, Defense, and Shareholder Advisory practice. Responsibilities include, but are not limited to the following: Create materials related to shareholder activism, hostile activity, shareholder engagement and corporate governance for use in client presentations, internal meetings and marketing initiatives Support live engagements, including proxy fights and raid defense situations, contested M&A and special committee assignments Perform research and analysis to identify company's potential vulnerabilities to activist shareholders or potential acquirors Monitor relevant trends and regulatory developments Collaborate closely with senior bankers and other internal teams on strategic mandates Specific Qualifications: Graduate of Class of 2024 through Class of 2025 Relentless work ethic and high energy level An excellent, team-based atttiude Excellent communication skills (written and verbal) Proficient in Microsoft Office, specifically Excel Exceptional attention to detail Calm under pressure with a demonstrated track record of successfully managing multiple projects simultaneously Intellectual curiosity and an interest in finance Expected Base Salary Range: $120,000-$140,000. In addition to a competitive base salary, employees may be eligible to receive a discretionary bonus delivered in the form of cash and/or deferred equity. Evercore also offers a variety of benefits and programs, subject to eligibility. These include, but are not limited to: Medical, prescription, dental, and vision insurance, including healthcare savings and reimbursements accounts 401(k) Retirement Plan Life and disability insurance, including additional voluntary financial protection insurance Well-being resources and programs, including mental health and mindfulness programs, digital wellness platforms, well-being events, and targeted on-site health services Family-building and family-support benefits Paid parental, caregiver, marriage and bereavement leave Commuter benefits, health club membership discounts, and other corporate discounts Paid holidays, vacation days, personal days, sick days, and volunteer opportunities

What We're Doing: Lockheed Martin's, Rotary & Mission Systems (LM RMS), Security and Emergency Services department invites you to step up to one of today's most daunting challenges: the protection of exquisite government capabilities leading to warfighter supremacy against our peer and near peer adversaries. As a security professional at Lockheed Martin, you'll safeguard the sensitive information and warfighting capabilities that our citizens and the world depend upon to protect U.S. and ally interests. Here, you'll work alongside other security experts and military members to support their military operational objectives by providing them with a safe and secure operating environment. In this fast-paced, real-world environment, you'll draw on all your education and experience as well as the resources of Lockheed Martin to keep these exquisite capabilities protected. The Work: This position is located in Owego, NY and will support multiple programs. As a Classified Cyber Security /ISSO, you will be responsible for overseeing day-to-day information system security operations, including auditing and compliance with internal LM and customer security requirements. You will also be responsible for technical administration of IS in accordance with internal LM and customer security requirements, primarily Risk Management Framework (RMF). Your responsibilities will include: - Oversee day-to-day information system (IS) security operations including hardware and software implementations. - Carry out technical administration of IS in accordance with internal LM and customer security requirements, primarily Risk Management Framework (RMF). - Auditing of the IS. - Upkeep, monitor, analyze, and respond to network and security events. - Document compliance actions within the approved automated compliance tracking system or develop a plan of actions and milestones (POA&M) with the Information Systems Security Manager (ISSM) to address non-compliance in the allotted time frame. - Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan. - Ensure configuration management (CM) for security-relevant IS software, hardware, and firmware is maintained and documented in accordance with baseline. - Ensure all information system security-related documentation is current and accessible to properly authorized individuals. - Evaluate proposed changes or additions to the information system, and advise the ISSM of their security relevance. - Assist and conduct IS security education. - Participate in internal/external security audits/inspections; perform risk assessments. - Inform ISSM on technical IS security matters. - Assist in conducting investigations of computer security violations and incidents, reporting as necessary to both the Program Security Representative (PSR) and Program Managers. - Ensure proper protection and/or corrective measures have been taken when an incident or vulnerability has been discovered. - Communicate, implement and manage a formal Information Security/Information Systems Security Program together with ISSM and PSR. - Implement and enforce Information Security Policies and Procedures together with ISSM and PSR. - Review and oversee RMF Package authorizations with the ISSM. Who we are: In support of our US Marine Corps, US Navy, and US Air Force customers, the ISSO will support all aspects of the information security program and continue a strong history of success. Why Join Us: Your Health, Your Wealth, Your Life With our employees as our top priority, we provide unique career opportunities designed to propel development and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. At Lockheed Martin, we place an emphasis on empowering our employees by fostering innovation. Basic Qualifications - 5 years of Cybersecurity/Information Assurance experience - Keen attention to detail and adherence to established security policies - Excellent verbal and writing skills - Experience managing and implementing the ATO Lifecyle utilizing eMASS or other technologies - First-hand experience performing Information System audits - Experience with system certification and continuous monitoring - Information System account and asset management experience - Knowledge of and previous use of NIST SP 800-37 Risk Management Framework (RMF), and/or NIST SP 800-53 Security and Privacy Controls requirements - IAT II Level Certification (e.g., COMPTIA Security +) Desired skills -Prior Information System Security Officer (ISSO), or administrator experience. -Experience working with DCSA RMF implementation. -Hands-on experience with industry standard Information Assurance tools such as STIG Viewer, SCC Tool, and Splunk. -Experience performing security system hardening, analysis, vulnerability management, DISA STIGs. -Proven ability to build and maintain effective relationships with multiple customers, including Government & other groups within LM. Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics. The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration. * At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work. With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility. If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs, and apply for roles that align with your qualifications. Other Important Information By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings. Ability to work remotely Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility. Work Schedule Information Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits. Security Clearance Information This position requires a government security clearance, you must be a US Citizen for consideration. Pay Rate: The annual base salary range for this position in California, Massachusetts, and New York (excluding most major metropolitan areas), Colorado, Hawaii, Illinois, Maryland, Minnesota, New Jersey, Vermont, Washington or Washington DC is $93,200 - $164,450. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. (Washington state applicants only) Non-represented full-time employees: accrue at least 10 hours per month of Paid Time Off (PTO) to be used for incidental absences and other reasons; receive at least 90 hours for holidays. Represented full time employees accrue 6.67 hours of Vacation per month; accrue up to 52 hours of sick leave annually; receive at least 96 hours for holidays. PTO, Vacation, sick leave, and holiday hours are prorated based on start date during the calendar year. This position is incentive plan eligible. Pay Rate: The annual base salary range for this position in most major metropolitan areas in California, Massachusetts, and New York is $107,300 - $185,840. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. This position is incentive plan eligible.

Triple Cities Network Solutions (TCNS) is seeking an experienced Cybersecurity Engineer to strengthen our internal and client-facing security posture. This role plays a key part in designing, implementing, and maintaining cybersecurity solutions across multiple client environments while ensuring compliance with frameworks such as CMMC, NIST 800-171, CIS Controls, and other relevant standards. You will act as both a technical security expert and compliance advisor, working closely with our internal IT, service delivery, and client success teams to ensure that TCNS and its customers maintain the highest levels of security maturity. Key Responsibilities Security Engineering & Operations Design, deploy, and maintain security tools and infrastructure for both internal and client environments (e.g., EDR, SIEM, MFA, patch management, vulnerability scanning, email security, and firewalls). Lead threat detection and response efforts-analyzing alerts, investigating incidents, and coordinating remediation activities. Perform regular security assessments and penetration tests to identify and mitigate vulnerabilities. Develop and maintain secure configurations and baselines across systems, applications, and network equipment. Compliance & Risk Management Serve as the primary technical lead for CMMC, NIST 800-171, and other compliance initiatives for internal systems and managed clients. Build and maintain compliance documentation, SSPs, and POAMs. Conduct internal and client security audits, risk assessments, and readiness reviews. Support clients in achieving and maintaining compliance with federal and industry security frameworks. Automation & Tools Implement and manage security automation across monitoring and compliance systems. Manage integrations between cybersecurity and MSP toolsets. Develop dashboards and reporting mechanisms for ongoing compliance and security metrics. Collaboration & Education Work with internal teams to embed cybersecurity best practices into all MSP services and projects. Provide technical leadership and mentorship to technicians and engineers on cybersecurity processes. Educate customers on cybersecurity hygiene and participate in client-facing meetings or security reviews as needed. Required Skills & Qualifications 3-5+ years of hands-on cybersecurity or systems engineering experience (preferably in an MSP or multi-tenant environment). Strong understanding of security frameworks: CMMC, NIST 800-171, and CIS. Experience with security solutions such as EDR, SIEM, email filtering, DLP, IDS/IPS, and MFA. Familiarity with Microsoft 365 Defender, Azure, and Intune is highly preferred. Knowledge of scripting/automation (PowerShell, or equivalent). Experience producing compliance documentation, audit evidence, and risk assessments. Excellent communication and documentation skills with both technical and non-technical stakeholders. Preferred Certifications CompTIA Security+, CySA+, or CASP+ Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Why Join TCNS Work with a fast-growing MSP supporting diverse clients in regulated industries. Be part of a team that values innovation, automation, and continuous improvement. Opportunity to lead and shape cybersecurity programs across multiple organizations. Competitive compensation, benefits, and ongoing professional development opportunities.

