Director security management full time jobs - 24 jobs

Shape the Future with Us. At Lubrizol, we're transforming the [industry/market - link to relevant LZ business page, if applicable] through science, sustainability, and a culture of inclusion. As part of our global team, you'll be empowered to make a real impact-on your career, your community, and the world around you. Travel: < 5% (very limited) Job Type: Full-time. Collaborate in person 4 days each week, with 1 flexible day. How You'll Make an Impact As a Cloud Security Engineer, you will strengthen Lubrizol's global cloud security posture across AWS, Azure, and GCP by implementing robust security protocols, policies, and procedures to safeguard cloud-based systems, applications, and data. Design, deploy, and maintain cloud-native and third-party security tools and solutions that enhance monitoring, detection, and response capabilities across our environments. Conduct cloud-specific vulnerability assessments, penetration testing, and risk evaluations to proactively identify and mitigate risks, prioritizing remediation to fortify defenses. Ensure compliance with international regulations and industry frameworks (e.g., ISO 27001, GDPR, NIST, SCF, PCI DSS) through technical audits, assessments, and documentation. Collaborate closely with DevOps, application development, and infrastructure teams to embed security into cloud architectures, CI/CD pipelines, and deployment processes using secure-by-design principles. Continuously monitor emerging threats, technologies, and compliance requirements; recommend enhancements to our cloud security architecture and operational processes. Contribute to incident response activities and other security initiatives that improve our global cybersecurity resilience. Required Qualifications that Enable Your Success Bachelor's degree in Computer Science, Information Technology, or a related field; or a relevant combination of education and 5+ years of experience. 3+ years of experience in cybersecurity or a related role with hands-on work in cloud security across AWS, Azure, and/or GCP. Proficiency implementing security protocols, policies, and procedures; conducting vulnerability assessments, penetration testing, and risk evaluations for cloud or hybrid environments. Experience performing technical security audits and assessments aligned to frameworks such as ISO 27001, NIST, GDPR, PCI DSS, SOC 2. Practical experience integrating security into cloud architectures and CI/CD pipelines in collaboration with DevOps and application teams. Strong analytical, problem-solving, and communication skills with the ability to influence and drive accountability across teams. Working knowledge of identity and access management, PKI, MFA, and authentication/authorization protocols (e.g., SAML, OAuth). Preferred Qualifications that Drive you Forward Advanced degree in a relevant field. Certifications such as GIAC Cloud Security Essentials (GCLD), GIAC Public Cloud Security (GPCS), GIAC Security Essentials (GSEC), Microsoft Azure Fundamentals, CompTIA Cloud Essentials, Automation certificates, or Microsoft 365. Hands-on experience with cloud security platforms and tools (e.g., CASB, CSPM, CWPP) and SIEM solutions (e.g., Splunk ES, QRadar, XSIAM). Familiarity with SAP S/4HANA, industrial control systems (DCS/PLC/SCADA), and related security considerations. Experience with network security technologies (firewalls, IDS/IPS, VPN, NAC) and web application firewalls (e.g., F5 BIG-IP). Knowledge of data encryption and key management (e.g., Azure Key Vault) and vulnerability management tools (e.g., Rapid7 InsightVM). Your Work Environment At Lubrizol, we're committed to providing a safe, inclusive, and empowering environment where you can do your best work-whether in a lab, on the production floor, or in a hybrid office setting. Depending on your role, your work environment may include: Standing, walking, or operating equipment for extended periods Working in a lab or manufacturing setting with appropriate PPE provided Use of computers and digital tools in an office or hybrid environment Occasional lifting or movement of materials Adherence to rigorous safety protocols and ergonomic standards We continuously invest in our facilities and technologies to ensure they support your well-being, productivity, and growth. If you require reasonable accommodation, we are committed to working with you to ensure an inclusive and accessible experience. Benefits that Empower You Competitive salary with performance-based bonus plans 401(k) match + Age-Weighted Defined Contribution Comprehensive medical, dental & vision coverage Health Savings Account (HSA) Paid holidays, vacation, and parental leave Flexible work environment Learning and development opportunities Career and professional growth Inclusive culture and vibrant community engagement Learn more at benefits.lubrizol.com! Lubrizol: Imagined for Life. Enabled by Science.™ Delivered by You. We tackle the world's toughest challenges with science-based solutions, deeply understanding our customers to deliver innovative chemistry and differentiated value. Our inclusive culture, dedication to safety, and incredible global talent drive our success. Our solutions meet the evolving needs of the modern world-brought to life by science and, most importantly, delivered by you. Whether you're in the lab, on the production floor, or in the office, you'll be part of a team around the world that empowers you to think boldly, drive results, and contribute to solutions that shape a better, more sustainable future. We win because of you. Let's build the future together. #LZBUS #LI-CM1

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Information Technology Manager 1 - Security & Compliance Manager- 20078290 (250008DD) Organization: CommerceAgency Contact Name and Information: ************************ or **************Unposting Date: OngoingPrimary Location: United States of America-OHIO-Franklin County-Columbus Compensation: Pay range 16, step 1 $47.50/hr.Schedule: Full-time Work Hours: 8:00 am - 5:00 pm (Hours subject to change) Classified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: Information TechnologyTechnical Skills: Risk Management, CybersecurityProfessional Skills: Analyzation, Collaboration, Consultation, InnovationPrimary Technology: Security Monitoring Agency Overview This is a re-post. If you applied to posting 250006TA, you do not need to re-apply to be considered. The Mission of the Ohio Department of Commerce is promoting prosperity by protecting what matters most. The Division of Administration provides overall leadership and administrative support for all Divisions. The Division includes the Office of Director, Communications, Fiscal, Human Resources, IT, Legal and Legislative Affairs. As the state's chief regulator, the Department of Commerce impacts Ohioans every day. We are motivated by our mission to promote prosperity for businesses and licensees by protecting what matters most to the residents of our state. We ensure compliance through proactive outreach, education, and customer-focused service.Commerce is comprised of eight operating divisions and one standalone program that span a variety of industries including real estate, liquor, banking, securities, firefighting, construction and skilled trades, and cannabis. Through exceptional compliance practices and oversight, Commerce has a direct role in protecting Ohioans.Our Guiding PrinciplesMaking an IMPACT for the customer:InclusiveMotivatedProactiveAccountableCustomer-FocusedTeamwork Job DescriptionThe IT Security Manager will serve in a management role with technical capabilities and strategic planning oversight; responsible for overseeing and managing security programs, projects, personnel, logical/technical administration, and security acquisitions. Our preferred candidate possesses the ability and experience to focus on reducing security risks throughout the infrastructure to an acceptable level, in alignment with the organizations business needs and requirements. They will be capable of identifying, establishing, and adhering to tactical plans for achieving set goals within a dynamic fast-paced environment. Duties include but are not limited to: Lead the team responsible for security assessments, developing risk-based solutions and controls frameworks. Serve as the subject matter expert for control validation in the Security team. Create/Update/Maintain IT Security Guidelines and Standards. Develop System Policies and establish system standards. Communicate security controls and remediate any concerns. Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations. Conduct, document, and report on internal and third-party risk program. Collaborate with the DAS OISP team to ensure successful delivery of security & business objectives. Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements. Be a highly analytical and effective communicator capable of influencing other teams and departments. Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.Qualifications8 1/2 years (102 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting; 18 months exp. in performing project management functions as defined in series purpose. -Or completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; additional 6 1/2 years (78 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting.; 18 mos. exp. in performing project management functions as defined in series purpose. -Or 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. Or in offices of statewide information technology policy & planning, positions require completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; 3 yrs. exp. in utilizing word processing software; 3 yrs. exp. in utilizing internet browser(s) for research; 54 mos. exp. which included following: knowledge of information technology architecture components, developing information technology strategic plans, preparing & making presentations/public speaking, writing information technology related policy & procedures, preparing & monitoring budget, providing cost & resources estimates, & contract management; 2 yrs. exp. in utilizing e-mail system; 18 mos. exp. in project management or lead role on information technology project;12 mos. exp. in utilizing spreadsheet software; 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. -Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skills: Information TechnologySupplemental InformationApplications must clearly indicate how the applicant meets the minimum qualification for the position. If you meet minimum qualification due to educational achievement, please submit a copy of your unofficial transcript(s) with your application. All answers to the supplemental questions must be supported by information provided in the work experience &/or education sections on your civil service application. Please do not use “see resume” as a substitution for the completed application; assumptions will not be made. Application Status: You can check the status of your application online by signing into your profile. Careers to which you've applied will be listed. The application status is shown to the right of the position title and application submission details. The final candidate selected for this position will be required to undergo a criminal background check as well as other investigative reviews. Criminal convictions do not necessarily preclude an applicant from consideration for a position, unless restricted under state or federal law or federal restrictions. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration.All final applicants tentatively selected for this position will be required to submit to urinalysis to test for illegal drug use prior to appointments. Testing will also be performed for the presence of marijuana. An applicant with a positive test shall not be offered employment unless the applicant submits medical documentation of legally prescribed medications or a recommendation for medical marijuana. Also, an applicant with a positive test will not be considered for any position with the State of Ohio for a period of one year.ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.

