Information Security Analyst jobs at Entergy - 19 jobs

Job Title: Security Engineer Specialist I,II, III, Sr Work Place Flexibility: Onsite Legal Entity: Entergy Operations, Inc.-EOI Note: This position could be filled by an Security Engineer Specialist I,II,III, OR Sr depending upon qualifications** JOB SUMMARY/PURPOSE Responsible for providing technical leadership for the fleet through optimization and reliability of security equipment, proactive identification and resolution of security issues, and technical assistance to the Maintenance departments on security equipment maintenance. Responsible for design engineering of new security systems before and during the construction and turnover. Evaluates and selects optimum design alternatives. JOB DUTIES/RESPONSIBILITIES Security system ownership / engagement / advocacy / prioritization for deficiency resolution leading to high levels of security equipment reliability. Proactive performance monitoring, trending of security systems. Use and sharing of Operating Experience (EN Fleet and industry). Work planning and prioritization (including long-range planning and life-cycle management). Prioritize / establish action plans to address deficiencies on assigned systems via the corrective action and work management processes. Interface with Maintenance and Operations for cost effective maintenance strategies on assigned systems. Support Maintenance and Operations in security system troubleshooting and provide system / discipline expertise for troubleshooting significant events or complex plant problems. Support changes in assigned security system configuration/design and design basis. MINIMUM REQUIREMENTS Minimum education required of the position B.S. Degree in Mechanical or Electrical Engineering or other closely related scientific discipline / physical science generally associated with power plant operations, or equivalent work experience (equivalent experience is defined as demonstrated success at the Engineer / Technical Specialist level.) Minimum experience required of the position Eng I-II 0-2 years of experience in nuclear power plant engineering, maintenance, operations or equivalent. Eng III-Sr 2 - 5 years experience in nuclear power plant engineering, maintenance, operations or equivalent. Minimum knowledge, skills and abilities required of the position Technical proficiency as subject matter expert in NSSS mechanical systems at nuclear power plants. Outstanding communication and change management skills. Any certificates, licenses, etc. required for the position Desired: SRO license or certification on a PWR or BWR; Professional Engineering license. WORKING CONDITIONS/ESSENTIAL FUNCTIONS/PHYSICAL REQUIREMENTS As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties. *LI-POST Primary Location: Mississippi-Jackson Mississippi : Jackson Job Function: All Other Jobs FLSA Status: Professional Relocation Option: Level II Union description/code: NON BARGAINING UNIT Number of Openings: 1 Req ID: 121163 Travel Percentage:25% to 50% An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the EEO page, or see statements below. EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated. Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click here and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request. Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties. Know Your Rights: Workplace Discrimination is Illegal The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contact ************************ to schedule a time to review the affirmative action plan during regular office hours. EEI Testing: One way that Entergy has found to identify and assess the abilities and skills needed for certain jobs is through pre-employment testing. If this position does require an EEI test, the type of test will be located under the qualifications section of the job posting. If you are invited to a test session, we strongly recommend you review and complete the practice test as well as review the testing brochure for your respective test. The test brochure will give you critical information on the test such as time allocated and number of questions. Also, keep in mind that the actual test is timed; you should practice timing yourself while doing the practice tests. The practice test information and test brochures can be located by going to the EEI website, ********************************* Logon ID: entergy, password: practice test (2 words). Travel expenses incurred in connection with EEI testing are non-reimbursable. In addition to EEI testing there is also Fit-for-Duty testing which will identify and assess the abilities and skills needed for certain jobs. If this position does require Fit-for-Duty testing, the type of test will be located under the qualifications section of the job posting. WORKING CONDITIONS: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties. Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.

