Cyber security analyst jobs in Wichita Falls, TX

Cybersecurity Analyst (FTE, Onsite Houston) Our client is an Oil & Gas Security professional to support day-to-day security operations, tool deployment, and infrastructure improvements. Contract-to-hire: 6 months contract, converting to FTE after this period. Responsibilities: Deploy, configure, and enhance cybersecurity tools. Support operations across firewalls, EDR, PAM, vulnerability management. Collaborate across departments to enhance security posture. Requirements: Familiarity with tools like CrowdStrike, CyberArk, Rapid7, Zscaler, Security Onion. Hands-on knowledge of firewalls, network security, endpoint protection. SANS/GIAC certs preferred Please apply with an up-to-date resume

The Mid-Level Cyber Analyst plays a key role in securing enterprise systems through proactive monitoring, advanced threat analysis, and incident response. The role involves collaboration with IT, engineering, and compliance teams to improve the organization's overall security posture. Key Responsibilities Lead analysis of complex security incidents and drive incident response efforts. Develop detection rules, tuning SIEM use cases, and creating actionable alerts. Conduct vulnerability assessments and partner with infrastructure teams for remediation. Support endpoint detection and response (EDR) and network intrusion detection (NIDS/NIPS) tuning. Perform threat hunting and forensic analysis to identify indicators of compromise (IoCs). Assist in designing and implementing security controls for new technologies or projects. Mentor junior analysts and support continuous process improvement in SOC operations. Qualifications Bachelor's degree in Cybersecurity, Computer Science, or related discipline. Must be a US Citizen or Permanent resident 3-5 years of experience in security operations, incident response, or network defense. Expertise with SIEM tools (e.g., Splunk, Sentinel, QRadar), EDR, and vulnerability management platforms. Knowledge of MITRE ATT&CK framework and common attack vectors. Certifications such as CompTIA CySA+, CEH, GCIH, or CISSP (in progress) preferred. Strong analytical, scripting (Python, PowerShell), and communication skills.

Work involves assisting in supervision and service delivery control of the TxDOT Cybersecurity Operations tools team comprising of seven (8) staff augmentation contractors. Employee will ensure real-time data, metrics, and correlated incident input to the CSOC Incident Response Team. Works under minimal supervision, with extensive latitude for the use of initiative and independent judgment. DUTIES Employee will assist in supervising and managing the TxDOT Cybersecurity Operations Tools Team; will work under the management of the TXDOT Cybersecurity Officer; will be responsible for administration, maintenance, and resilience of Cybersecurity tools; real-time data, metrics, and correlated incident input to the CSOC Manager for use in daily monitoring and incident response; and support of daily operations and incident response activities. Employee will provide tooling input for end of month and annual reporting requirements as dictated by TxDOT. As appropriate, Employee will provide recommendations for improvements in daily operations, resilience, and Cybersecurity operational maturity. Employee will be responsible for planning and management of tooling deployment and operating\managing the security tool sets. Employee will be responsible for assisting in managing ongoing agency cybersecurity programs (e.g. Tabletop exercises). Team members will provide services in the following areas: • Custom Managed Scanning Services • Custom Managed Endpoint Protection • Managed CISCO Secure Network Analytics Service • Security Information and Event Management (SIEM) administration Years Skills/Experience 8 years' Technical Team Management experience 8 years' Deployment and configuration of Network Security monitoring and incident response tools (EDR, Scanners, SIEM, Netflow, etc) 8 years' Administration of Network Security monitoring and incident response tools (EDR, Scanners, SIEM, Netflow, etc) 8 years' Participation and experience in intrusion detection and incident response activities 8 years' Effective, professional business communication and reporting Years Skills/Experience 8 years' Experience with the CISCO security suite of tools 8 years' Experience with Microsoft EDR tools 8 years' Experience with Microsoft Sentinel 8 years' Experience with the Tenable suite of tools

One of our key clients within the financial industry is looking for a Red Team Cyber Security Engineer for a full-time position. This position will be 2 days on-site in Chicago or Dallas and 3 days remote. Please note, only US citizens or Green-card holders are eligible for this position. Job Description: Perform cloud assessments, web application penetration testing and mobile application testing Carry out reviews of security, network, applications, and cloud environments Plan/Design security activities with automation as the primary driver to align with the security strategy Ensure alignment of security controls, supporting services and related policies with regulations and industry-standard best practices Assist management with the improvement of policy/procedure to support Cloud Security Engineering Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Experience required: Penetration Testing experience within Network, Application, Web Application or Mobile Applications Experience cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong experience with custom scripting (python, PowerShell, bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys etc. Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with using ServiceNow is a plus. We look forward to receiving your application!