**Intro** Are you ready to explore a world of possibilities, both at work and during your time off? Join our American Airlines family, and you'll travel the world, grow your expertise and become the best version of you. As you embark on a new journey, you'll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life. Feel free to enrich both your personal and work life and hop on board! **Why you'll love this job** + Responsible for advancing our Airport safety culture and station success through performance observations, station interactions and other engagements. + This job is a member of the Performance Assurance team within the Quality, Safety and Compliance group within the Airport Center of Excellence organization. + The pay range for this role is $51,000 to $86,500, taking into account the qualifications and experience of the selected candidate. **What you'll do** _As noted above, this list is intended to reflect the current job but there may be additional essential functions (and certainly non-essential job functions) that are not referenced. Management will modify the job or require other tasks be performed whenever it is deemed appropriate to do so, observing, of course, any legal obligations including any collective bargaining obligations._ + Recognize and report common challenge areas to provide feedback to the appropriate groups + Monitor effectiveness of corrective action plans to determine effectiveness, scalability, creation of recommendations/best practices + Analyze findings, determine root causes, and develop recommendations, delivered in executive level presentations + Support company delivery transformation projects and change management + Identify and communicate business process inefficiencies through new tools/technology including AI + Use AI to assist in day-to-day work as well as solve complex issues + Support special projects and investigations + Identify changes in emerging business and operational risks + Provide suggested changes to current performance assurance reviews and processes and techniques + Work in a variety of environments, including outdoors in all weather conditions **All you'll need for success** **Minimum Qualifications- Education & Prior Job Experience** + Bachelors degree or equivalent training/experience + Two years audit experience **Preferred Qualifications- Education & Prior Job Experience** + Airline experience, Customer Operations or Cargo preferred + Previous root cause analysis identification **Skills, Licenses & Certifications** + Detail oriented + Excellent organization skills + Comprehensive analytical and problem-solving skills + Ability to effectively communicate with all levels of employees within the organization + Excellent presentation skills + Ability to travel approximately 60 - 75% + Proficient in Microsoft Office software, with advanced Excel and Access skills + Ability to fulfill FAA criminal background checks to qualify for unescorted access privileges to airport security identification display areas (SIDA), if applicable **What you'll get** Feel free to take advantage of all that American Airlines has to offer: + Travel Perks: Ready to explore the world? You, your family and your friends can reach 365 destinations on more than 6,800 daily flights across our global network. + Health Benefits: On day one, you'll have access to your health, dental, prescription and vision benefits to help you stay well. And that's just the start, we also offer virtual doctor visits, flexible spending accounts and more. + Wellness Programs: We want you to be the best version of yourself - that's why our wellness programs provide you with all the right tools, resources and support you need. + 401(k) Program: Available upon hire and, depending on the workgroup, employer contributions to your 401(k) program are available after one year. + Additional Benefits: Other great benefits include our Employee Assistance Program, pet insurance and discounts on hotels, cars, cruises and more **Feel free to be yourself at American** From the team members we hire to the customers we serve, inclusion and diversity are the foundation of the dynamic workforce at American Airlines. Our 20+ Employee Business Resource Groups are focused on connecting our team members to our customers, suppliers, communities and shareholders, helping team members reach their full potential and creating an inclusive work environment to meet and exceed the needs of our diverse world. Are you ready to feel a tremendous sense of pride and satisfaction as you do your part to keep the largest airline in the world running smoothly as we care for people on life's journey? Feel free to be yourself at American. EQUAL EMPLOYMENT OPPORTUNITY/ AFFIRMATIVE ACTION POLICY American Airlines maintains a continuing policy of nondiscrimination in employment. It is our policy to provide equal opportunity and access for all persons, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or status as a disabled veteran or other protected veteran, in all phases of the employment process and in compliance with applicable federal, state, and local laws and regulations. This policy of nondiscrimination shall include, but not be limited to, the following employment decisions and practices: hiring; upgrading; promotions; demotions or transfers; layoffs; recalls; terminations; rates of pay or other forms of compensation; selection for training, including apprenticeship; and recruitment or recruitment advertising.