AV is looking for a highly talented Cyber Security Engineer/Information Systems Security Officer (ISSO) to join our team! In this role you will be part of our team providing Systems Engineering Technical Assistance to the Ground-based Midcourse Dense (GMD) Product Office under the Teams-Next Missile Defense Systems Engineering (TN-MDSE) contract managed by the Missile Defense Agency (MDA). Job Description: Serve as a member of the cybersecurity team, developing System Security Plans (SSPs), Interim Authority to Test (IATT), Authority to Connect (ATC) and, Authority to Operate (ATO) packages. Perform technical work utilizing the Risk Management Framework (RMF) process including analyzing and solving Information Assurance (IA)-related technical problems. Ensure that system security artifacts are developed, reviewed, and updated as needed. Confirm all RMF requirements are properly addressed and required artifacts are loaded and managed within Enterprise Mission Assurance Support Service (eMASS). Ability to analyze complex problems, identify root causes, and develop actionable recommendations with effective solutions. Interface with other cyber teams to review RMF Contract Data Requirements List (CDRL) submissions and ensure timely delivery of CDRL artifacts, while providing feedback to ensure the sufficiency and quality of cyber artifacts. Periodically conduct a review of each system's audits and monitors corrective actions until all actions are closed. Perform vulnerability/risk analysis of systems using expertise in relevant information systems security. Track and monitor Plan of Action and Milestones (POA&M). Conduct reviews of cybersecurity artifacts and technical briefings and work with customer to resolve any findings. Ensure that identified security controls are implemented and operating as intended through all phases of the lifecycle. Track deliverables (i.e., artifacts, schedules, metrics). Required: Bachelor's degree and 7+ years of related professional experience. Active Secret clearance. DoD 8570 compliant IAM Level II certification is required (Security +) Experience with DoD's RMF and SSP processes Desired: Experience with MDA specific RMF and SSP processes Self-Motivated Customer-oriented Clearance Level Secret ITAR Requirement: T his position requires access to information that is subject to compliance with the International Traffic Arms Regulations (“ITAR”) and/or the Export Administration Regulations (“EAR”). In order to comply with the requirements of the ITAR and/or the EAR, applicants must qualify as a U.S. person under the ITAR and the EAR, or a person to be approved for an export license by the governing agency whose technology comes under its jurisdiction. Please understand that any job offer that requires approval of an export license will be conditional on AeroVironment's determination that it will be able to obtain an export license in a time frame consistent with AeroVironment's business requirements. A “U.S. person” according to the ITAR definition is a U.S. citizen, U.S. lawful permanent resident (green card holder), or protected individual such as a refugee or asylee. See 22 CFR § 120.15. Some positions will require current U.S. Citizenship due to contract requirements. Benefits: AV offers an excellent benefits package including medical, dental vision, 401K with company matching, a 9/80 work schedule and a paid holiday shutdown. For more information about our company benefit offerings please visit: ********************************** We also encourage you to review our company website at ******************** to learn more about us. Principals only need apply. NO agencies please. Who We Are Based in California, AeroVironment (AVAV) is a global leader in unmanned aircraft systems (UAS) and tactical missile systems. Founded in 1971 by celebrated physicist and engineer, Dr. Paul MacCready, we've been at the leading edge of technical innovation for more than 45 years. Be a part of the team that developed the world's most widely used military drones and created the first submarine-launched reconnaissance drone, and has seven innovative vehicles that are part of the Smithsonian Institution's permanent collection in Washington, DC. Join us today in developing the next generation of small UAS and tactical missile systems that will deliver more actionable intelligence to our customers so they can proceed with certainty - and succeed. What We Do Building on a history of technological innovation, AeroVironment designs, develops, produces, and supports an advanced portfolio of unmanned aircraft systems (UAS) and tactical missile systems. Agencies of the U.S. Department of Defense and allied military services use the company's hand-launched UAS to provide situational awareness to tactical operating units through real-time, airborne reconnaissance, surveillance, and target acquisition. We are proud to be an EEO/AA Equal Opportunity Employer, including disability/veterans. AeroVironment, Inc. is an Equal Employment Opportunity (EEO) employer and welcomes all qualified applicants. Qualified applicants will receive fair and impartial consideration without regard to race, sex, color, religion, national origin, age, disability, protected veteran status, genetic data, sexual orientation, gender identity or other legally protected status. ITAR

Chevron believes the future of energy is lower carbon. And we know that affordable, reliable, ever-cleaner energy is essential to achieving a more prosperous and sustainable world. For Chevron, reducing the carbon intensity of oil and gas represents a tremendous opportunity to advance the global net zero ambitions of the Paris Agreement and build a lower-carbon economy. Technology will play a crucial role in achieving this goal, and Chevron is seeking professionals with a desire to thrive in a cutting-edge digital, global environment to securely advance the global energy transition. We differentiate ourselves through the application of technology, taking an approach that includes in-house expertise, proprietary solutions, and strategic partnerships. Investing in people is a key component of our company - you will be supported by mentoring programs and employee networks to excel your professional development. Rewards include competitive pay, cash incentives, flexible benefit programs and flexible work schedules - every other Friday off and remote work where approved. Information Security is one of five job families within Information Technology. Roles within this job family Provide subject matter expertise and support in the assessment, development, implementation, execution and validation of security program, strategy, and operations. Protects information and information systems from unauthorized access and use. Provide assurance and mitigation actions from security threats. Establishes and leverages defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within Chevron assets to protect information, information systems, and networks from threats. Develops and maintains the cybersecurity strategy, policies and risk management processes to ensure that the