Bachelor's degree in Computer Science, Cybersecurity, or related field. 3+ years of experience in DevOps, Security Engineering, or related roles. 2-3 years of security experience. Overall, 6 years Strong understanding of CI/CD tools (e.g., Jenkins, Harness). Development knowledge on Java, Python, .Net, etc Experience with security tools (e.g., Veracode, GHAS, Orca). Proficiency in scripting languages (e.g., Python, Bash). Familiarity with containerization and orchestration (Docker, Kubernetes). Knowledge of cloud platforms (AWS, Azure, GCP) and their security features. Understanding of secure coding practices and application security principles. Knowledge of Infrastructure as Code (Terraform, Ansible).

• DevSecOps' expertise in building and supporting security solutions for Windows, Linux, above mentioned platforms, including services such as Enterprise Vulnerability Management, data protection, privacy and compliance, network protection. • Building and deploying security solutions using technologies such as Docker, Kubernetes, and GIT Hub. • Experience in low code environments such as Appian and Microsoft Power Platforms is mandatory. • Experience with Alteryx ETL and Workflow Designer platform is plus. • Experience with Identity and Access, Endpoint, Vulnerability management and other cybersecurity automation workflows. • Experience writing Automation scripts in Python and deploying them leveraging APIs. • Experience with AI enabled automation workflows. • Experience with Agile methodology and Atlassian tools including JIRA and Confluence. • Communicating with various audiences, including business leaders, engineers, clients, and team members, with excellent ability to convey information that is relevant to the audience. • Written communication for excellent documentation and reporting. • Outstanding teamwork across multidiscipline plan-build-run teams. • Applying your understanding and expertise with systems automation platforms and technologies. • Automating security controls, data, and processes to provide metrics and operational support. • Employing cloud-based APIs when suitable to integrate and orchestrate across various systems in the automation workflow. • Developing and delivering solutions using Agile methodology. “Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of - Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”

Network Security Analyst III (Deputy Lead - CSOC Tooling Team) Austin, TX 78744 (Onsite) Long-Term Contract Schedule: Monday-Friday, 8:00 AM - 5:00 PM USC or GC due to fingerprinting and must be located in Austin, TX Seeking an experienced Network Security Analyst III to serve as a Deputy Lead within its Cyber Security Operations Center (CSOC) Tooling Team. This role is a hands-on technical leadership position responsible for supporting enterprise security tooling, coordinating deployments, managing projects, and serving as a key liaison between cybersecurity teams. The Deputy Lead will report directly to the Cybersecurity Officer and will act as a backup to the Tooling Team Lead while helping ensure the effective operation and continuous improvement of GTS's security monitoring and incident response capabilities. CSOC Environment The CSOC operates under two primary functions: Incident Response Tower (24/7 operations) Tooling Team, which includes: Vulnerability Management SIEM Cloud Security Cybervision Network Analytics This position sits within the Tooling Team and plays a critical role in supporting and enhancing cybersecurity tools across the enterprise. Key Responsibilities Serve as Deputy Lead for the CSOC Tooling Team, providing leadership support and operational continuity Assist the Tooling Team Lead with task assignment, progress tracking, and reporting Lead and support hands-on deployment, configuration, and administration of network security monitoring and incident response tools Coordinate and manage security tooling projects, ensuring timelines, deliverables, and quality standards are met Collaborate with Incident Response, Security Governance, and other internal teams to align tooling and security initiatives Support intrusion detection and incident response efforts through tool optimization and analysis Deliver clear, concise business and technical communications, including executive-ready status reports and documentation Participate in tooling strategy, enhancement planning, and continuous improvement initiatives Must pass a Criminal Justice Information Systems (CJIS) background check upon hire. Note: This role focuses on technical leadership and operational oversight; personnel hiring and termination responsibilities are handled separately. Required Qualifications 8+ years of experience in technical team leadership or management 8+ years of hands-on experience deploying, configuring, and administering network security monitoring and incident response tools Strong background in intrusion detection, threat analysis, and incident response Proven experience managing security tooling projects in complex enterprise environments Excellent written and verbal communication skills, with the ability to communicate effectively with both technical and non-technical stakeholders