Requisition Number: 26661 Required Travel: 0 - 10% Employment Type: Full Time/Hourly/Non-Exempt Anticipated Salary Range: $60,697. 00 - $80,000. 00 Security Clearance: TS/SCI Level of Experience: Mid Employee Referral Amount: $2,500. 00 Meet HII's Mission Technologies Division Our team of more than 7,000 professionals worldwide delivers all-domain expertise and advanced technologies in service of mission partners across the globe. Mission Technologies is leading the next evolution of national defense - the data evolution - by accelerating a breadth of national security solutions for government and commercial customers. Our capabilities range from C5ISR, AI and Big Data, cyber operations and synthetic training environments to fleet sustainment, environmental remediation and the largest family of unmanned underwater vehicles in every class. Find the role that's right for you. Apply today. We look forward to meeting you. Job Description HII - Mission Technologies Corp. is looking for a qualified Journeyman Security Specialist to support a position located at Wright-Patterson AFB, Ohio. TS/SCI required. This individual wil provide Program Security Management Support, to include: + Develop and implement security policy and guidance for conducting classified operations & activities. + Provide guidance and assistance to unit personnel in accordance with program directives, security classification guides (SCG), the National Industrial Security Program Operating Manual (NISPOM), Intelligence Community Directives (ICD-705) and other applicable Department of Defense (DoD) guidance. + Possess the ability and written communication skills to develop detailed security products such as: Standard Operating Procedures (SOP), security plans, and facility accreditation packages + Familiar and functional with Joint Access Database Environment (JADE), Defense Central Index of Investigations (DCII), and Defense Information System for Security (DISS), National Industrial Security Program (NISP). Essential Job Responsibilities + Process, review and edit unit and incoming security + Assist in managing SAP access quotas and maintains program access rosters. + Prepares & reviews Program Access Requests (PAR) IAW the Special Access Program Nomination Process (SAPNP) by utilizing/reviewing Personnel Security Questionnaires (PSQ), its respective Templates, and Letter of Compelling Need (LOCN) packages. + Reviews the databases to confirm clearance information and send visit certifications. + Responsible for entering privacy act information, foreign contact/travel information and program access data into JADE. + Be able to utilize the JADE to produce access rosters, visitor certification, program hierarchy access lists and other specialized reports. + Maintain accurate unit personnel security files that contain all required documents as required. + Responsible for physical security of the unit's classified facilities to include entry control, issue badges, generate meeting rosters, conduct entry/exit checks and ensure prohibited devices are not introduced into the facilities. + Must be able to activate alarms, enter unit personnel into the system, conduct alarm tests and initiate guard force response tests. + Maintain an accurate door/safe combination database & change cypher/lock combinations Minimum Qualifications Journeyman Requirements: 3 years relevant experience with Bachelors in related field; 1 year relevant experience with Masters in related field; or High School Diploma or equivalent and 7 years relevant experience. - Knowledge of Data transmission and control - Top Secret/SCI-Eligibility Clearance required - Eligible for SAP access - Personnel Security - Joint Access Database Environment (JADE) - Program Access Requests (PAR) - Special Access Program Nomination Process (SAPNP) - DD254s - OPSEC - COMSEC Preferred Requirements Physical Requirements Minimal mobility, dexterity, or coordination required to operate business machines. Minimal lifting may be required. HII is more than a job - it's an opportunity to build a new future. We offer competitive benefits such as best-in-class medical, dental and vision plan choices; wellness resources; employee assistance programs; Savings Plan Options (401(k)); financial planning tools, life insurance; employee discounts; paid holidays and paid time off; tuition reimbursement; as well as early childhood and post-secondary education scholarships. Bonus/other non-recurrent compensation is occasionally offered for qualified positions, and if applicable to this role will be addressed by the recruiter at the screening phase of application. Why HII We build the world's most powerful, survivable naval ships and defense technology solutions that safeguard our seas, sky, land, space and cyber. Our workforce includes skilled tradespeople; artificial intelligence, machine learning (AI/ML) experts; engineers; technologists; scientists; logistics experts; and business administration professionals. Recognized as one of America's top large company employers, we are a values and ethics driven organization that puts people's safety and well-being first. Regardless of your role or where you serve, at HII, you'll find a supportive and welcoming environment, competitive benefits, and valuable educational and training programs for continual career growth at every stage of your career. Together we are working to ensure a future where everyone can be free and thrive. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to buildyourcareer@hii-co. com and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call ************** for assistance. Press #3 for HII Mission Technologies.