organization effectively secures Chevron's operations. Impartially conducts investigations, recovery, and preservation of electronically stored information to protect Chevron. Identifies and assesses the capabilities and activities of cybersecurity adversaries; produces findings to help initialize or support investigation activities. Identifies vulnerabilities, tests Chevron's digital security defenses, analyzes malicious code and leverages all authorized resources and analytic techniques to penetrate targeted environments. Positions available Cybersecurity Engineer - Information Technology (IT) Cybersecurity Engineer - Operational Technology (OT) Locations Houston, TX Cybersecurity Engineer - Information Technology (IT) We are looking for motivated individuals to consult, design, and deploy enterprise cybersecurity technologies and solutions. You will use your infrastructure experience and cybersecurity knowledge or introduce new cybersecurity capabilities that protect Chevron from cybersecurity threats. Successful candidates will work closely with architects, business partners, and other IT areas to solve difficult, rapidly changing security challenges from the network perimeter and the cloud, up to and including the end-point device. You understand next generation security technologies and are effective in collaborating and communicating across teams. Key responsibilities Develops and implements solutions and processes to maintain the reliability, effectiveness, and efficiency of network security infrastructure components across the enterprise. Works with project managers, team members, architects, business units and other stakeholders to create agile solutions, identifying continuous improvement opportunities, creating new or improved processes and automation to support step changes in operational efficiencies. Leads, provides subject matter expertise, and collaborates extensively with other IT asset SMEs in design, deployment, and implementation of network security solutions by utilizing next generation security technologies and improving frameworks for controls and policies achieve the “Secure By Design” strategy by defining engineering standards and security guardrails for the enterprise. Supports the work of the Automation agile team to help replace highly manual and repetitive work with software driven workflows and automations. Collaborates with global business units to design and deploy network security solutions suited to their unique environments. Analyzes network security needs and designs solutions that meet business requirements for protection, standardization, efficiency, scalability, supportability, and cost-effectiveness. Transitions developed solutions to operations, including delivery of educational and training programs, and continues to provide Level 3 support. Cybersecurity Engineer - Operational Technology (OT) We are looking for motivated individuals to lead the strategic direction and technical design of a highly complex set of OT Cybersecurity guardrails, and secure implementation of all OT digital technologies across Chevron. You will work across all product lines to make quality investment decisions around identifying and mitigating risk. Successful candidates will understand Cyber capabilities such as detection and response to threats, risk management, forensics, and insider risk operations, etc. You understand next generation security technologies and are effective in collaborating and communicating across teams. Key responsibilities Understand industrial control technologies and integration points (i.e., control system application, firmware, PLC) Understand OT frameworks (i.e., Purdue Model, Zones & Conduits) and the application to an OT environment. Participate in upgrades to a system, installation of security patches, OT utilities, and equipment. Know and understand how to secure a PCN end-to-end by applying technical controls. Co-facilitate a cyber tabletop, risk assessment, and/or vulnerability assessment. Understand the underlying architecture and technical components for PCN architectures. Participate in the research, development, and testing of emerging OT technologies. Understand Defense in Depth for OT and implement OT Secure By Design principles. Participate as team member on Cyber Incident Response team for OT Requirements Preferred education / degrees Bachelor's or master's degree in Information Technology, Computer Science, or related STEM field. Must be currently enrolled in a four-year college or university and classified as a senior or graduate student with anticipation of receiving a bachelor's or master's degree by July 2025; OR college graduates with less than two years' experience since receiving a degree. Must provide a current, unofficial transcript with online resume (as proof of good academic standing) when applying for this position to be considered. Experience School, work experiences, or exposure in cybersecurity Preferred skills / competencies Highly organized with ability to prioritize and thrive in a fast-paced environment. Communicates in a clear, concise, understandable manner both orally and in writing, within and across work groups. Listens carefully and asks questions to understand the views, concerns, and comments of others. Promotes communications in all directions within work groups and between work groups. Encourages open expression of ideas and opinions. Understand how to read a Pen Tester report. Additional information Relocation may be considered within Chevron parameters. Chevron regrets that it is unable to sponsor employment visas for this position. To be considered for this position, applicants must be legally authorized to work in the United States as a U.S. citizen or national, asylee, refugee, or lawful permanent resident. Regulatory Disclosure for US Positions: The compensation and reference to benefits for this role is listed on this posting in compliance with applicable law. The anticipated salary range for this position is $94,000 - $110,000 annually. The selected candidate's compensation will be determined based on their respective degree level and discipline for U.S. payroll offers. Chevron offers competitive compensation and benefits programs which includes, but is not limited to, variable pay, health care coverage, retirement plan, protection coverage, time off and leave programs, training and development opportunities and a range of allowances connected to specific work situations. Details are available at ************************ U.S. Regulatory notice: Chevron is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), sexual orientation, gender identity, gender expression, national origin or ancestry, age, mental or physical disability, medical condition, reproductive health decision-making, military or veteran status, political preference, marital status, citizenship, genetic information or other characteristics protected by applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or an accommodation, please email us at ********************. Chevron participates in E-Verify in certain locations as required by law.