The CSOC Operations Engineer III position is a technical leader responsible for the tactical execution of incident response, threat detection and continuous improvement of solutions which defend and protect our computer systems, information, and networks from intentional or unintentional access, modification, or destruction. This position is responsible for technical leadership in the design, planning, documenting and support of projects and cyber security solutions for the company. This position needs to intently focus on prioritization and always seek the improvement of processes and tools, providing recommendations to engineering and architecture teams. A successful CSOC Operations Engineer III will have a multidisciplinary background beyond cyber security, with advanced knowledge in fields such as client and server systems, networking, and application development. This position will also be responsible for ensuring systems and processes follow regulatory requirements, such as PCI-DSS, HIPAA and SOX. This position is responsible for the mentorship of other IT staff and performs third level support for incidents and issues. Major functions for this position Cyber Security Incident Response - 15% of total job Lead Cyber Security Incident Response as an incident owner, direct incident response activities, provide real-time decision making and communicate with the incident commander. Function as a threat hunter, working proactively to seek out weaknesses and stealthy attackers, conducting penetration tests and reviewing vulnerability assessments. Continuously develop and improve security technologies, focusing on the development of automation and orchestration capabilities as it relates to incident response. Coordinate documentation of activities during an incident and provide status updates to the incident commander during the life cycle of the incident. Participate in post-mortem collections and after-action reviews to identify and remediate gaps in processes and technologies. Participate in regular table-top sessions with the CSIRT and E-CSIRT teams to evaluate readiness, address changes in company, external cyber security threats and impact. Participate in after action reviews to identify and remediate gaps in process or technologies. Cyber Security Infrastructure Operations - 60% of total job Serve as an escalation point for all cyber security infrastructure operational issues during business hours and on-call for junior members of the team. Provide third tier support and subject matter expertise for all cyber security technologies and solutions. Work with the CSOC Principal and Manager to provide the team with tactical direction of operational technology capabilities focused on continuous improvement. Guide Security Engineering with necessary support as needed during IT projects with Cyber Security needs. Ensure project transitions meet CSOC operational standards for needed functionality, prevention, monitoring, detection, and response. Cyber Security Threat Operations - 15% of total job Perform third tier analysis of exploits such as malware, network intrusions, and unauthorized use to help determine attack-surface, patient zero, and possible pivot-points for escalation. Provide technical leadership to the team and guidance in investigating escalated notable/suspicious events and the latest investigation techniques, containment and mitigation methods, evidence handling standards, threat intelligence, playbook development and case documentation best practices. Participate in the Cyber Security Risk Scoring process to include scoring risks, providing remediation or compensating control guidance and risk remediation/mitigation validation. Stay current on monitoring, detection, prevention, analysis, and investigation techniques/tools and adversary techniques, to implement recommendations for improving cyber security event processes, procedures and tooling. Participate in regular technical table-top sessions with the cyber security teams to evaluate readiness, address changes in company, external cyber security threats and impact. Participate in after action reviews to identify and remediate gaps in process or technologies. Technical Leadership - 10% of total job Provide leadership and mentoring to IT staff in the following manner. Coordinate or lead necessary training to develop staff. Ensure that appropriate technology is implemented in the appropriate manner. Provide timely and effective communication of changes to processes and technologies. Maintain technical competence and relevance on existing and emerging cyber security, infrastructure, and automation technologies. Conceive, define, develop, and deploy tools/processes which help automate our cyber security technologies to produce higher business value. Help develop cyber security awareness content and provide education on security policies and practices both internal and external to the group. Routinely evaluate documentation provided by Security Engineering staff to ensure complete coverage of required diagrams, support articles, and other necessary documentation. Position Specifications: The required specifications (education, experience, and skills) are those that the employee must have to hold the position. Applicants applying for this position must possess the required specifications in order to be considered for the job. The desired specifications are those that are not required for the employee to hold the position, but the employee should try to obtain the desired education, experience, and/or skills to be effective and successful in the position. Required education: Bachelors in relevant field or the equivalent combination of education and experience. Desired education: Bachelor's degree in Cyber Security or a degree in a technology related field. Multiple industry certifications in Security, Systems Administration, and/or Networking, such as CISSP, GDSA, CCNP Security, or PCNSE. Required experience: Minimum of 8 years of progressive experience with cyber security technology design, administration or incident response in large, complex environments, particularly in multi-region retail. Advanced expertise in cryptography, network defense, endpoint protection, forensics, data protection, and incident response. Advanced understanding of data center technologies and concepts including services, security, infrastructure design, disaster recovery practices. Advanced level troubleshooting of IT systems. In depth knowledge of compliance standards such as HIPAA, PCI, and SOX. Experience mentoring, training, and developing other IT staff. Desired experience: Advanced experience in all aspects of cyber security technologies and knowledge in supporting and building large, complex cyber security environments. Experience planning and implementing a technical backlog to drive continuous improvement of technology and practices. Required skills: Advanced knowledge of multiple cyber security technologies, including next generation firewalls, IDS/IPS, network access control, email and web security, digital forensics, endpoint detection and response, vulnerability scanning and analysis, data protection, credential vaulting, certificate management, Multi-Factor, access brokering, SIEM, public cloud compliance and Cybersecurity automation and orchestration technologies. Advanced experience in planning and tracking the execution of large and complex projects or other efforts. Experience in scripting or software development. The ability to communicate effectively to both business and IT staff in a professional manner. Desired skills: Working experience with Active Directory and Microsoft and/or Linux OS, networking, identity and access management, wireless networking and security, penetration testing, incident response, and application security methodologies. Understanding of encryption systems and methodology. Advanced experience in software development or secure coding techniques. This position will require shift work that could include weekends and nights as dictated by support needs. On call 24/7. Must have knowledge of many areas and be able to switch between them rapidly. Must be able to work under pressure and provide guidance to Information Technology and business users during a crisis. This position will require ability to maintain absolute confidentiality of information or events due to the sensitivity of their natures.