IAM Analyst

Information Security Specialist Job Responsibilities: Safeguards information system assets by identifying and solving potential and actual security problems. Information Security Specialist Job Duties: Protects system by defining access privileges, control structures, and resources. Recognizes problems by identifying abnormalities; reporting violations. Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines security violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following organization standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Contributes to team effort by accomplishing related results as needed. Information Security Specialist Skills and Qualifications: System Administration, Network Security, Problem Solving, Information Security Policies, Informing Others, Process Improvement, On\-Call, Network Troubleshooting, Firewall Administration, Network Protocols, Routers, Hubs, and Switches. "}}],"is Mobile":false,"iframe":"true","job Type":"Full time","apply Name":"Apply Now","zsoid":"641401441","FontFamily":"Verdana, Geneva, sans\-serif","job OtherDetails":[{"field Label":"Industry","uitype":2,"value":"Technology"},{"field Label":"City","uitype":1,"value":"Brooklyn"},{"field Label":"State\/Province","uitype":1,"value":"New York"}],"header Name":"Information Security Specialist","widget Id":"**********00072311","is JobBoard":"false","user Id":"**********00133003","attach Arr":[],"custom Template":"3","is CandidateLoginEnabled":true,"job Id":"**********00267067","FontSize":"12","location":"Brooklyn","embedsource":"CareerSite","indeed CallBackUrl":"https:\/\/recruit.zoho.com\/recruit\/JBApplyAuth.do","logo Id":"2qf78d018cc5be94b40bbbcb719566377b192"}

Principal Information Security Analyst (Tier 2) As a Principal Information Security Analyst within Gen Digital's global Security Operations Center (SOC), you will play a key role in strengthening threat detection and response across the organization. The role focuses on improving SOC monitoring and detection processes through technical expertise, continuous development, and close collaboration with other security teams. In this position, you will serve as a senior specialist, leading automation and detection engineering efforts, mentoring junior analysts and contributing to projects that enhance security visibility and overall SOC performance. Operating in a follow-the-sun model, the SOC ensures 24/7 global coverage, with regional teams working during their respective business hours and sharing on-call responsibilities for weekend. Key Responsibilities: * Monitor, analyze, and correlate security alerts and events across multiple platforms (SIEM, WAF, EDR, email, cloud, network, and threat intelligence tools) to identify and validate suspicious or malicious activity * Continuously develop and fine-tune detection rules, correlation searches, security policies, and dashboards to improve visibility, reduce false positives, and increase alert accuracy across security platforms * Support and mentor Tier 1 analysts in alert triage, escalation quality, and use of tools * Collaborate with security engineers on automation and enrichment initiatives to streamline operational workflows and improve detection efficiency * Maintain complete and up-to-date documentation for all detection use cases, workflows and process improvements * Participate in security projects and collaborate with internal stakeholders (e.g., Incident Response, Security Engineering, Application Security, and IT) to enhance detection coverage, visibility, and response capabilities * Support the execution of incident response playbooks Qualification and Work Experience: * 3-5 years of hands-on experience in SOC operations, cybersecurity monitoring, or related areas such as detection engineering or threat analysis * Solid understanding of networking concepts (TCP/IP, DNS, HTTP/S) and how they apply to security monitoring and threat analysis * Strong knowledge of cybersecurity principles, common attack techniques, and threat types (e.g., phishing, malware, brute force, web application attacks) * Proven experience working with security logs, alerts, and structured data across multiple platforms (SIEM, EDR, WAF, cloud, and network telemetry) * Hands-on experience with SIEM platforms - Splunk preferred - including detection content development, rule tuning, and dashboard creation * Familiarity with Web Application Firewall (WAF) technologies and the ability to analyze or tune related alerts and policies * Understanding of cloud security concepts and experience with monitoring tools for major providers (AWS, Azure, GCP) * Working knowledge of scripting or automation (e.g., Python, PowerShell, or API-based integrations) to support analysis and enrichment workflows * Experience using AI-based tools to support daily SOC operations, including data analysis, investigation, documentation, and collaboration * Strong analytical and problem-solving skills with attention to detail and curiosity for continuous learning * Effective communication and documentation skills in English, both written and verbal * Experience collaborating across teams (e.g., Security Engineering, Incident Response, Application Security) on detection improvements or automation projects * Prior experience in a Security Operations Center (SOC) or similar environment is highly preferred * Familiarity with the fintech environment or experience supporting financial services infrastructure is considered a strong advantage #LI-AS1 Gen is proud to be an equal-opportunity employer, committed to diversity and inclusivity. We base employment decisions on merit, experience, and business needs, without considering race, color, national origin, age, religion, sex, pregnancy, genetic information, disability, medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or other unlawful factors. Gen prohibits discrimination based on these protected characteristics and recruits talented candidates from diverse backgrounds. We consider individuals with arrest and conviction records and do not discriminate against employees for discussing their own pay or that of other employees or applicants. Learn more about pay transparency. To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.