The IT Security Manager will serve in a management role with technical capabilities and strategic planning oversight; responsible for overseeing and managing security programs, projects, personnel, logical/technical administration, and security acquisitions. Our preferred candidate possesses the ability and experience to focus on reducing security risks throughout the infrastructure to an acceptable level, in alignment with the organizations business needs and requirements. They will be capable of identifying, establishing, and adhering to tactical plans for achieving set goals within a dynamic fast-paced environment. Duties include but are not limited to: Lead the team responsible for security assessments, developing risk-based solutions and controls frameworks. Serve as the subject matter expert for control validation in the Security team. Create/Update/Maintain IT Security Guidelines and Standards. Develop System Policies and establish system standards. Communicate security controls and remediate any concerns. Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations. Conduct, document, and report on internal and third-party risk program. Collaborate with the DAS OISP team to ensure successful delivery of security & business objectives. Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements. Be a highly analytical and effective communicator capable of influencing other teams and departments. At the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position. Ohio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws. This is a re-post. If you applied to posting 250006TA, you do not need to re-apply to be considered. The Mission of the Ohio Department of Commerce is promoting prosperity by protecting what matters most. The Division of Administration provides overall leadership and administrative support for all Divisions. The Division includes the Office of Director, Communications, Fiscal, Human Resources, IT, Legal and Legislative Affairs. As the state's chief regulator, the Department of Commerce impacts Ohioans every day. We are motivated by our mission to promote prosperity for businesses and licensees by protecting what matters most to the residents of our state. We ensure compliance through proactive outreach, education, and customer-focused service. Commerce is comprised of eight operating divisions and one standalone program that span a variety of industries including real estate, liquor, banking, securities, firefighting, construction and skilled trades, and cannabis. Through exceptional compliance practices and oversight, Commerce has a direct role in protecting Ohioans. Our Guiding Principles Making an IMPACT for the customer: Inclusive Motivated Proactive Accountable Customer-Focused Teamwork The State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting. Applications must clearly indicate how the applicant meets the minimum qualification for the position. If you meet minimum qualification due to educational achievement, please submit a copy of your unofficial transcript(s) with your application. All answers to the supplemental questions must be supported by information provided in the work experience &/or education sections on your civil service application. Please do not use “see resume” as a substitution for the completed application; assumptions will not be made. Application Status: You can check the status of your application online by signing into your profile. Careers to which you've applied will be listed. The application status is shown to the right of the position title and application submission details. The final candidate selected for this position will be required to undergo a criminal background check as well as other investigative reviews. Criminal convictions do not necessarily preclude an applicant from consideration for a position, unless restricted under state or federal law or federal restrictions. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration. All final applicants tentatively selected for this position will be required to submit to urinalysis to test for illegal drug use prior to appointments. Testing will also be performed for the presence of marijuana. An applicant with a positive test shall not be offered employment unless the applicant submits medical documentation of legally prescribed medications or a recommendation for medical marijuana. Also, an applicant with a positive test will not be considered for any position with the State of Ohio for a period of one year. 8 1/2 years (102 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting; 18 months exp. in performing project management functions as defined in series purpose. -Or completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following\: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; additional 6 1/2 years (78 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting.; 18 mos. exp. in performing project management functions as defined in series purpose. -Or 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. Or in offices of statewide information technology policy & planning, positions require completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following\: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; 3 yrs. exp. in utilizing word processing software; 3 yrs. exp. in utilizing internet browser(s) for research; 54 mos. exp. which included following\: knowledge of information technology architecture components, developing information technology strategic plans, preparing & making presentations/public speaking, writing information technology related policy & procedures, preparing & monitoring budget, providing cost & resources estimates, & contract management; 2 yrs. exp. in utilizing e-mail system; 18 mos. exp. in project management or lead role on information technology project;12 mos. exp. in utilizing spreadsheet software; 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. -Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skills: Information Technology

Job Description Job Title: Security Engineer - Cloud & Endpoint Security Pay Rate: $50/hr - $85/hr Duration: 2/10/2025 - 12/31/2025 (Temp-to-Hire) Contract Type: W2 (must be authorized to work in the US; no sponsorships or C2C) Job Overview Our Cloud and Endpoint Security team is looking for a Security Engineer to drive the deployment and management of an allowlisting/reverse proxy solution (Airlock). This engineer will collaborate with cross-functional teams to ensure integration with existing infrastructure, refine security policies, and contribute to the enhancement of the organization's cybersecurity posture. The role involves hands-on configuration, monitoring, and ongoing maintenance of security solutions, while remaining adaptable to changing threats and technologies. Key Responsibilities Allowlisting & Reverse Proxy Deployment: Lead the deployment and configuration of Airlock, ensuring seamless integration with current systems and networks. Policy Development: Define and implement allowlisting policies to enhance application security, access control, and threat detection. Incident Response Collaboration: Work closely with the incident response team to optimize alerting and logging capabilities, ensuring swift detection and remediation of potential security incidents. Security Strategy & Best Practices: Assist in shaping the broader cybersecurity strategy, aligning it with business objectives and recognized frameworks (e.g., NIST, MITRE, ISO 27001). Automation & Reporting: Identify opportunities to automate configurations, streamline reporting processes, and enhance visibility into system performance. Monitoring & Analysis: Track solution performance and review security logs for emerging threats or anomalies; implement proactive measures where necessary. Research & Continuous Improvement: Stay informed about the latest cybersecurity threats and trends, applying relevant findings to enhance Airlock's configurations. Documentation & Maintenance: Support the development of incident response plans, secure access protocols, and maintain thorough documentation of all configurations and processes. Qualifications Minimum Requirements Bachelor's Degree in a related field or equivalent work experience. 3+ years of experience in cybersecurity, IT, or related roles. 1+ years of hands-on experience deploying or managing application allowlisting or reverse proxy solutions. 1+ years of experience with security frameworks (e.g., NIST, MITRE, ISO 27001). Proficiency with Windows and Linux environments, including command-line configurations. Preferred Skills Experience using Airlock or similar allowlisting tools. Familiarity with scripting/automation (Python, PowerShell, Bash) for configuration and reporting. Industry certifications (e.g., Sec+, CCSP, GIAC). Strong analytical and problem-solving abilities, especially in process development and root cause analysis. Additional Information Temp-to-Hire: This is a W2 contract position with potential to convert to a full-time role, contingent on performance and business needs. Work Arrangements: Local candidates are preferred; remote candidates will be considered if necessary. Team Environment: The Cloud & Endpoint Security team collaborates with multiple departments, playing a crucial part in establishing security best practices and ensuring incident response readiness.

JobID: 210701359 JobSchedule: Full time JobShift: : Take on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the future of software security at one of the world's largest and most influential companies. As a Lead Security Engineer at JP Morgan Chase within the Cybersecurity & Technology Controls, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions. * Specific experience deploying commercial software at scale into an enterprise environment. * Develop and enforce robust change management practices to ensure system integrity and security. * Show strong experience defining and implementing infrastructure as Code (IaC), working with CI/CD pipelines, and associated automation tooling. * Function in systems engineering, systems integrations, and systems administration roles. Demonstrate strong working knowledge of Windows and Linux systems internals. * Execute on key deliverables in the security engineering space. Design and develop production deployments with the ability to think beyond routine or conventional approaches in order to deliver technology solutions for key stakeholders. * Develop secure and high-quality production code and review and debug code written by others. Able to implement complex business logic in Python, Bash, PowerShell, and other scripting languages. * Engage effectively with third-party vendors and communicate and collaborate with a broad range of internal teams. * Minimize security vulnerabilities by following industry insights and government regulations to continuously evolve security protocols, including creating processes to determine the effectiveness of current controls. * Work with stakeholders and business leaders to understand security needs and recommend business modifications during periods of vulnerability. * Add to team culture of diversity, equity, inclusion, and respect. Required qualifications, capabilities, and skills * Formal training or certification on Engineering and/or Cybersecurity concepts and 5+ years applied experience as a cloud engineer, deployment engineer, DevOps engineer, or equivalent role. * Experience with cloud engineering, deployment engineering, DevOps engineering, or equivalent * Demonstrated skills in planning, designing, and implementing enterprise level security solutions. * Strong experience defining and implementing infrastructure as Code (IaC), working with CI/CD pipelines, and associated automation tooling * Commanding knowledge of a programming/scripting language for automation and integration tasks. * Proficiency in all aspects of the Software Development Life Cycle. * Strong analytical experience with problem solving mindset and the ability to solve complex challenges. * Advanced understanding of agile methodologies such as CI/CD, Application Resiliency, and Security. Preferred qualifications, capabilities, and skills * Cloud computing related certifications with an AWS focus are strongly preferred, such as Certified Solutions Architect, DevOps Engineer, or similar. * Experience effectively communicating with senior business leaders.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: R&D Product Development Job Sub Function: R&D Software/Systems Engineering Job Category: Scientific/Technology All Job Posting Locations: Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America : About Surgery Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech. We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH. Job Description: The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment You will be responsible for: * Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. * Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. * Advise embedded system security software to ensure system hardening and secure coding practices. * Support all stakeholders on patch management, vulnerability handling, and SBOM scanning * Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) Qualifications / Requirements: Education: * Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree Experience and Skills * 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices * 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment * Proven experience with threat modeling and risk assessments for connected products or medical devices * Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams * Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. * Proven experience with electrical and embedded software design * Experience developing software for embedded Real-Time Operating Systems (RTOS) * Experience developing embedded software systems using Modern C++ (preferably standards 17+) * A results and performance driven demeanor with strong sense of accountability * Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles Preferred Skills & Experience: * Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) * Work experience with Systems Engineering activities: requirements management and development, risk management, and verification * Strong collaboration, proven technical leadership capabilities, and conflict resolution skills * A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience * Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX Other Requirements: * Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: * Vacation - up to 120 hours per calendar year * Sick time - up to 40 hours per calendar year * Holiday pay, including Floating Holidays - up to 13 days per calendar year * Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via *******************/contact-us/careers . internal employees contact AskGS to be directed to your accommodation resource. * #RADSW * #Li-Hybrid Required Skills: Product Security, Threat Modeling Preferred Skills: C++ STL, Embedded C++

: Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world's largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership. Job Posting External Primary Responsibilities Define security architecture standards and blueprints for web, mobile, cloud, and Application Programming Interface (API)-based applications. Review design documents and perform architecture risk assessments for new and existing applications. Collaborate with DevOps, Engineering, and Infrastructure teams to ensure architectures align with secure design principles. Integrate automated security testing/scanning tools (Static Application Security Testing (SAST), Software Composition Analysis (SCA)) into Continuous Integration (CI) or Continuous Delivery (CD) pipelines. Define and enforce secure coding standards and practices across development teams. Provide training and guidance to developers on secure development principles and vulnerability prevention. Conduct threat modeling and attack surface reviews for high-risk or critical applications. Identify potential security flaws and recommend mitigations early in development process. Track and communicate technical risk to product managers, developers, and leadership teams. Develop and maintain application security policies, baselines, and architecture frameworks. Ensure application security practices align with regulations including General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI-DSS). Support audit and compliance initiatives by providing documentation and evidence of secure development practices. Minimum Qualifications Bachelor's degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience. Non-degree considered if 12+ years of related experience along with a high school diploma or GED Preferred Qualifications 5+ years in cybersecurity with at least 3 years in application security or secure software development experience. Secure Software Development Life Cycle (SDLC) in development. Deep knowledge of Open Web Application Security Project (OWASP) Top 10, National Institute of Standards and Technology (NIST), and secure coding frameworks. Experience with Securing Secrets and Service Accounts. Experience with Web Application Firewall (WAF) implementation/support. Familiarity with Identity and Access Management and cloud security practices (AWS, Azure). Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CISSP), Certified Ethical Hacker (CEH) certified. Familiarity with container security (Docker, Kubernetes). Experience in Threat Modeling. Understanding of authentication protocols (Open Authorization (OAuth) and Security Assertion Markup Language (SAML)). Experience with DEVSECOPStools and container security tools. Work Authorization: Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future, are not eligible for hire. No agency calls please. Compensation and Benefits: Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and much more. EOE Veterans/Disabilities

Job Description We are seeking an Information Systems Security Manager (ISSM) with extensive hands-on experience driving cybersecurity compliance within a defense contractor environment and leading classified network security initiatives, ensuring compliance with Risk Management Framework (RMF), NIST 800-53, DFARS ************, and 32 CFR Part 117 (NISPOM). The ideal candidate will be able to work on-site in Dayton, OH, with 20% travel to our Florida site to support related security projects. Essential Functions: Lead and manage the security posture of classified SIPR networks, ensuring compliance with DoD security policies and CMMC requirements. Develop, implement, and maintain security policies, procedures, and documentation to protect classified systems. Own and manage system accreditation packages with hands-on experience using eMASS and Xacta, ensuring Authority to Operate (ATO) maintenance. Conduct regular security audits, vulnerability assessments, and risk analyses, proactively mitigating threats to classified systems. Oversee and drive incident response procedures for classified environments, ensuring timely reporting and mitigation of security incidents. Administer and optimize security tools and technologies, including HBSS, ACAS, and SIEM Solutions. Collaborate with government security agencies, internal teams, and executive leadership to ensure compliance and address security concerns. Ensure compliance with DoD 8570/8140 certification requirements and maintain appropriate cybersecurity credentials. Support and lead security inspections, audits, and self-assessments to uphold regulatory standards. Perform other duties as required. Standard Essential Functions: Regular and reliable attendance on a full time basis [or in accordance with posted schedule]. Responsible for exhibiting professional behavior with both internal and external business associates that reflects positively on the company and is consistent with the company's policies and practices. Embodies AEVEX's cultural values and aligns daily actions with department goals and company culture. Qualifications and Competencies: Security Clearance- Ability to obtain/maintain a Top Secret DoD clearance, U.S. Citizenship required. Expert knowledge of RMF, NIST 800-53, DFARS ************, CMMC, and 32 CFR Part 117 (NISPOM). Proven experience managing system accreditations with eMASS and Xacta. Strong leadership experience in building and managing security teams. Hands-on experience with HBSS, ACAS, SIEM solutions, and other cybersecurity tools. Education / Certifications: Bachelors Degree in cybersecurity, IT, computer science, or other related field preferred. Certifications: CISSP, or equivalent (Security+ CE alone is not sufficient). Experience: 2 - 5 years of hands-on experience as an ISSM within a defense contractor environment, leading cybersecurity compliance initiatives. Physical Requirements: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties the employee is: Frequently required to sit, and to reach to use computers and other office equipment For the purpose of this summary, occasionally is used to represent up to 1/3 of the time given to the work day, frequently represents 1/3 to 2/3 of the time and constantly represents 2/3 or more of the time. About AEVEX AEVEX, headquartered in Solana Beach, California, supports the U.S. national security mission and partner nation needs around the world by providing full-spectrum aviation, remote sensing, and analysis solutions. The company's capabilities include custom design and engineering; rapid prototyping; sensor integration and sustainment; aircraft modification and certification; flight test instrumentation and support; mission operations service; advanced intelligence data processing, exploitation, and dissemination solutions; and tailored hardware and software mission-system tools. AEVEX uses agile and customized approaches to rapidly define, develop, and deliver specialized solutions for airborne special mission needs for the U.S. Government, partner nations, and commercial businesses. AEVEX has major offices in California, Florida, North Carolina, Ohio, and Virginia. AEVEX provides a full suite of comprehensive benefits, including a 401(k)-retirement plan, comprehensive Medical, Dental, Vision, Disability and Life insurance group coverage with a portion of the premiums paid by the company, professional development funds, and an Employee Assistance Plan (EAP) with counseling, legal help, child and elder care support, among other benefits for qualified employees. Equal Employment Opportunity: AEVEX is an Equal Opportunity employer. We are committed to providing equal employment opportunities to all employees and applicants without regard to race, religious creed, color, sex (including pregnancy, breast feeding and related medical conditions), gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship status, military and veteran status, marital status, age, protected medical condition, genetic information, physical disability, mental disability, or any other protected status in accordance with all applicable federal, state and local laws.