Hi All, *** Greetings from My3tech *** Role: Data Security Analyst 2 Duration: 6+ Months Minimum Qualifications Years Skills / Experience 3 Experience in a GRC, cybersecurity, or compliance role 3 Hands-on experience with GRC platforms (Diligent preferred) Strong understanding of NIST CSF 2.0, HIPAA, and state-level frameworks (Texas Cybersecurity Framework) Experience designing workflows and notifications within GRC tools Excellent communication and stakeholder engagement skills Preferred Qualifications Years Skills / Experience Familiarity with risk management methodologies Certifications such as CISA, CRISC, CISSP, or CGRC

**Our Client:** A leading provider of innovative AI and cybersecurity solutions is seeking an **AI Security Engineer (Generative AI Focused)** to support a **global automotive industry client**. This contract role involves securing a next-generation **Chat GPT-like conversational AI platform** designed for the client's website to enhance customer engagement, support, and service automation. **Position:** AI Security Engineer (Generative AI Focused) **Duration:** Contract 1-2 Year] **Location:** Plano, Texas, United States **Work Arrangement:** Hybrid **Role Summary:** Our automotive industry client has deployed a **generative AI-powered chatbot** to streamline customer interactions, provide real-time support, and improve user experience on their website. As the AI Security Engineer, you will ensure the **security, compliance, and resilience** of this AI system, protecting sensitive customer data and preventing adversarial attacks. You'll collaborate with AI/ML teams to secure the platform's infrastructure, develop threat detection mechanisms, and align with automotive industry cybersecurity standards (e.g., ISO 26262, SAE J3061). **Key Project Focus:** - Securing a **customer-facing generative AI chatbot** for automotive service inquiries, sales support, and personalized recommendations. - Ensuring compliance with **automotive-specific regulations** and data privacy laws (e.g., GDPR, CCPA). - Mitigating risks related to AI model poisoning, data leakage, and adversarial prompts in a high-traffic web environment. **Responsibilities:** - Assess the Chat GPT-like AI platform for vulnerabilities in model architecture, training data, and deployment pipelines. - Design and implement security controls to protect customer data, AI models, and backend APIs (e.g., OAuth, encryption). - Integrate security into the AI development lifecycle (DevSecOps) for the automotive chatbot project. - Conduct penetration testing and red-team exercises to simulate adversarial attacks on the generative AI system. - Develop real-time monitoring solutions for detecting anomalies, data manipulation, or unauthorized access in the chatbot's workflows. - Partner with automotive IT teams to secure cloud infrastructure (AWS/Azure) and containerized environments hosting the AI platform. - Provide security training to cross-functional teams on responsible AI usage and compliance in the automotive sector. **Ideal Candidates Will Have:** - Experience securing **customer-facing AI chatbots** or generative AI systems in regulated industries. - Familiarity with **automotive cybersecurity frameworks** (e.g., ISO 26262, SAE J3061) and data privacy standards. - Hands-on expertise in **adversarial machine learning**, prompt injection attacks, and model hardening techniques. - Proficiency in securing **cloud-native AI pipelines** (AWS SageMaker, Azure ML) and containerization (Kubernetes, Docker). - Knowledge of **NLP security challenges** (e.g., data bias, content generation risks) in conversational AI. **Required Skills/Experience:** - Bachelor's/Master's in Computer Science, Cybersecurity, or related field. - 3+ years in AI/ML security, with a focus on **generative AI (LLMs, transformers)** and automotive/digital services. - Strong Python/R programming skills for security automation, threat modeling, and AI model analysis. - Certifications: CISSP, CISM, CEH, or GIAC (preferred). - Experience with **automotive customer service systems** (e.g., CRM integration, chatbot workflows). Azure Enterprise enviroment, AWS Cloud Services Enviroment. **Other Skills:** - Understanding of **automotive business processes** (sales, service, customer support). - Ability to communicate technical risks to non-technical stakeholders in an automotive context. - Familiarity with **OTA updates** or secure deployment of AI models in connected vehicle ecosystems. **Important Notes:** - The project involves close collaboration with the client's automotive IT, AI development, and customer experience teams. - Travel to automotive client sites may be required for security audits or incident response.