Bowhead is seeking a Lead Cybersecurity Intrusion Detection Analyst to join our team in Vicksburg, MS. The Cybersecurity Intrusion Detection Analyst use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. They provide on-site 24x7x365 operational support in the form of event/incident handling and analysis capability to cybersecurity service subscribers. These highly skilled individuals will work in various capacities alongside Warning Intelligence Analysts and Engineers. The Cybersecurity Intrusion Detection Analyst will work in the Attack Sensing and Warning (AS&W) division which senses changes in subscriber networks through comparison to established baselines and the fusion/integration of closed and open source intelligence to enhance sensing capability. They will perform the analysis of disparate data sources to form a cohesive view of the current cyber security state. They will characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. These positions are in a 24x7x365 Cybersecurity environment and qualified candidates must be able to work 12 hour shifts - day or night on a Panama schedule. Responsibilities * Provides leadership and supervision to the incident response staff and performs highly technical customer support to organization users. * Manages the incident response and threat detection function. * Proactively analyzes network and systems traffic, event logs, and threat intelligence data, to properly identify and triage susceptibility of core campus technical assets, determine likelihood of exploitation and implement and/or refine preventative and detective security controls * Participates in the development and monitoring of policies and procedures for department or department operations. * Assesses, analyzes, and consults on the security of information assets - networks, endpoints, databases, applications, services, platforms, environments, etc. Contributes to asset inventory and categorization processes. * Receive and distribute AS&W information * Conduct AS&W activities to develop appropriate response (receives and archive task orders, directives, and other required actions, * Maintain internal and external source location information) * Coordinate AS&W information from other sources to aid in analysis of alerts. * Analyze the Intrusion Detection System alerts to identify unauthorized or anomalous activity. * Identify, documents, and reports unauthorized activity/attacks (including IP addresses and ports, attack vector, and attack timeframe) in all incidents and reports per HPCMP CSSP sops. * Take action, if appropriate, to prevent or mitigate potential impact to the DODIN based on cyber threats, and develop and distribute countermeasures and interim guidance to prevent or mitigate threats and/or attacks on DODIN. * Monitor a platform capable of performing information security continuous monitoring (ISCM) for the purposes of detecting cyber intrusions, attacks, anomalous behavior, and possible insider threats. * Collect intrusion artifacts (e.g., source code, malware, and trojans) * Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. * Report incidents and events within proper channels and within timelines identified in the CJCSM 6510.01B * Provide a 24/7x365 event/incident handling and analysis capability; * Provide operations log accessible to personnel documenting all mandated reportable cyber events/incidents; * Analyze detected cyber events to identify incidents; * Categorize and characterize cyber incidents; * Notify affected Subscribers of cyber incidents and collect assessments of mission impact for the loss of the system during the incident response process; * Analyze cyber incidents to develop specific responses; * Distribute tailored countermeasures or interim guidance to Subscribers to eradicate and prevent cyber incidents across all subscribers; * Perform forensic analysis of systems and malware in cases where subscribers lack the capability and ensure relevant IOCs are shared with Warning Intelligence; * Mitigate operational and/or technical impact due to cyber incidents; * Contain the spread of malware to prevent further damage to IT systems through detection, analysis, and execution of containment measures. Qualifications * Must possess Bachelor's degree or equivalent experience. * Must have at least 5 years intrusion detection experience. * Must have at least 2 years relevant IT and/or System administrator experience and 3 years relevant Information Security experience * Must have the certifications for DOD 8570 IAT Level II minimally. * Must have the certifications for DOD 8570 CSSP-Analyst or CSSP-Incident Responder. * Must have the ability to earn DoD 8570 computing environment certification within 6 months. * Understanding of network hardware devices and experience configuring Access Control Lists or other Firewall or Router configuration experience * Ability to demonstrate strong knowledge of computer security concepts * Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience. * Advanced knowledge of network technologies and protocols * Advanced understanding of current threats and trends present in the Information Security and Technology field * Must complete the specified Joint Qualification Requirement training within 180 days of date of hire, unless otherwise specified. SECURITY CLEARANCE REQUIRED: Must currently hold and be able to maintain an active Secret clearance with the ability to obtain a Top Secret/SCI. US Citizenship is a requirement for Secret clearance at this location. Physical Demands: • Must be able to lift up to 25 pounds • Must be able to stand and walk for prolonged amounts of time• Must be able to twist, bend and squat periodically #LI-MN1

**About Us** EMCOR Construction Services (ECS) is part of EMCOR Group, Inc. (NYSE: EME), a Fortune 500 leader in mechanical and electrical construction, industrial and energy infrastructure, and building services for a diverse range of businesses. ECS is a nationwide group of 50+ operating companies with over 30,000 employees and annual revenues of $10.7 billion. Our operating companies are mechanical and commercial electrical contractors with expertise that includes virtually all U.S. commercial, healthcare, institutional, education, hospitality, manufacturing, transportation, and water and wastewater markets. We also have several operating companies that focus on commercial fire protection. They provide integrated life safety solutions, including fire detection and suppression systems, and the most advanced security technology available today. The ECS headquarters team provides key support for its electrical and mechanical companies, including finance and accounting, human resources, legal, national purchasing and information