For this role, we are looking for a curious and innovative Security Engineer with a passion for information security, customer service, and compliance. You will be responsible for guiding security best practices while following security frameworks such as NIST, and SOC2. You will be leading the security programs to ensure minimal risk exposure. At IGS, we take a risk-based approach to our decisions and utilize industry best practices and security frameworks to guide us along the way. We are looking for someone that is good at understanding and solving complex and ambiguous problems and constantly seek improvement. Primary Responsibilities Architect and manage Azure Entra infrastructure, including tenant design, hybrid identity configurations, and conditional access policies. Maintain and optimize Active Directory environments, including domain controllers, group policies, organizational units, and security hardening. Design and implement Active Directory Federation Services (ADFS) and manage complex federation trusts between internal and external identity providers. Plan and execute domain trust relationships, including forest trusts, external trusts, and realm trusts across complex enterprise environments. Lead identity platform through organizational transitions, including tenant-to-tenant migrations, directory consolidations, and identity lifecycle transitions. Manage multi-tenant Microsoft 365 migrations, ensuring secure data transfer and seamless user transitions during organizational changes. Develop and maintain disaster recovery and business continuity plans for identity infrastructure. Implement identity security best practices, including privileged access management, MFA enforcement, and identity protection policies. Monitor identity infrastructure health, performance, and security posture, responding to incidents and anomalies. Collaborate with business stakeholders during organizational transitions to ensure smooth identity transitions with minimal business impact. Other Responsibilities Work closely with IT and other departments to ensure security measures are integrated into all aspects of the organization's technology and operations. Apply knowledge of information security principles and practices. Ability to think strategically but willingness to handle, first-hand, the mechanics of technology services required by the business. Other duties and responsibilities as assigned. Required Skills Proven experience managing complex Microsoft 365 environments, particularly multi-tenant migrations and consolidations. Strong understanding of Active Directory Federation Services, domain trusts, and forest architectures. Hands-on experience with Azure Entra, including conditional access, privileged identity management, and hybrid identity configurations. Solid understanding of authentication protocols (SAML, OAuth 2.0, OpenID Connect, Kerberos, LDAP). Exceptional organizational skills, follow through, and multitasking abilities. Decisiveness, good judgment, analytical aptitude, and problem-solving skills to act with authority and take risks in an environment with little direction from others. Excellent communicator with strong organizational savvy and leadership skills necessary to interface with and influence all levels of organization. Ability to work in a fast-paced and dynamic environment. Minimum Education and Experience Minimum of 5 years of technical experience, with at least 3 years of security focus. Demonstrated knowledge of, and experience in implementing security technologies and processes. Professional certifications within security-related areas, while not a minimum requirement, would be highly desirable. #LI-AM1 Work Authorization: Applicants must be authorized to work in the US on a full-time basis. Unfortunately, a current or future need for sponsorship is not supported or available for this position. Salary Range: $87,630.00 - $140,210.00 *This range reflects base pay only. Incentive earnings, like commissions or bonuses, are not included. This role is also eligible for an annual incentive plan based on company performance. How We Support Your Wellbeing: Our employees are our most valuable asset. That's why at IGS, we are committed to offering a holistic benefit program that allows employees to stay healthy, feel secure, and maintain flexibility in their wellbeing journey. Healthcare Essentials: Comprehensive coverage including medical (plus free telehealth), dental, vision, and employer health savings account contributions. Mental Wellbeing: Robust support through Headspace and free mental healthcare visits for you and your dependents. Family Planning Support: Extensive assistance with Maven, paid family and caregiver leave, and fertility, adoption, and surrogacy services. Financial Readiness: Strong financial foundation with a 401(k) plan, company match, and access to financial wellbeing tools. Work-Life Balance: paid time off, tuition reimbursement, paid leaves, employee hardship fund, and a wide range of additional perks. Equal Opportunity Employment: It is the policy of IGS Energy to ensure equal employment opportunity in accordance with all applicable federal and state regulations and guidelines. Employment discrimination against employees and applicants due to race, color, religion, sex (including sexual harassment), national origin, disability, age, sexual orientation, gender identity, military status, and veteran status or other legally protected class under applicable law is prohibited.

Cloud Security Engineer - (23000FK6) Description The Cloud Security Engineer (CSE) should be hands-on in all aspects of Azure security including implementing security controls and threat protection, manage identity and access management, defining organizational structure and policies, using Azure technologies in order to provide data protection, configuring network security defenses, collecting and analyzing Azure logs, managing incident responses, and an understanding of regulatory concerns. As a Cloud Security Engineer you design and implement a secure end-to-end infrastructure on Azure in a hybrid cloud setup. Essential FunctionsMonitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns Maintain and improve the security posture of the Azure platform, identifying, and remediating vulnerabilities by using a variety of security tools. Provide cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. Implement and configure security controls and policies, manage access to data, and monitor threats to ensure that apps, containers, infrastructure, and networks are protected. Implementing threat protection and responding to security incident escalations. Automate security controls, data, and processes to provide better metrics and operational support using security-as-code. Configure access within a cloud solution environment using the defense-in-depth principle Configure network security including in a hybrid context with traditional network centric controls Ensure data protection Manage operations within a cloud solution environment such as operations tasks, using cloud native tools, like Log Analytics, Azure Monitor and Azure Security Center or other monitoring tooling. Support our cloud engineers to implement security best-practices and enable secure development and release processes. Deep understanding of configuring security policies and securing applications and data. Required For All JobsPerforms other duties as assigned. Complies with all policies and standards. For specific duties and responsibilities, refer to documentation provided by the department during orientation. Must abide by all requirements to safely and securely maintain Protected Health Information (PHI) for our patients. Annual training, the UH Code of Conduct and UH policies and procedures are in place to address appropriate use of PHI in the workplace. Qualifications QualificationsEducationBachelor's Degree in Information Technology, Computer Science, or a related field Required Work Experience5+ years IT security experience Required and 3+ years building and maintaining secure azure cloud solution and tools (Azure Monitor, Log Analytics, Azure Security Center) Required Knowledge, Skills, & Abilities Understand agile and DevOps concepts in a security context such as “trust but verify”, central vs decentral controls, make agile teams as autonomous as possible while ensuring the teams adhere to the NonFunctional-Requirements. A deep understanding of networking, e. g. IP subnetting, Network Security Groups, routing, Azure Firewall, ExpressRoute, load balancer, DNS. Strong familiarity with cloud capabilities and products and services for Azure, e. g. Azure Active Directory, Privileged Identity Management, VMs, Container Registry, Azure Kubernetes Services (AKS), Data Services, KeyVault. Have the intrinsic quality to want to continuously improve and do better Hands-on and can-do mentality Feeling of ownership Good communication and presentation skills Team player Able to express ideas effectively in individual and group situations. Able to execute a task in a good manner and with good results with limited supervision Strong skills in scripting and automation, Infrastructure-as-Code and using CI/CD concepts. Experience with pipeline tooling for automated deployments and applying security controls. Experience with Experience with infrastructure orchestration tools such as Terraform and other cloud-specific infrastructure automation tools (Azure Resource Manager, Google Cloud Deployment Manager) to automate the creation of staging, testing and production environments. Work experience from large, international companies and have dealt with or worked for global service providers. Licenses and CertificationsCertified Information System Security Professional (CISSP) Preferred Certified Ethical Hacker (CEH) Preferred Additional Licenses and Certifications Microsoft Azure Security related certifications Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Information Protection Administrator Associate, or Microsoft Certified: Security Operations Analyst Associate) Preferred Certified Cloud Security Professional (CCSP) Preferred Certificate of Cloud Security Knowledge (CCSK) Preferred Global Information Assurance Certification (GIAC) Preferred Physical DemandsStanding Occasionally Walking Occasionally Sitting Constantly Lifting Rarely 20 lbs Carrying Rarely 20 lbs Pushing Rarely 20 lbs Pulling Rarely 20 lbs Climbing Rarely 20 lbs Balancing Rarely Stooping Rarely Kneeling Rarely Crouching Rarely Crawling Rarely Reaching Rarely Handling Occasionally Grasping Occasionally Feeling Rarely Talking Constantly Hearing Constantly Repetitive Motions Frequently Eye/Hand/Foot Coordination Frequently Primary Location: United States-Ohio-Shaker_HeightsWork Locations: 3605 Warrensville Center Road 3605 Warrensville Center Road Shaker Heights 44122Job: Information TechnologyOrganization: UHHS_Information_TechnologySchedule: Full-time Employee Status: Regular - ShiftDaysJob Type: StandardJob Level: ProfessionalTravel: NoRemote Work: YesJob Posting: Nov 14, 2025, 1:58:20 PM