The IT Network/Security Analyst is responsible for safeguarding and supporting the organization's IT infrastructure by blending network operations expertise with cybersecurity best practices. This hybrid role ensures both the reliability of network services and the protection of data across enterprise systems and cloud services. The analyst will monitor, analyze, and respond to incidents while maintaining the performance, availability, and security of network systems in a dynamic threat landscape. Duties and Responsibilities: Network Operations & Monitoring Monitor and support daily network operations, ensuring uptime, availability, and performance across routers, switches, firewalls, VPN's, and other network components. Continuously monitor network traffic and performance metrics, using NMS (Network Management Systems), IDS/IPS, and SIEM tools to identify anomalies, outages, or threats. Collaborate with customers to optimize configurations and resolve connectivity issues impacting business operations. Travel as required (up to 25%) to support field locations. Incident Response & Troubleshooting Investigate, contain, and remediate cybersecurity incidents involving network components (e.g., DDoS attacks, unauthorized access, malware propagation). Perform root cause analysis on network-related issues and security events to reduce recurrence and improve resilience. Participate in on-call rotations for critical incident response. Network Security Administration Configure and maintain network devices i.e. firewalls, routers, switches, access points with an emphasis on security hardening and policy enforcement. Implement and support network segmentation, access controls, and VPN technologies to protect sensitive data. Oversee security patching and firmware upgrades across network infrastructure. Vulnerability & Compliance Management Conduct vulnerability assessments and penetration testing on network systems, tracking and remediating identified weaknesses. Support compliance with frameworks such as NIST or CIS as they apply to both network and security operations. Assist with periodic audits, reporting findings, and driving corrective actions. Threat Intelligence & Reporting Stay up to date on evolving attack vectors, especially those targeting enterprise networks. Leverage threat intelligence to proactively adjust network defenses. Produce operational dashboards and executive-level reports detailing network health, incidents, and security posture. Collaboration & Training Work closely with IT infrastructure, Security Architect, and Application teams to integrate security into network design and operations. Provide guidance and training to IT staff and end-users on secure network practices, phishing awareness, and incident reporting. Knowledge, skills, and abilities: Technical Knowledge Strong foundation in networking protocols (TCP/IP, BGP, OSPF, VLANs, DNS, DHCP) and enterprise network architectures. Hands-on experience with network monitoring and analysis tools (e.g., Wireshark, SolarWinds, Nmap, Nessus). Familiarity with security technologies such as SIEM (Splunk, ELK) a plus. Hands-on experience with enterprise network firewalls and network equipment. Experience with enterprise endpoint protection. Understanding of threat detection, DDoS mitigation, VPNs, and secure remote access. Familiarity of compliance requirements Sarbanes-Oxley Act of 2002 (SOX) as they apply to both network and security operations. Skills Proficiency in troubleshooting complex network and security issues in enterprise environments. Strong analytical mindset with the ability to distinguish between performance-related issues and security threats. Clear communication skills for cross-team collaboration and reporting to both technical and non-technical audiences. Effective multitasking and prioritization in 24/7 operations environments. Abilities Ability to balance proactive network performance management with rapid cyber threat response. Commitment to continuous learning in both network operations and cybersecurity trends. Adaptability to shifting operational demands and evolving attack landscapes. Strong teamwork skills with the discretion to handle sensitive information responsibly. Education and Experience Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field (or equivalent practical experience) preferred. 3-5 years of combined experience in network operations and cybersecurity, with at least 2 years in a security-focused network role preferred. Relevant certifications highly desirable, such as: Network-focused: CCNA, CCNP, CompTIA Network+ Security-focused: CISSP, CompTIA Security+, CEH, GIAC (GCIA, GCIH) Equal Opportunity Employer Prospective employees will receive consideration without discrimination because of race, color, religion, marital status, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, veteran status, disability, or genetic information.