Position Overview: The Information Security Analyst plays a crucial role in safeguarding an organization's sensitive data, systems, and networks from potential cyber threats and attacks. This role involves monitoring, analyzing, and responding to security incidents, as well as implementing proactive measures to mitigate risks and ensure compliance with industry standards and HIPAA/HITECH regulations. Responsibilities: Monitoring and Incident Response: Monitor network traffic, system logs, and security alerts to identify and investigate potential security incidents. Analyze and respond to security breaches, malware infections, and other cyber threats promptly. Collaborate with cross-functional teams to contain and mitigate security incidents effectively. Vulnerability Assessment and Management: Conduct regular vulnerability assessments to identify weaknesses in the organization's systems, networks, and applications. Implement patches and updates to address vulnerabilities, ensuring systems are up to date and secure. Security Policies and Procedures: Develop and maintain information security policies, standards, and procedures. Educate employees on security best practices and ensure adherence to established security policies. Security Audits and Compliance: Participate in internal and external security audits, ensuring compliance with regulatory requirements and industry standards. Prepare and provide documentation for audit purposes. Security Tools and Technologies: Manage and maintain security tools such as firewalls, intrusion detection systems, anti-virus software, and encryption technologies. Research and recommend new security technologies and solutions to enhance the organization's security posture. Threat Intelligence: Stay current with emerging threats, vulnerabilities, and security trends. Utilize threat intelligence sources to proactively identify and mitigate potential risks. Incident Documentation and Reporting: Document incident details, analysis, and response actions in a clear and organized manner. Provide regular and ad-hoc security reports to management, highlighting key findings and recommendations. Security Awareness and Training: Organize security training and awareness programs for employees to promote a culture of security consciousness. Our Benefits Medical, and Dental & Vision (optional) 401(K) with employer match Paid Parental Leave policy

Provide senior-level cybersecurity and information system security support for Navy systems by leading RMF activities, security authorization packages, continuous monitoring, and cybersecurity compliance in support of mission operations. Key Responsibilities Lead and support RMF Steps 1-6 for assigned Navy information systems Develop and maintain SSPs, SAPs, SARs, POA&Ms, and security artifacts Coordinate system authorization activities with Authorizing Officials (AOs) Conduct risk assessments and vulnerability analysis Support continuous monitoring, audits, and inspections Advise leadership on cybersecurity risk and mitigation strategies Qualifications (Citizenship, Education, Experience, Skills) Citizenship: U.S. Citizenship required Education: Bachelor's degree in Cybersecurity, IT, or related field (or equivalent experience) Certification: Must possess and maintain a DoD 8140 / IAWF-approved Information Assurance Technical (IAT) Level II certification (e.g., CompTIA Security+ CE, CySA+, SSCP, GSEC, or equivalent) Experience: Minimum 8 years cybersecurity / ISS experience; 5+ years RMF support Skills: RMF; NIST 800-53; risk analysis; technical writing; coordination with government stakeholders Required Systems, Tools, and Framework Experience Frameworks: DoD RMF, NIST SP 800-53, 800-37, 800-30 Systems: eMASS, ACAS, HBSS, STIG Viewer Tools: Nessus, SCAP, vulnerability scanning tools Security Handling: CUI, controlled system documentation We are an Equal Opportunity Employer and strive to provide equal employment opportunity to all applicants and staff in accordance with sound employee relations practices and federal and state laws. All qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, marital status, ancestry, genetic information, pregnancy status, or any other characteristic protected by law.

About the Role: The Network Security Engineer will design, implement, and manage secure network infrastructure to ensure uninterrupted business operations. Responsibilities: Configure and maintain firewalls, VPNs, and IDS/IPS systems. Perform network security monitoring and incident response. Conduct penetration testing and simulate attacks to identify weaknesses. Harden routers, switches, and network devices. Optimize performance without compromising security. Requirements: 3+ years experience in network engineering/security. Strong knowledge of Cisco, Palo Alto, or Fortinet firewalls. Experience with network protocols (TCP/IP, DNS, SSL, VPN). CCNA Security, CCNP Security, or equivalent certifications. Required Skills: Information Security Security

Public Health Solutions (PHS) is a 501(c)3 non-profit community-based organization (CBO) that has existed for 70 years to improve health equity and address health-related social needs (HRSN) for historically underserved marginalized communities. As the largest public health nonprofit serving New York City, we improve health outcomes and help communities thrive by providing services directly to vulnerable families, supporting community-based organizations through our long-standing public-private partnerships, and bridging the gap between healthcare and community services. We focus on a wide range of public health issues including food and nutrition, health insurance, maternal and child health, sexual and reproductive health, tobacco control, and HIV/AIDS. Learn more about our work at healthsolutions.org. PHS administers WholeYouNYC (WYNYC), a coordinated community resource network that builds trustworthy and reliable pathways between healthcare providers, health plans and CBOs providing critical resources in the community that address the social drivers of health. WYNYC brings together over 100 organizations offering various programs - such as food, housing, employment, health insurance, and sexual health services - across all five boroughs. These services and programs make it possible for New Yorkers to live their healthiest lives and ultimately reduce health disparities and advance health equity. To date, our network has already impacted thousands of lives through community partnerships and referrals, generating millions in estimated healthcare savings. New York State (NYS) recently announced the availability of $500M statewide to support Social Care Network (SCN) lead entities responsible for coordinating social care delivery in various regions across the state. Public Health Solutions (PHS) and our WYNYC network were awarded the role of regional SCN for Brooklyn, Manhattan, and Queens. This is a grant-funded position ending March 31, 2027. Program Description: The Information Security Analyst is responsible for supporting and maintaining the organization's information security and compliance program in accordance with applicable federal, state, and contractual requirements, including the NYS OHIP, Common Security Framework (CSF), and HIPAA Security practices. This position plays a critical role in safeguarding organizational assets by monitoring information systems, evaluating security controls, and coordinating incident response activities. The Analyst will collaborate closely with internal IT resources, the managed Security Operations Center (SOC), and external partners to ensure adherence to established policies, standards, and regulatory obligations. Key Responsibilities Regulatory Compliance and Risk Management Support and maintain compliance with OHIP PM-17 standards, NYS security requirements, HITRUST CSF, and HIPAA regulations. Participate in internal and external security audits, assessments, and certification readiness efforts. Document and maintain evidence of compliance activities, corrective action plans, and remediation tracking. Assist in the periodic review and revision of information security policies, standards, and procedures. Security Operations Monitor and respond to alerts generated through the organization's SIEM and security monitoring platforms, in coordination with the SOC. Investigate, triage, and document security incidents and vulnerabilities in accordance with established escalation protocols. Prepare and distribute regular security and compliance reports to IT leadership. Microsoft 365 and Azure Security Administer and maintain controls within the Microsoft 365 Security & Compliance Center, including data loss prevention (DLP), auditing, retention, and threat protection. Implement and review Azure Cloud security configurations, including conditional access, identity protection, and secure baselines. Monitor privileged access and ensure adherence to least-privilege and separation-of-duties principles. Coordination and Communication Serve as a liaison with the SOC and external vendors for incident response, threat intelligence, and log management activities. Collaborate with infrastructure, application, and compliance teams to align security practices with organizational objectives. Qualifications and Experience: Education: Associate or Bachelor's degree in IT, Computer Science, or related field or equivalent. Experience: Minimum of one (1) to three (3) years of professional experience in information security, cybersecurity operations, or IT compliance. Demonstrated knowledge of, NYS OHIP, and HIPAA compliance frameworks. Proficiency with Microsoft 365 Security & Compliance Center, Azure Security Center, and Defender for Cloud. Experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, LogRhythm) and associated reporting functions. Familiarity with security incident response, vulnerability management, and risk assessment methodologies. Strong written and verbal communication skills, with the ability to produce audit-ready documentation and reports. Other duties as assigned. Desired Skills: Professional certifications such as CompTIA Security+, CISSP, CCSK, Microsoft Certified: Security Operations Analyst Associate, or HITRUST CCSFP. Prior experience supporting compliance efforts within a public health, nonprofit, or governmental organization. Key Attributes for Success Strong eagerness to learn and develop new technical skills. A proactive and problem-solving mindset. Attention to detail and ability to document IT processes clearly. Ability to work both independently and collaboratively within an IT team. Willingness to take on new challenges in a fast-paced IT environment. Reports To: Information Security Manager Direct Reports: This position has no direct reports Benefits: • Hybrid Work Schedule. • Generous Paid Time Off and Holidays. • An attractive and comprehensive benefits package including Medical, Dental and Vision. • Flexible Spending Accounts and Commuter Benefits. • Company Paid Life Insurance and Disability Coverage. • 403(b) + employer matching and discretionary company contributions. • College Savings Plan. • Ongoing training and continuous opportunities for professional growth and development. At PHS, we place immense value on diversity within our teams, understanding that varied backgrounds and experiences significantly enhance our community and propel us toward our goals. If you find you don't have experience in all the areas listed above, we still encourage you to apply and share your background and experiences in your application. We are eager to discover how your unique perspective can bring positive transformations to our team and help advance our mission of creating healthier, more equitable communities. We look forward to learning more about you! PHS is proud to be an equal opportunity employer and encourages applications from women, people of color, persons with disabilities, LGBTQIA+ individuals, and veterans. 9am- 5pm 35 hours

St. John's, established in 1870, has two New York City campuses; international locations in Rome, Italy; Limerick, Ireland; and Paris, France; and study abroad locations around the world. The Princeton Review and other top rankings consistently recognize the University's outstanding academics, diverse student body, dynamic internship, and volunteer opportunities, focus on student life, and diverse study abroad offerings. St. John's University offers more than 100 undergraduate and graduate programs in its six colleges and schools, with a growing number of programs offered online. The University is accredited by the Middle States Commission on Higher Education and 12 other major academic and professional associations. A dedication to diversity, equity and inclusion is at the heart of our mission. As a Catholic and Vincentian university, St. John's is committed to institutionalizing practices of inclusive excellence to ensure that we welcome and celebrate the intrinsic worth of all members of our community. We will become an even stronger university as we enhance equity at every level of our institution. Our graduates will excel in the competencies and values needed for leadership and service in a rapidly evolving world. Department: Information Technology Specific Job Title: Information Security Analyst - Identity & Access Mgmt Focus Reports to: Associate Director, Systems & Security Architect Campus: Queens Job Summary: The Information Security Analyst is responsible for managing the security risk of the University's data and infrastructure and the user identity ecosystem. The candidate will oversee the implementation of the various security measures and tools, whether outsourced or in-house, and help safeguard technical assets against a cyber-attack. The role is highly collaborative, involving frequent interaction with various members in the IT organization. In addition to overseeing the implementation of various security measures and tools, the