Job Title: Security Engineer - Cloud & Endpoint Security Pay Rate: $50/hr - $85/hr Duration: 2/10/2025 - 12/31/2025 (Temp-to-Hire) Contract Type: W2 (must be authorized to work in the US; no sponsorships or C2C) Job Overview Our Cloud and Endpoint Security team is looking for a Security Engineer to drive the deployment and management of an allowlisting/reverse proxy solution (Airlock). This engineer will collaborate with cross-functional teams to ensure integration with existing infrastructure, refine security policies, and contribute to the enhancement of the organization's cybersecurity posture. The role involves hands-on configuration, monitoring, and ongoing maintenance of security solutions, while remaining adaptable to changing threats and technologies. Key Responsibilities Allowlisting & Reverse Proxy Deployment: Lead the deployment and configuration of Airlock, ensuring seamless integration with current systems and networks. Policy Development: Define and implement allowlisting policies to enhance application security, access control, and threat detection. Incident Response Collaboration: Work closely with the incident response team to optimize alerting and logging capabilities, ensuring swift detection and remediation of potential security incidents. Security Strategy & Best Practices: Assist in shaping the broader cybersecurity strategy, aligning it with business objectives and recognized frameworks (e.g., NIST, MITRE, ISO 27001). Automation & Reporting: Identify opportunities to automate configurations, streamline reporting processes, and enhance visibility into system performance. Monitoring & Analysis: Track solution performance and review security logs for emerging threats or anomalies; implement proactive measures where necessary. Research & Continuous Improvement: Stay informed about the latest cybersecurity threats and trends, applying relevant findings to enhance Airlock's configurations. Documentation & Maintenance: Support the development of incident response plans, secure access protocols, and maintain thorough documentation of all configurations and processes. Qualifications Minimum Requirements Bachelor's Degree in a related field or equivalent work experience. 3+ years of experience in cybersecurity, IT, or related roles. 1+ years of hands-on experience deploying or managing application allowlisting or reverse proxy solutions. 1+ years of experience with security frameworks (e.g., NIST, MITRE, ISO 27001). Proficiency with Windows and Linux environments, including command-line configurations. Preferred Skills Experience using Airlock or similar allowlisting tools. Familiarity with scripting/automation (Python, PowerShell, Bash) for configuration and reporting. Industry certifications (e.g., Sec+, CCSP, GIAC). Strong analytical and problem-solving abilities, especially in process development and root cause analysis. Additional Information Temp-to-Hire: This is a W2 contract position with potential to convert to a full-time role, contingent on performance and business needs. Work Arrangements: Local candidates are preferred; remote candidates will be considered if necessary. Team Environment: The Cloud & Endpoint Security team collaborates with multiple departments, playing a crucial part in establishing security best practices and ensuring incident response readiness.

JobID: 210683473 JobSchedule: Full time JobShift: : As a Cloud Security Engineer at JPMorgan Chase within the Cybersecurity & Technology Controls (CTC) group, your primary responsibility will be to ensure that Public Cloud is adopted in a secure and compliant manner. You will play an important role in identifying and managing risk related issues and actions with respective technology. You will have an eye for detail and an ability to see the big picture across security issues. Job responsibilities * Lead the execution and continuous improvement of information risk and control strategies to secure public cloud assets. * Conduct and oversee risk-based assessments of technology controls for cloud services, platforms, and architecture. * Advise and guide business technology teams on firm control requirements and best practices across diverse cloud architectures. * Review and provide feedback on infrastructure-as-code for cloud platform development, ensuring alignment with security standards. * Develop and maintain documentation, and contribute to agile processes supporting security initiatives. * Collaborate with CTC teams to ensure seamless integration with security operations, threat intelligence, IAM, and network security. * Mentor junior engineers and contribute to knowledge sharing within the team. Required qualifications, capabilities, and skills * Formal training or certification on security engineering concepts and 5+ years applied experience. * Strong analytical, problem-solving, and communication skills. * Experience planning, designing, building and implementing enterprise level security engineering products and solutions in a public cloud environment (i.e. AWS, GCP, Azure) * Experience working in cross-functional teams and managing multiple priorities. Preferred qualifications, capabilities, and skills * Advanced understanding of public cloud security concepts and technologies. * Hands-on experience with cloud engineering, architecture, and infrastructure-as-code (Terraform, etc.). * Familiarity with DevOps, CI/CD, and agile methodologies. * Experience mentoring or training junior staff.

Required Travel: 0 - 10% Employment Type: Full Time/Hourly/Non-Exempt Anticipated Salary Range: $60,697.00 - $80,000.00 Security Clearance: TS/SCI Level of Experience: Mid Employee Referral Amount: $2,500.00 Meet HII's Mission Technologies Division Our team of more than 7,000 professionals worldwide delivers all-domain expertise and advanced technologies in service of mission partners across the globe. Mission Technologies is leading the next evolution of national defense - the data evolution - by accelerating a breadth of national security solutions for government and commercial customers. Our capabilities range from C5ISR, AI and Big Data, cyber operations and synthetic training environments to fleet sustainment, environmental remediation and the largest family of unmanned underwater vehicles in every class. Find the role that's right for you. Apply today. We look forward to meeting you. Job Description HII - Mission Technologies Corp. is looking for a qualified Journeyman Security Specialist to support a position located at Wright-Patterson AFB, Ohio. TS/SCI required. This individual wil provide Program Security Management Support, to include: + Develop and implement security policy and guidance for conducting classified operations & activities. + Provide guidance and assistance to unit personnel in accordance with program directives, security classification guides (SCG), the National Industrial Security Program Operating Manual (NISPOM), Intelligence Community Directives (ICD-705) and other applicable Department of Defense (DoD) guidance. + Possess the ability and written communication skills to develop detailed security products such as: Standard Operating Procedures (SOP), security plans, and facility accreditation packages + Familiar and functional with Joint Access Database Environment (JADE), Defense Central Index of Investigations (DCII), and Defense Information System for Security (DISS), National Industrial Security Program (NISP). Essential Job Responsibilities + Process, review and edit unit and incoming security + Assist in managing SAP access quotas and maintains program access rosters. + Prepares & reviews Program Access Requests (PAR) IAW the Special Access Program Nomination Process (SAPNP) by utilizing/reviewing Personnel Security Questionnaires (PSQ), its respective Templates, and Letter of Compelling Need (LOCN) packages. + Reviews the databases to confirm clearance information and send visit certifications. + Responsible for entering privacy act information, foreign contact/travel information and program access data into JADE. + Be able to utilize the JADE to produce access rosters, visitor certification, program hierarchy access lists and other specialized reports. + Maintain accurate unit personnel security files that contain all required documents as required. + Responsible for physical security of the unit's classified facilities to include entry control, issue badges, generate meeting rosters, conduct entry/exit checks and ensure prohibited devices are not introduced into the facilities. + Must be able to activate alarms, enter unit personnel into the system, conduct alarm tests and initiate guard force response tests. + Maintain an accurate door/safe combination database & change cypher/lock combinations Minimum Qualifications Journeyman Requirements: 3 years relevant experience with Bachelors in related field; 1 year relevant experience with Masters in related field; or High School Diploma or equivalent and 7 years relevant experience. - Knowledge of Data transmission and control - Top Secret/SCI-Eligibility Clearance required - Eligible for SAP access - Personnel Security - Joint Access Database Environment (JADE) - Program Access Requests (PAR) - Special Access Program Nomination Process (SAPNP) - DD254s - OPSEC - COMSEC Preferred Requirements Physical Requirements Minimal mobility, dexterity, or coordination required to operate business machines. Minimal lifting may be required. HII is more than a job - it's an opportunity to build a new future. We offer competitive benefits such as best-in-class medical, dental and vision plan choices; wellness resources; employee assistance programs; Savings Plan Options (401(k)); financial planning tools, life insurance; employee discounts; paid holidays and paid time off; tuition reimbursement; as well as early childhood and post-secondary education scholarships. Bonus/other non-recurrent compensation is occasionally offered for qualified positions, and if applicable to this role will be addressed by the recruiter at the screening phase of application. Why HII We build the world's most powerful, survivable naval ships and defense technology solutions that safeguard our seas, sky, land, space and cyber. Our workforce includes skilled tradespeople; artificial intelligence, machine learning (AI/ML) experts; engineers; technologists; scientists; logistics experts; and business administration professionals. Recognized as one of America's top large company employers, we are a values and ethics driven organization that puts people's safety and well-being first. Regardless of your role or where you serve, at HII, you'll find a supportive and welcoming environment, competitive benefits, and valuable educational and training programs for continual career growth at every stage of your career. Together we are working to ensure a future where everyone can be free and thrive. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to ************************** and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call ************** for assistance. Press #3 for HII Mission Technologies.