Glocomms is partnered with an integral financial services corporation seeking a Security Engineer focused on Privileged Access & Automation to design and maintain secure authentication, authorization, and secrets management systems across on-prem and cloud environments. This role focuses on privileged access management, security architecture, and automation, leveraging AI-based capabilities to ensure operational integrity and compliance. Responsibilities Implement and manage privileged access systems (CyberArk, HashiCorp Vault) and secrets lifecycle management. Design and support authentication/authorization frameworks (Active Directory, oAuth 2.0, OIDC, AWS IAM, PKI, certificates). Maintain operational integrity through patching, version control, upgrades, troubleshooting, and break-fixes. Apply security as code principles using Terraform, Ansible, Jenkins pipelines, and CI/CD deployments. Develop automation scripts in Go, Bash, Python, PowerShell for secure integrations. Integrate AI-based security capabilities for detection, remediation, and automated workflows. Collaborate cross-functionally with engineering, cloud, and compliance teams; participate in 24x7 operational support. Qualifications 5+ years in security engineering, architecture, or operations within complex environments. Hands-on experience with CyberArk, HashiCorp Vault, PKI, and privileged access methodologies. Strong knowledge of Active Directory, Kerberos, LDAPS, oAuth 2.0, OIDC, and AWS IAM. Familiarity with Kubernetes security, HSMs, and cloud ecosystems. Proficiency in Go, Bash, Python, PowerShell; experience with Terraform, Ansible, Jenkins. Understanding of security architecture principles, confidentiality, integrity, availability, and compliance frameworks. Exposure to AI-enabled security tools and automation strategies preferred. This is a hybrid role requiring 3 days per week onsite in Dallas, TX. Candidates must be fully authorized to work in the United States. Unfortunately, visa sponsorship is not available for this role. Applications must include candidate's full name (first and last) and contact information in order to be considered.

The Senior InfoSec GRC Analyst is responsible for driving the development, implementation, communication, and maintenance of technology policies, standards, and procedures that are aligned to industry standards and regulatory requirements. This role ensures that technology processes adhere to regulatory requirements, manage risks effectively, and establish strong governance practices. The position also develops and implements controls, monitors compliance, and supports risk management activities. Responsibilities: Lead the development and implementation of comprehensive cybersecurity and IT policies, standards, and guidelines. Continuously evaluate and update cybersecurity and IT policies to ensure they remain current and effective. Ensure policies comply with relevant laws, regulations, and industry standards (e.g., NIST, FFIEC, GLBA, NYDFS, SOX, PCI-DSS). Collaborate with cross-functional teams, including IT, legal, compliance, and business stakeholders, to ensure cybersecurity policies align with organizational objectives. Translate complex information and documentation into clear and simple concepts for end-users. Provide specialized expertise to perform framework-oriented risk assessments, identify deficiencies, generate reports, and recommend actionable solutions to mitigate risks and strengthen overall security posture. Stay informed about the latest cybersecurity threats, trends, and best practices. Maintain accurate and up-to-date records of policy reviews, risk assessments, training activities, and incident responses. Benchmark policies against industry standards and best practices. Develop and implement governance frameworks for cybersecurity policy management. Monitor key performance indicators, conduct gap analyses and risk assessments, and implement frameworks as needed. Test and monitor the effectiveness of controls. Establish feedback loops and analyze metrics to continuously improve cybersecurity policies based on audit findings, incident reviews, and emerging threats. Lead and support internal and external audits and assessments of cybersecurity policies and practices. Ensure identified audit and assessment findings and actions are tracked to closure. Maintain comprehensive documentation of all cybersecurity policies, procedures, and related activities. Communicate policy requirements and updates to relevant stakeholders. Identify opportunities for innovation and improvement in cybersecurity policies and practices. Propose mitigation strategies and verify the effectiveness of remediation plans. Requirements: Bachelor's Degree in Information Security, Computer Science, Information Technology, or a related field (preferred). Minimum of six (6)+ years' experience working in Cybersecurity GRC, policy development, risk management, or a similar field. Experience with GRC tools (e.g., Archer, ServiceNow, OneTrust). Proficiency with data analysis and reporting tools (e.g., Excel, Power BI). Relevant certifications such as CISM and/or CISA (highly desirable). Strong knowledge of regulatory frameworks (NIST, FFIEC, GLBA, NYDFS, SOX, PCI-DSS). Understanding of risk management concepts, control frameworks, and compliance auditing. Ability to provide consultation and recommendations to management. Strong communication skills with the ability to present effectively to both technical and non-technical audiences.