Analyst plays a key role in protecting user credentials, access privileges, and authentication systems, which includes supporting the Identity & Access Management (IAM) platform to ensure proper user provisioning, access governance, and role-based access control (RBAC) across systems. The role is highly collaborative, involving regular interaction with IT leadership, application owners, and external partners. The Information Security Analyst will monitor security threats, lead vulnerability remediation efforts, and support security operations while also contributing to the development and ongoing maintenance of the IAM lifecycle. The candidate will participate in any security investigations and incident management drills, helping analyze security-related data from a wide range of security products and devices. Essential Functions: * Manage the relationship with outsourced security vendors, including regular review of deliverables related to Identity Services controls and data access. * Provide directions to identify, design, and execute security projects that improve detection, response, and access control capabilities. * Collaborate with the Identity & Access Management team to ensure role definitions, access reviews, provisioning/deprovisioning processes, and segregation of duties policies are consistently applied. * Support IAM lifecycle processes by monitoring and assisting with the automation of user access provisioning, changes, and terminations. * Assist with the implementation and administration of IAM solutions, including role mining, entitlement reviews, and access certification campaigns. * Run periodic incident response drills and include identity compromise scenarios and credential misuse as part of test planning. * Assist with the integration of IAM services with systems such as Active Directory, cloud applications, learning management systems, and enterprise applications. * Ensure access governance by monitoring elevated/privileged accounts and supporting the implementation of least privilege policies and just-in-time access where applicable. * Review and respond to security alerts related to unauthorized access attempts, anomalous login behavior, or privilege escalation. * Analyze the impact of identity-related vulnerabilities, including misconfigured permissions and weak credentials, and assist with remediation. * Support security audits and compliance reporting by gathering identity and access data and providing evidence of policy adherence. * Monitor systems and logs for suspicious activity, especially related to identity compromise or misuse of credentials. * Manage cybersecurity awareness training, incorporating education around password hygiene, MFA, phishing, and identity theft. * Partner with HR and IT teams to ensure identity lifecycle events (onboarding, offboarding, transfers) are securely and accurately reflected in system access. * Participate in investigations and forensics activities involving identity compromise or unauthorized access. Competencies: The candidate should have: * Five to seven years of working within information security, with demonstrated experience supporting Identity & Access Management systems (e.g., SailPoint, Okta, Azure AD, or equivalent). * Strong understanding of user identity lifecycle management, directory services (e.g., LDAP, Active Directory), RBAC, and access governance principles. * Demonstrated experience with access reviews, entitlement management, and identity-related workflows. * Demonstrated technical capabilities and excellent understanding of systems, networking, and technology infrastructure, including Firewalls, VPN, DLP, Web-Proxy, DNS/DHCP * Technical capabilities in systems, networking, and infrastructure, including security platforms such as Firewalls, VPNs, DLP, Web-Proxy, and DNS/DHCP. * Familiarity with MFA, SSO, and federation technologies and protocols, such as SAML, OAuth, and SCIM. * Experience writing JavaScript or equivalent programming language * Knowledge of scanning and compliance tools (e.g., Tenable, Qualys) and identity risk scoring. * Familiarity with application security, encryption technologies, and current identity-related cyber threats. * Understanding of the NIST framework and the components of the framework to evaluate risk. * Organizational skills and attention to detail are critical, especially to managing open issues and items that are cross-team within the organization. * Demonstrated experience working in collaboration with a team as an effective team member. * Excellent interpersonal skills and ability to work with a diverse clientele. * Demonstrated ability to communicate effectively verbally and in writing. * Demonstrated ability to work independently. * Be able to exercise good judgment, logic, and troubleshooting skills to anticipate and solve problems independently. * Proven experience in handling multiple priorities simultaneously. * Ability to work a flexible work schedule, including evenings and weekends, when necessary. Work Environment: The candidate can work in a hybrid posture (mix of remote and on-site). Position Type/Expected Hours of Work: This position is full-time, Monday through Friday, 8:30 am to 4:30 pm. At times the candidate may be required to work later hours and/or weekends as needed in the event of any major issues. Required Education and Experience: * Completed a bachelor's degree program or higher in business, computer science, or equivalent field. * Non-bachelor's degrees are accepted with equivalent years of experience and relevant professional certifications. Additional Eligibility Qualifications: * CISSCP or other industry security certification a plus. In compliance with NYC's Pay Transparency Act, the annual salary range for this position is $83,600 - $94,050. St. John's University considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and organizational considerations when extending an offer. * Important Note- St. John's is NOT an E-Verify Employer St. John's offers a competitive compensation program which is commensurate with your qualifications, experience, and contingent upon the departmental budget. We also offer an extremely comprehensive benefits program to meet the diverse needs of our workforce. Along with exceptional benefits such as medical, dental, life insurance, long term disability insurance, tuition remission, generous 403(b) employer contribution, employee assistance program, and liberal paid time off policies, faculty and staff can also enjoy St. John's performing arts, libraries, bookstores, dining facilities, campus recreation and sporting events Any offer of employment is subject to receipt by St. John's University of satisfactory references, verification of employment and education. St. John's University is an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national or ethnic origin, age, status as an individual with a disability, protected veteran status, or any other characteristic protected by law.