technology. ECS HQ is based out of McLean, Virginia. However, candidates in other locations and meeting the requirements below may be considered. Compensation Range: $75,000 - $90,000 This position is bonus eligible. **SUMMARY** The ITTechnical Analyst is responsible for providing general IT support to ECS and the local IT support groups at our 50+ Operating Companies. Reporting to the ECS IT Support Manager, this position will troubleshoot Tier 1 through Tier 3 technical issues, liaison with local IT teams as necessary, and see problems through to resolution. The Technical Analyst is also a participant in acquisition activity. This position is based in McLean, Virginia. However, candidates in other locations and meeting the requirements below may be considered. **Essential Duties & Responsibilities** Include the following. Other duties may be assigned. + Deliver excellent support to ECS Operating Companies through exceptional customer service + Provide guidance and support to ECS and to ECS Operating Companies + Computer, software, printer, & mobile device inventory, setup, maintenance and management + Endpoint patch management and monitoring for computer and server operating systems + Manage Active Directory and Group Policy + Backup maintenance and monitoring + Provide end user help desk support + Deliver relevant education and training and create documentation for non-technical users + Ensure that Corporate SOP's are met + Work remotely and onsite at OpCos to perform and participate in IT projects and upgrades + Perform other duties as assigned by the IT Support Manager + Participate in pre- and post-acquisition activities + Travel required up to 40% to US-based operating companies ESSENTIAL CHARACTERISTICS AND SKILLS The successful candidate for this role is an individual who demonstrates a high level of service, commitment and execution. The following are required characteristics, knowledge, skills and abilities: + Outstanding customer service + Strong troubleshooting skills + Advanced knowledge of Active Directory, Users, Groups, ACLs, and Policies + Advanced knowledge of general MS Windows Applications + General understanding of networking concepts + Exceptional communication skills, written and oral; capable of leading meetings in a professional manner + Ability to work effectively independently and with technical teams as well as operational teams + Proactive change agent skills with competent follow through + Ability to communicate effectively at all levels **Qualifications** To perform this job successfully, the individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. **POSITION REQUIREMENTS/PREFERRED EXPERIENCE** + Previous experience working in an IT Support position + CompTIA A+ or Microsoft Certifications or equivalent experience + EDR support + Autopilot, SCCM or similar configuration technology experience + Ability to travelup to 40% to US-based operating companies as business needs arise + Ability to understand and follow Corporate Security & IT policies **LANGUAGE SKILLS** Must have the demonstrated ability to effectively communicate in English, cooperate, and collaborate with multiple levels of customer, employees, unions, government agencies, vendors and suppliers, and other contractor organizations. **Physical Demands** The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to talk and hear; and requires working at a computer (reading and keying) or extended periods of time. This role requires communicating verbally and in writing one on one, in small groups, as well as presenting to larger groups of employees. This role requires traveling by car and/or plane up to 40% of the time. **Work Environment** The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The employee may expect to work in typical office environment. **Equal Opportunity Employer** As a leading provider of mechanical and electrical construction, facilities services, and energy infrastructure, we offer employees a competitive salary and benefits package and we are always looking for individuals with the talent and skills required to contribute to our continued growth and success. Equal Opportunity Employer/Veterans/Disabled **Notice to Prospective Employees** Notice to prospective employees: There have been fraudulent postings and emails regarding job openings. EMCOR Group and its companieslist open positions here (************************************** . Please check our available positions to confirm that a post or email is genuine. EMCOR Group and its companies do not reach out to individuals to help with marketing or other similar services. If an individual is contacted for services outside of EMCOR's normal application process - it is probably fraudulent. **Geographic Disclosure** As a leading provider of mechanical and electrical construction, facilities services, and energy infrastructure, we offer employees a competitive salary and benefits package and we are always looking for individuals with the talent and skills required to contribute to our continued growth and success. Equal Opportunity Employer/Veterans/Disabled. Email a Friend Email a Friend **Job Locations** _US-VA-McLean_ **ID** _2025-5430_ **Company** _EMCOR Construction Services, Inc._ **Category** _Information Technology_ **Position Type** _Full-Time_ **Location Type** _Remote_ **Posted Date** _2 months ago_ _(11/18/2025 2:58 PM)_

Required Travel: 0 - 10% Employment Type: Full Time/Hourly/Non-Exempt Anticipated Salary Range: $72,179.00 - $100,000.00 Security Clearance: TS/SCI Level of Experience: Mid This opportunity resides with Warfare Systems (WS), a business group within HII's Mission Technologies division. Warfare Systems comprises cyber and mission IT; electronic warfare; and C5ISR systems. HII works within our nation's intelligence and cyber operations communities to defend our interests in cyberspace and anticipate emerging threats. Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware development uniquely enable us to support sensitive missions for the U.S. military and federal agency partners. Meet HII's Mission Technologies Division Our team of more than 7,000 professionals worldwide delivers all-domain expertise and advanced technologies in service of mission partners across the globe. Mission Technologies is leading the next evolution of national defense - the data evolution - by accelerating a breadth of national security solutions for government and commercial customers. Our capabilities range from C5ISR, AI and Big Data, cyber operations and synthetic training environments to fleet sustainment, environmental remediation and the largest family of unmanned underwater vehicles in every class. Find the role that's right for you. Apply today. We look forward to meeting you. To learn more about Mission Technologies, click here for a short video: *************************** Summary HII's Mission Technologies division is dedicated to delivering cutting-edge solutions that advance national security and defense objectives. This position is part of our Cyber and Intelligence division, which plays a critical role in supporting Enterprise-Level Security and Modernization efforts across IT infrastructure, cybersecurity, physical facilities, and personnel operations. The selected candidate will contribute to a high-impact government program focused on enhancing and securing mission-critical systems and environments. The program is scheduled to launch in early 2026 and due to the classified nature of the mission and the sensitivity of the operational environment, an active TS/SCI security clearance will be required. Industrial Security Analyst 1 - $59,023 -84,318 Industrial Security Analyst 2 - $69,802 - $99,717 Industrial Security Analyst 3 - $86,232 - $123,188 Industrial Security Analyst 4 - $104,169 - $148,812 What you will do Develop, and administer security programs and procedures for classified or proprietary materials, sale of counterfeit products, documents, and equipment. Prepare manuals outlining regulations, and establishes procedures for handling, storing, and keeping records, and for granting staff and visitors access to restricted records and materials. Conduct security education classes and security audits. Investigate security violations and prepares reports specifying preventive action to be taken. What we are looking for Industrial Security Analyst 1: 0 years experience with Bachelors in related field or a High School Diploma or equivalent and 4 years relevant experience. Industrial Security Analyst 2: 3 years relevant experience with Bachelors in related field; 1 year relevant experience with Masters in related field; or High School Diploma or equivalent and 7 years relevant experience. Industrial Security Analyst 3: 6 years relevant experience with Bachelors in related field; 4 years relevant experience with Masters in related field; or High School Diploma or equivalent and 10 years relevant experience. Industrial Security Analyst 4: 10 years relevant experience with Bachelors in related field; 8 years relevant experience with Masters in related field; or High School Diploma or equivalent and 14 years relevant experience. Active TS/SCI government security clearance required to start. Physical Requirements May require working in an office, industrial, or laboratory environment. The listed salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, HII's Mission Technologies division takes a variety of factors into consideration which include, but are not limited to, the role's function and a candidate's education or training, work experience, and key skills. Together we are working to ensure a future where everyone can be free and thrive. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to ************************** and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call ************** for assistance. Press #3 for HII Mission Technologies.

Valero is the best-in-class producer of essential fuels and products that are foundational to modern life. We invite you to join our ~10,000 employees to drive exceptional results for our company, the energy industry and our community. As an IT SOX Compliance Analyst you will be responsible for examining automated systems and information technology in all areas of the Corporation to determine the extent of compliance with policies, plans, procedures, and rules of regulatory agencies. At Valero, we are committed to advancing the future of energy through innovation, ingenuity and unmatched execution. You can help achieve this goal if you can: * Evaluates IT management's effectiveness in the attainment of IT control objectives. * Assists in the identification of controls over information systems relevant to Sarbanes-Oxley (SOX) compliance and maintains the controls frame work within the SAP GRC-Process Control system. * Assists in evaluating the results of self-assessments performed by the control owners within the IS department. * Assists in the mitigation of segregation of duties conflicts for SAP systems. * Establishes relationships with personnel in the IS department to identify and understand process changes or system implementations that are relevant to SOX compliance. * Participates in the annual scoping process to identify controls that are required for the annual SOX internal control certification process. * Participates as part of the team responsible for documenting relevant application and general computer controls for new applications or new businesses acquired. * Assists in the testing of SOX IT controls for the Corporation and subsidiaries. * Assists in the development and improvement of procedures and techniques related to internal controls over systems and technology to enhance the information systems control environment This position is salaried exempt status, which means you are not eligible for overtime pay. Minimum Requirements: * Bachelor's degree from an accredited college or university in Information Systems, Computer Science, Accounting, or related field. * Minimum two (2) years of IT auditing or control-related experience (equivalent related experience in information technology or public accounting may be considered). * Able and willing to work on-site, in-person at the Valero San Antonio location, required. Preferred Requirements: * Recent experience working with SOX IT controls, COBIT and/or COSO. * External IS auditing experience. * Experience in the refining and marketing business. * Experience auditing SAP. Need more reasons to work for a company that is both professionally challenging and culturally rewarding? Take a look at some of our best-in-class benefits: * Competitive Pay and Annual Bonus Program * 100% match on 401(K) up to 7%, with immediate vesting * Company-sponsored Pension Plan * Comprehensive Healthcare and Wellness Programs * Onsite Daycare Center * Onsite Employee and Family Wellness Centers (Physician & Pediatrician) * Onsite Pharmacy * State-of-the-art 24-hour Fitness Center free for employees and spouses with access to Tennis and Basketball Facilities * Onsite cafeteria open for breakfast and lunch * Sprawling campus with walking paths and access to biking trails Benefits described above are highlights only, subject to an employee's eligibility and work location. Position level and salary will be commensurate with qualifications and experience. Valero's employees and team-focused culture drive our success. We're invested in our dedicated workforce through a comprehensive, customizable benefits package, while supporting a caring culture that delivers a rewarding work environment built on teamwork, excellence and career growth. To explore the ways we build a stronger team, visit Valero.com/Careers. Valero is an EEO Employer. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to legally protected status, including race, color, religion, sex, national origin, age, disability, protected veteran or any other status protected by applicable federal, state or local laws. Please be advised, if you are viewing this position on a website that lists an estimated salary rate/range, it was not provided by Valero. Valero's market specific salary rate/range will be provided during the recruiting process and tends to be higher than what is estimated by such websites. * LI-LP1