Location: Van Wert, OH; Dublin, OHWork Model: Hybrid Position type: Full time - salary We're a team of employees passionate about delivering best-in-class customer service and driving innovation in IT support. Integrity, relationships, and excellence are at the heart of everything we do. Our employees fully utilize their talents and bring their best selves to work. We believe who you are is just as important as what you do! Help shape the future of secure software at Central. We're looking for a detail-oriented, and innovative Application Security Engineer to join our cybersecurity team. In this role, you'll be responsible for embedding security into the software development lifecycle, identifying vulnerabilities, and collaborating with developers to build resilient applications. If you're passionate about threat modeling, testing, and hardening within the application environment including AI applications and driving a culture of security across engineering teams, we'd love to have you on board. Key Responsibilities of the Role Conduct secure code reviews, threat modeling, and vulnerability assessments. Collaborate with engineers to integrate security controls into CI / CD pipelines. Develops, maintains, and champions secure coding guidelines and training materials. Collaborates with DevOps and Software Engineering to integrate security into the SDLC process. Implements and manages application security tools (SAST, DAST, SCA, WAF, etc..) Assists with monitoring security events and contributes with the incident response. team Collaborates on data security to ensure secure data access configurations with Data Engineering and Infrastructure. Collaborates with Software Engineering to integrate security into AI/ML pipelines and governance frameworks. Responsible for scripting automation for integration of security tools and functions. Utilizes scripting for meta-data aggregation to allow for the creation of dashboards or other metrics for security analytics. Stay current with emerging threats, vulnerabilities, and security technologies. Required Qualifications Bachelor's degree in Computer Science or related field and 2 years related experience Or 4 years related experience Preferred Qualifications CISSP, CASE, GWAPT, or CSSLP certifications preferred Knowledge, Skills, and Abilities Creativity and passion for application security Curious mind and strong desire to constantly learn. Strong understanding of OWASP Top Ten, secure coding practices, and common attack vectors. Proven ability to apply secure design principles within application architecture. Strong analytical, research, and problem-solving skills Understanding of the software development life cycle. Understanding of security tools such as Burp Suite, Snyk, Rapid7, or similar tools. Familiarity with CI/CD tools such as Azure DevOps, GitLab, Jenkins or similar tools. Ability to work with product, software, data, and infrastructure engineering teams. Strong understanding of data protection principles and technologies (Encryption, DLP, IAM) Understanding of scripting automation using Python, PowerShell, Bash. Possess a positive, professional, cooperative, and quality-conscious attitude Possesses verbal and written communication skills, including negotiation, presentation, and influence skills Ability to understand Central Insurance's policies and processes Total Rewards Central establishes base pay based on several factors including labor market data and an evaluation of candidate qualifications relative to role requirements. Base pay is one component of a comprehensive total rewards package designed to support employees' financial, health, career, and retirement objectives. Central provides extensive health and wellness benefits to promote flexibility, work-life balance, and long-term financial security. For more information, see Central Insurance Benefits

Shape the Future with Us. At Lubrizol, we're transforming the [industry/market - link to relevant LZ business page, if applicable] through science, sustainability, and a culture of inclusion. As part of our global team, you'll be empowered to make a real impact-on your career, your community, and the world around you. Travel: < 5% (very limited) Job Type: Full-time. Collaborate in person 4 days each week, with 1 flexible day. How You'll Make an Impact * As a Cloud Security Engineer, you will strengthen Lubrizol's global cloud security posture across AWS, Azure, and GCP by implementing robust security protocols, policies, and procedures to safeguard cloud-based systems, applications, and data. * Design, deploy, and maintain cloud-native and third-party security tools and solutions that enhance monitoring, detection, and response capabilities across our environments. * Conduct cloud-specific vulnerability assessments, penetration testing, and risk evaluations to proactively identify and mitigate risks, prioritizing remediation to fortify defenses. * Ensure compliance with international regulations and industry frameworks (e.g., ISO 27001, GDPR, NIST, SCF, PCI DSS) through technical audits, assessments, and documentation. * Collaborate closely with DevOps, application development, and infrastructure teams to embed security into cloud architectures, CI/CD pipelines, and deployment processes using secure-by-design principles. * Continuously monitor emerging threats, technologies, and compliance requirements; recommend enhancements to our cloud security architecture and operational processes. * Contribute to incident response activities and other security initiatives that improve our global cybersecurity resilience. Required Qualifications that Enable Your Success * Bachelor's degree in Computer Science, Information Technology, or a related field; or a relevant combination of education and 5+ years of experience. * 3+ years of experience in cybersecurity or a related role with hands-on work in cloud security across AWS, Azure, and/or GCP. * Proficiency implementing security protocols, policies, and procedures; conducting vulnerability assessments, penetration testing, and risk evaluations for cloud or hybrid environments. * Experience performing technical security audits and assessments aligned to frameworks such as ISO 27001, NIST, GDPR, PCI DSS, SOC 2. * Practical experience integrating security into cloud architectures and CI/CD pipelines in collaboration with DevOps and application teams. * Strong analytical, problem-solving, and communication skills with the ability to influence and drive accountability across teams. * Working knowledge of identity and access management, PKI, MFA, and authentication/authorization protocols (e.g., SAML, OAuth). Preferred Qualifications that Drive you Forward * Advanced degree in a relevant field. * Certifications such as GIAC Cloud Security Essentials (GCLD), GIAC Public Cloud Security (GPCS), GIAC Security Essentials (GSEC), Microsoft Azure Fundamentals, CompTIA Cloud Essentials, Automation certificates, or Microsoft 365. * Hands-on experience with cloud security platforms and tools (e.g., CASB, CSPM, CWPP) and SIEM solutions (e.g., Splunk ES, QRadar, XSIAM). * Familiarity with SAP S/4HANA, industrial control systems (DCS/PLC/SCADA), and related security considerations. * Experience with network security technologies (firewalls, IDS/IPS, VPN, NAC) and web application firewalls (e.g., F5 BIG-IP). * Knowledge of data encryption and key management (e.g., Azure Key Vault) and vulnerability management tools (e.g., Rapid7 InsightVM). Your Work Environment At Lubrizol, we're committed to providing a safe, inclusive, and empowering environment where you can do your best work-whether in a lab, on the production floor, or in a hybrid office setting. Depending on your role, your work environment may include: * Standing, walking, or operating equipment for extended periods * Working in a lab or manufacturing setting with appropriate PPE provided * Use of computers and digital tools in an office or hybrid environment * Occasional lifting or movement of materials * Adherence to rigorous safety protocols and ergonomic standards We continuously invest in our facilities and technologies to ensure they support your well-being, productivity, and growth. If you require reasonable accommodation, we are committed to working with you to ensure an inclusive and accessible experience. Benefits that Empower You * Competitive salary with performance-based bonus plans * 401(k) match + Age-Weighted Defined Contribution * Comprehensive medical, dental & vision coverage * Health Savings Account (HSA) * Paid holidays, vacation, and parental leave * Flexible work environment * Learning and development opportunities * Career and professional growth * Inclusive culture and vibrant community engagement Learn more at benefits.lubrizol.com! Lubrizol: Imagined for Life. Enabled by Science. Delivered by You. For nearly 100 years, The Lubrizol Corporation, a Berkshire Hathaway company, has been at the forefront of innovation to enhance everyday life, advance mobility, and make the modern world work better. Our specialty chemistry solutions-from engine oils, performance coatings, and skincare to medical devices and plumbing systems -are powered by the expertise, passion, and commitment of people like you. We tackle the world's toughest challenges with science-based solutions, deeply understanding our customers to deliver innovative chemistry and differentiated value. Our inclusive culture, dedication to safety, and incredible global talent drive our success. Our solutions meet the evolving needs of the modern world-brought to life by science and, most importantly, delivered by you. Whether you're in the lab, on the production floor, or in the office, you'll be part of a team around the world that empowers you to think boldly, drive results, and contribute to solutions that shape a better, more sustainable future. We win because of you. Let's build the future together. #LZBUS #LI-CM1

: Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world's largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership. **Job Posting External** **Primary Responsibilities** + Define security architecture standards and blueprints for web, mobile, cloud, and Application Programming Interface (API)-based applications. + Review design documents and perform architecture risk assessments for new and existing applications. + Collaborate with DevOps, Engineering, and Infrastructure teams to ensure architectures align with secure design principles. + Integrate automated security testing/scanning tools (Static Application Security Testing (SAST), Software Composition Analysis (SCA)) into Continuous Integration (CI) or Continuous Delivery (CD) pipelines. + Define and enforce secure coding standards and practices across development teams. + Provide training and guidance to developers on secure development principles and vulnerability prevention. + Conduct threat modeling and attack surface reviews for high-risk or critical applications. + Identify potential security flaws and recommend mitigations early in development process. + Track and communicate technical risk to product managers, developers, and leadership teams. + Develop and maintain application security policies, baselines, and architecture frameworks. + Ensure application security practices align with regulations including General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI-DSS). + Support audit and compliance initiatives by providing documentation and evidence of secure development practices. **Minimum Qualifications** + Bachelor's degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience. _Non-degree considered if 12+ years of related experience along with a high school diploma or GED_ **Preferred Qualifications** + 5+ years in cybersecurity with at least 3 years in application security or secure software development experience. + Secure Software Development Life Cycle (SDLC) in development. Deep knowledge of Open Web Application Security Project (OWASP) Top 10, National Institute of Standards and Technology (NIST), and secure coding frameworks. + Experience with Securing Secrets and Service Accounts. + Experience with Web Application Firewall (WAF) implementation/support. + Familiarity with Identity and Access Management and cloud security practices (AWS, Azure). + Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CISSP), Certified Ethical Hacker (CEH) certified. + Familiarity with container security (Docker, Kubernetes). + Experience in Threat Modeling. + Understanding of authentication protocols (Open Authorization (OAuth) and Security Assertion Markup Language (SAML)). + Experience with DEVSECOPStools and container security tools. **Work Authorization:** Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future, are not eligible for hire. No agency calls please. **Compensation and Benefits:** Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and much more. EOE Veterans/Disabilities

Information Technology Manager 1 - Security & Compliance Manager- 20078290 (250008DD) Organization: CommerceAgency Contact Name and Information: ************************ or **************Unposting Date: OngoingPrimary Location: United States of America-OHIO-Franklin County Compensation: Pay range 16, step 1 $47.50/hr.Schedule: Full-time Work Hours: 8:00 am - 5:00 pm (Hours subject to change) Classified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: Information TechnologyTechnical Skills: Risk Management, CybersecurityProfessional Skills: Analyzation, Collaboration, Consultation, InnovationPrimary Technology: Security Monitoring Agency Overview This is a re-post. If you applied to posting 250006TA, you do not need to re-apply to be considered. The Mission of the Ohio Department of Commerce is promoting prosperity by protecting what matters most. The Division of Administration provides overall leadership and administrative support for all Divisions. The Division includes the Office of Director, Communications, Fiscal, Human Resources, IT, Legal and Legislative Affairs. As the state's chief regulator, the Department of Commerce impacts Ohioans every day. We are motivated by our mission to promote prosperity for businesses and licensees by protecting what matters most to the residents of our state. We ensure compliance through proactive outreach, education, and customer-focused service.Commerce is comprised of eight operating divisions and one standalone program that span a variety of industries including real estate, liquor, banking, securities, firefighting, construction and skilled trades, and cannabis. Through exceptional compliance practices and oversight, Commerce has a direct role in protecting Ohioans.Our Guiding PrinciplesMaking an IMPACT for the customer:InclusiveMotivatedProactiveAccountableCustomer-FocusedTeamwork Job DutiesThe IT Security Manager will serve in a management role with technical capabilities and strategic planning oversight; responsible for overseeing and managing security programs, projects, personnel, logical/technical administration, and security acquisitions. Our preferred candidate possesses the ability and experience to focus on reducing security risks throughout the infrastructure to an acceptable level, in alignment with the organizations business needs and requirements. They will be capable of identifying, establishing, and adhering to tactical plans for achieving set goals within a dynamic fast-paced environment. Duties include but are not limited to: Lead the team responsible for security assessments, developing risk-based solutions and controls frameworks. Serve as the subject matter expert for control validation in the Security team. Create/Update/Maintain IT Security Guidelines and Standards. Develop System Policies and establish system standards. Communicate security controls and remediate any concerns. Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations. Conduct, document, and report on internal and third-party risk program. Collaborate with the DAS OISP team to ensure successful delivery of security & business objectives. Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements. Be a highly analytical and effective communicator capable of influencing other teams and departments. Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.Qualifications8 1/2 years (102 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting; 18 months exp. in performing project management functions as defined in series purpose. -Or completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; additional 6 1/2 years (78 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting.; 18 mos. exp. in performing project management functions as defined in series purpose. -Or 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. Or in offices of statewide information technology policy & planning, positions require completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; 3 yrs. exp. in utilizing word processing software; 3 yrs. exp. in utilizing internet browser(s) for research; 54 mos. exp. which included following: knowledge of information technology architecture components, developing information technology strategic plans, preparing & making presentations/public speaking, writing information technology related policy & procedures, preparing & monitoring budget, providing cost & resources estimates, & contract management; 2 yrs. exp. in utilizing e-mail system; 18 mos. exp. in project management or lead role on information technology project;12 mos. exp. in utilizing spreadsheet software; 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. -Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skills: Information TechnologySupplemental InformationApplications must clearly indicate how the applicant meets the minimum qualification for the position. If you meet minimum qualification due to educational achievement, please submit a copy of your unofficial transcript(s) with your application. All answers to the supplemental questions must be supported by information provided in the work experience &/or education sections on your civil service application. Please do not use “see resume” as a substitution for the completed application; assumptions will not be made. Application Status: You can check the status of your application online by signing into your profile. Careers to which you've applied will be listed. The application status is shown to the right of the position title and application submission details. The final candidate selected for this position will be required to undergo a criminal background check as well as other investigative reviews. Criminal convictions do not necessarily preclude an applicant from consideration for a position, unless restricted under state or federal law or federal restrictions. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration.All final applicants tentatively selected for this position will be required to submit to urinalysis to test for illegal drug use prior to appointments. Testing will also be performed for the presence of marijuana. An applicant with a positive test shall not be offered employment unless the applicant submits medical documentation of legally prescribed medications or a recommendation for medical marijuana. Also, an applicant with a positive test will not be considered for any position with the State of Ohio for a period of one year.ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.