We are seeking a highly skilled Security Engineer with hands-on experience working with Transmit Security's Mosaic SaaS Tool and Flex ID. The ideal candidate will be responsible for designing and implementing seamless and secure identity journeys, leveraging state-of-the-art Passwordless and frictionless authentication capabilities. Key Responsibilities Design and implement identity user journeys using Transmit Security's Mosaic SaaS Tool. Deploy and configure Flex ID to enable passwordless, frictionless identity experiences. Collaborate with security architects, developers, and product teams to integrate authentication flows into web and mobile applications. Ensure robust identity and access management (IAM) implementations using industry best practices. Leverage protocols and standards such as SSO, MFA, OAuth2, OpenID Connect, and SAML to orchestrate secure identity flows. Monitor, troubleshoot, and optimize identity workflows for performance and security. Document technical solutions and provide knowledge transfer to internal teams. Required Qualifications ✅ Proven experience building and optimizing authentication workflows with Transmit Security's Mosaic platform. ✅ Hands-on expertise with Flex ID for enabling passwordless and frictionless identity verification. ✅ Strong understanding of IAM concepts, including SSO, MFA, identity federation, and orchestration. ✅ Demonstrated ability to work in cross-functional teams, solving complex technical problems collaboratively. ✅ Experience with identity protocols: OAuth2, OIDC, SAML, etc. ✅ Strong communication and documentation skills. Preferred Qualifications Experience integrating identity services with CI/CD pipelines or DevOps environments. Familiarity with customer identity and access management (CIAM) and privacy regulations (e.g., GDPR, CCPA). Background in cybersecurity, software engineering, or cloud architecture.

AI Security Engineer (Generative AI Focused) Plano, Texas, United States Contract We're looking for an experienced AI Security Engineer to join us, someone skilled in both artificial intelligence (AI) and cybersecurity. This role focuses on ensuring the security and integrity of AI systems and applications. Requirements Qualifications to be Successful: Strong understanding of AI technologies and security vulnerabilities. Experience with machine learning, neural networks, and AI methodologies. Knowledge of cybersecurity principles, frameworks, and standards. Proficiency in Python or R, common languages used in AI. Minimum Qualifications: Bachelor's degree in computer science, information security, or related field (advanced degree preferred). 3+ years of cybersecurity experience, with a focus on securing AI systems. Strong understanding of machine learning techniques, algorithms, and AI frameworks. Familiarity with cybersecurity standards, regulations, and compliance requirements. Hands-on experience with security tools and technologies. Proficiency in programming languages used in AI development. Excellent analytical, communication, and interpersonal skills. Relevant certifications such as CISSP, CISM, CEH, or GIAC are beneficial. Experience with cloud computing and containerization technologies is desirable. Thanks, Vikas. ************************

Job Posting Title: Cloud Security Engineer - SRE We are seeking a skilled and motivated Cloud Security Engineer - SRE to join our dynamic team. The ideal candidate will possess a strong technical background in systems administration, cloud computing, and infrastructure as code, with a particular focus on solution engineering/site reliability. This role will involve collaborating with cross-functional teams to enhance our security posture and streamline processes through automation. Technical Skills • Programming and Scripting: Strong proficiency in languages like Python, Go, Bash, or Ruby. SREs often need to write automation scripts and build tooling. • Systems Administration: Deep understanding of operating systems (Linux/Unix), file systems, processes, and system configurations. • Infrastructure as Code (IaC): Experience with IaC tools like Terraform, Ansible, or Chef to manage infrastructure. • Cloud Computing: Knowledge of cloud platforms such as AWS, Azure, or Google Cloud Platform, including services like EC2, S3, Kubernetes, and serverless functions. • Containers and Orchestration: Expertise in containerization (Docker) and container orchestration (Kubernetes, OpenShift). • Networking: Understanding of networking concepts, including DNS, firewalls, load balancing, and VPNs. • Monitoring and Observability: Experience with monitoring and observability tools like Prometheus, Grafana, Datadog, or New Relic. Ability to set up and maintain monitoring dashboards, alerts, and logs. • Continuous Integration/Continuous Deployment (CI/CD): Familiarity with CI/CD tools like Jenkins, GitLab CI, GitHub Actions, or CircleCI. • A strong understanding of HashiCorp Vault and Terraform will make you stand out. 2. Problem-Solving and Troubleshooting • Incident Management: Ability to manage and respond to incidents, perform root cause analysis, and implement post-mortem reviews. • Automation: Focus on automating repetitive tasks to improve efficiency and reduce human error. • Performance Tuning: Skills in identifying and resolving performance bottlenecks in systems and applications. 3. Collaboration and Communication • Teamwork: Ability to work closely with cross-functional teams, including software engineers, product managers, and DevOps teams. • Documentation: Skill in creating clear and comprehensive documentation for systems, processes, and incident reports. • Communication: Effective communication skills for interacting with stakeholders and explaining technical concepts to non-technical audiences. 4. Reliability and Scalability • Service-Level Objectives (SLOs) and Service-Level Agreements (SLAs): Understanding of setting, monitoring, and maintaining SLOs and SLAs for system reliability. • Scalability: Knowledge of best practices for designing and scaling systems to handle increased loads and demands. • Redundancy and Resilience: Experience in designing systems with redundancy and fault tolerance to minimize downtime. 5. Security and Compliance • Security Best Practices: Understanding of security principles, such as access control, data encryption, and secure coding practices. • Compliance: Familiarity with compliance standards like GDPR, HIPAA, or PCI-DSS, depending on the industry. Minimum Job Qualifications: • Bachelor degree in business or equivalent work experience • 10 years of previous program leadership and/or relevant consulting experience • Knowledge of and demonstrated experience in program management framework, knowledge groups & life cycle • 5+ years' experience in driving large scale data center consolidation efforts • Minimum 5 years' experience with matrix management of cross-functional processes and teams • Proficient with Project Management tools