Join our Growing Team and see why Summit Utilities, Inc was named as one of the Fastest Growing Denver Area Private Companies 2019 and 2020; Best Places to Work in Maine 2019, 2020, 2021, 2022 and 2023; and Best Places to Work in Arkansas 2020 and 2023, Oklahoma 2022 and 2023 and Missouri 2023. Summit was also recently named one of Forbes 2023 America's Best Small Employers. Summit is a growing natural gas utility providing safe, reliable and clean burning natural gas service to homes and businesses in Arkansas, Colorado, Maine, Missouri, Oklahoma, and Texas. Being part of the Summit team means embracing excellence and innovation, committing to safety each and every day, and doing all that we can to serve each other, our customers and the communities where we live. We aim to bring warmth and energy to everything we do. We have an exciting hybrid opportunity for a Director of Information Technology based in Fort Smith, Arkansas. POSITION SUMMARY The Director of Information Security is a trusted senior leader responsible for protecting Summit's digital and physical information assets while upholding the highest standards of integrity, financial discipline, and organizational trust. This role oversees cybersecurity governance, risk management, and business continuity for enterprise systems - including modern threats emerging from AI technologies and data automation. The Director will develop and execute a forward-looking security strategy that supports Summit's operational excellence, compliance obligations, and AI-driven transformation initiatives. This includes defining governance frameworks, managing enterprise risk, ensuring prudent budget oversight, and cultivating a strong security culture across all levels of the organization. This position requires a strategic thinker, a disciplined financial steward, and a leader of high character who models accountability, transparency, and ethical decision-making. PRIMARY DUTIES AND RESPONSIBILITIES Lead the design, implementation, and continuous improvement of Summit's enterprise information security program - covering cybersecurity, AI and data protection, risk management, and incident response. Ensure strong alignment between security strategy, business goals, and regulatory requirements, particularly in the context of emerging AI use cases, machine learning models, and data governance. Oversee the IT Business Continuity and Disaster Recovery (BCP/DR) programs, including Business Impact Analysis (BIA) and scenario-based recovery exercises. Develop and enforce comprehensive policies, standards, and procedures aligned with frameworks such as NIST CSF 2.0, C2M2, and ISO 27001. Partner with data, application, and operations leaders to ensure secure design, access control, and model integrity across AI and analytics systems. Direct risk assessments and audits to identify vulnerabilities, ensuring mitigation strategies are financially sound and proportionate to organizational risk appetite. Maintain strict adherence to financial controls - including vendor spend, contract review, and security-related procurement - demonstrating accountability for budget stewardship and cost transparency. Lead and mentor a high-performing information security team, fostering a culture of ethics, service, and continuous learning. Serve as the executive liaison for internal and external audits, compliance reviews, and regulatory reporting related to cybersecurity. Stay ahead of evolving threats, particularly those involving AI misuse, data poisoning, and adversarial attacks, and integrate defenses into enterprise security posture. Provide executive-level reporting on risk posture, incidents, and metrics that connect security outcomes to business and financial value. EDUCATION AND WORK EXPERIENCE Bachelor's or Master's degree in information security, Computer Science, Information Technology, or a related field. 10+ years of experience in information security, including at least 5 years in a senior leadership or management capacity. Advanced security certifications strongly preferred (CISSP, CISM, CISA, CRISC, CCISO, etc.). Demonstrated experience managing security for cloud and hybrid environments, and integrating controls for AI, analytics, and data platforms. Proven record of financial accountability, including budget ownership, cost optimization, and vendor governance. Experience implementing and auditing against leading security frameworks (NIST CSF, C2M2, ISO 27001, SOC 2) and regulatory standards (GDPR, HIPAA, PCI, etc.). KNOWLEDGE, SKILLS, ABILITIES Deep expertise in cybersecurity, risk management, and incident response, including threat intelligence, vulnerability management, and data protection. Strong knowledge of AI and data security principles, including model governance, data ethics, and emerging threats tied to generative AI. Uncompromising integrity and sound judgment in handling confidential and financial information. Strong grasp of financial concepts related to technology management: budgeting, forecasting, cost-benefit analysis, and vendor contract negotiation. Exceptional leadership and communication skills - able to translate complex security concepts into clear, actionable guidance for executives and teams. Ability to lead under pressure with discipline, humility, and transparency. Demonstrated track record of fostering a culture of trust, compliance, and ethical leadership. The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and/or skills required of all personnel so classified. Summit offers competitive pay and medical/dental/vision and other benefits that provide flexibility, choice and support to our employees when they need it most. We understand that home and family are essential pieces of your life, and our benefits are designed to support you both at work and at home. Summit Utilities, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status and will not be discriminated against on the basis of disability or veteran status.