Job Description Type: Full Time Overtime Exempt: Exempt Reports To: ARMADA HQ Travel Required: Yes Security Clearance Required: Active Secret Security Clearance ************CONTINGENT UPON AWARD*************** Duties & Responsibilities: Specialist, Information System Security III (SISS3) will conduct risk and vulnerability assessments of planned and installed systems to identify vulnerabilities, risks and protection needs; conduct systems security evaluation, audits, and reviews; determine the residual risk of a package based on package content and assessment results and documenting for the Security Controls Assessor's (SCA) and higher level review. Execute Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems. Examples include executing STIGs, SRGs, ACAS scanning, and applying patches assets to obtain cybersecurity compliance and remediate vulnerabilities. Specialist, Information System Security III (SISS3) will conduct systems security reviews, audits, or evaluations, as appropriate, to ensure accreditation documents are accurate and represent the current risk posture of the system. Perform analysis of logs, events, and reporting of various data collections tools including: vulnerability monitoring via Assured Compliance Assessment System (ACAS) and related tools, Host Based Security Systems (HBSS), web content filters, Security Information and event management (SIEM), firewall systems, network devices, server devices, workstations, and intrusion detection and prevention systems (ID/PS). Specialist, Information System Security III (SISS3) will assess impacts from observed risks and report via the Cybersecurity Program chain of command. Executing Security Assessment Plans (SAPs) by conducting on-site testing for afloat and PIT ashore systems. Examples include executing STIGs, SRGs, ACAS scanning, and applying patches assets to obtain cybersecurity compliance and remediate vulnerabilities. Perform the evaluation of system administrator, security engineer, and/or system owner proposed corrections to ensure compliance and best-fit solution. Specialist, Information System Security III (SISS3) will present and submit data to management, develop reports, and produce procedural documentation in a comprehensive and cohesive manner. Perform risk management and security engineering for Research, Development, Testing, and Evaluation (RDT&E) RMF Afloat systems include Information Assurance Vulnerability Management (IAVM) support, remediation, patching, scanning and associated boundary maintenance. Specialist, Information System Security III (SISS3) will document residual risks in a plan of actions and milestones formatted in compliance with the current package system, currently eMASS. Specialist, Information System Security III (SISS3) will maintain current vulnerability scan data and residual risk plan of actions and milestones in Vulnerability Remediation Asset Manager (VRAM). Manage, attend, and support configuration control board practices. Create and verify the accuracy of POA&Ms/RARs as identified by vulnerability actual test results. Specialist, Information System Security III (SISS3) shall write technical documentation such as user manuals, reports, documentation, policies, presentations, Plan of Action and Milestones (POA&Ms), risk assessments, proposals, outlines, and summaries in support of both ashore and afloat systems across multiple platforms. Support developing of technical documents across multiple platforms including configuration management, milestone, issue tracking, web site content management and RMF documentation. Specialist, Information System Security III (SISS3) may be required to travel CONUS (any state in USA) and OCONUS (primarily Japan, and any country in Europe). The estimated number of trips is 14 per year (estimated 25%-30% travel). Other duties as assigned. Knowledge, Skills, and Abilities (KSAs): Ability to travel CONUS (any state in USA) and OCONUS (primarily Japan, and any country in Europe). Proficient in Microsoft Windows Operating System Administration, including Windows 11, Windows 10, Windows 7, and Windows XP (at a minimum). Ability to work as a team member, communicate, perform office functions and use office tools, customer focused and deliver exceptional performance. Possess excellent organizational and file management skills and the ability to plan and execute administrative work with little supervision. Possess excellent oral and written communication skills. Required Certifications: Minimum of one (1) IAT Level II listed certificate required: CompTIA Security+ (CE) CompTIA CySA+ GIAC Security Essentials (GSEC) ISC² SSCP (Systems Security Certified Practitioner) Minimum/General Experience: Five (5) years of experience in the following: Cybersecurity, Engineering, Test and Evaluation (T&E) or Authorization and Assessment (A&A) (formerly C&A) related field. Information Assurance tools such as Defense Information Systems Agency (DISA) Enterprise Mission Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS). Command line interface, PowerShell, and performing automated tasking through use of code. Minimum Education: College degree in any technical discipline from an accredited college or university. Disclaimer: The above information has been designed to indicate the general nature and level of work to be performed. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of the contractor assigned to this position. Applying: If you feel you have the knowledge, skills and abilities for this position visit our careers page at ****************** Special Notes: Relocation is not available for these jobs ARMADA provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ARMADA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Must be able to successfully pass a background check, and pre-employment drug testing. Job offers are contingent upon results of background check and drug testing.