An exciting opportunity for an experienced Cloud Security Engineer to join a global SaaS company, in a hyper growth stage. This is a crucial customer-facing role where you will be instrumental in designing, implementing, and securing complex cloud environments for clients across Google Cloud Platform (GCP), Microsoft Azure, and Amazon Web Services (AWS). Key Responsibilities: Cloud Security Operations Perform penetration testing activities Network Security Expertise Firewall & WAF Management SaaS Security Best Practice SIEM Integration & Optimization Customer Engagement & Presentation Requirements: 8+ years of cybersecurity experience 4+ years cloud security engineering Strong expertise with Google Cloud Platform (GCP) Strong practical experience with Microsoft Azure and AWS Expertise in SaaS applications Demonstrable experience with firewall management and WAFs Hands-on experience with SIEM platforms CISSP Certified

Fidelity Investment is currently seeking a CLoud Security Engineer with our client WestLake, Tx ANd Merrimack NH . This is a 6+ month contract position. This role focuses on engineering and enhancing security capabilities within large-scale Azure cloud environments. The position involves designing and deploying cloud security controls, building integrated workflows across IaaS, SaaS, and PaaS services, and ensuring strong security and compliance across cloud-native stacks. Responsibilities include defining guardrails, implementing security policies, supporting cloud deployments, and helping maintain an optimized risk posture across the Azure ecosystem. Candidates typically bring 6-9 years of experience in infrastructure, security, and compliance, with a strong background in Azure services and hands-on experience in areas such as cloud account configuration, CI/CD pipeline development, scripting (Python preferred), Azure networking, IAM/RBAC, and security services like Security Center, Key Vault, and Log Analytics. Success in this role requires the ability to work independently, interpret technical documentation, collaborate across engineering groups, and mentor others on cloud security best practices. Advanced Azure certifications are an additional advantage. Requirements: Top Skills: Azure Policy Experience Azure Security Services - Security Center, Key Vault, Log Analytics Identity and Access Management Experience Prior Software Engineering background, any language is fine but someone coming from a Sys Admin/Devops background won't be the right fit here.

Job Title: Azure Cloud Security Engineer - W2 only - we can provide sponsorship as well Duration: Long Term Top Skills: Azure Policy Exp Azure Security Services - Security Center, Key Vault, Log Analytics Identity and Access Management Exp Prior Software Engineering background, any language is fine but someone coming from a Sys Admin/Devops background won't be the right fit here. The Expertise and Skills You Bring 8+ years of experience in IT infrastructure, security, compliance A strong understanding of Azure services and security capabilities Solid hands-on experience with at least two of the following: Engineering/operational support of cloud account configuration in AWS or Azure Software Development, Linux Systems Administration, Data Networking Hands-on configuration of CI/CD pipelines for cloud-native deployments Very strong with scripting languages, including integration with CSP APIs; python preferred Azure Networking Identity and Access Management - RBAC Azure Policies Azure Security Services - Security Center, Key Vault, Log Analytics Azure ARM/PowerShell Ability to work with application and security teams to promote a secure posture in the cloud You can mentor and train other team members to work effectively in the cloud You are a self-starter who can independently by reading technical documentation Bonus skills Advanced Azure Certifications