We are looking for the right people - people who want to innovate, achieve, grow and lead. We attract and retain the best talent by investing in our employees and empowering them to develop themselves and their careers. Experience the challenges, rewards and opportunity of working for one of the world's largest providers of products and services to the global energy industry. Job Duties * Lead the design, implementation, and ongoing evolution of the organization's network security architecture, ensuring integration with existing security systems, including Palo Alto Next-Gen Firewalls (NGFW), IDS/IPS, Web Application Firewalls (WAF), and SIEM platforms. * Lead the development and implementation of the Zero Trust security framework across the organization, ensuring seamless enforcement of Zero Trust principles across all network segments. * Drive the adoption of Zero Trust principles by leveraging industry-leading SSE/SASE technologies and complementary solutions. * Evaluate, select, and implement cloud-native security tools such as Palo Alto SASE, Zscaler, and Web Application Firewalls (WAF) to align with Zero Trust and security goals like least privilege, NAC, SWG, CASB, network based DLP etc. * Work closely with the Identity and Access Management (IAM) team to integrate network security policies with identity controls, ensuring secure access across all applications and network resources. * Experience in securing Operational Technology (OT) environments, including ICS/SCADA networks, and ensuring their integration with IT security systems to mitigate risks in industrial environments. * Collaborate with OT security teams to ensure the protection of critical infrastructure against cyber threats, such as malware, ransomware, and unauthorized access, while maintaining operational continuity. Job Duties Continued * Take a leading role in network security incident management, leveraging threat intelligence to mitigate threats and respond to incidents. * Continuously assess emerging security threats, propose strategies, and implement security solutions to meet organizational objectives. * Develop and enforce network security policies, procedures, and guidelines to ensure compliance with internal security standards and compliance regulations. * Engage with senior leadership and cross-functional teams (e.g., IT, security operations) to communicate strategic goals, provide actionable recommendations, and present security reports. * Oversee and coordinate the activities of globally distributed security consultants, providing mentorship and ensuring adherence to network security best practices and Zero Trust protocols. Qualifications * Hands-on experience with Web Application Firewalls (WAF) to safeguard web applications from attacks such as SQL injection, cross-site scripting (XSS), and other common exploits. * Experience with cloud security models and architectures, including Azure, AWS, OCI and hybrid cloud environments (VPC/VNET, NSG security). * Ability to set and articulate a clear vision and strategy for network security, ensuring alignment with broader business objectives and IT transformation goals. * Experience managing vendor relationships, overseeing security technology lifecycles, and handling contract negotiations and budget management. * Relevant certifications such as CISSP, CCSP or similar Cloud provider specific security certifications. * Familiarity with regulatory frameworks such as GDPR, CCPA etc. Candidates having qualifications that exceed the minimum job requirements will receive consideration for higher level roles given (1) their experience, (2) additional job requirements, and/or (3) business needs. Depending on education, experience, and skill level, a variety of job opportunities might be available including Senior IT Manager. World Class Benefits: At Halliburton, we're committed to providing you and your family with a comprehensive and affordable benefits package - which means we offer support for your physical, emotional, financial and parental needs, both now and in the future. When you join our team, you'll have access to a wide range of resources designed to help you thrive at work and at home. By clicking here, you can review a summary of the benefits available once you join. Halliburton is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation. Location 3000 N. Sam Houston Parkway E., Houston, Texas, 77032, United States Job Details Requisition Number: 204392 Experience Level: Experienced Hire Job Family: Support Services Product Service Line: Global Information Security Full Time / Part Time: Full Time Additional Locations for this position: Compensation Information Compensation is competitive and commensurate with experience.

General As a Cyber Security Engineer working in tandem with an outsourced segment of the SOC providing incident response and event management you will be responsible for analyzing and responding to incidents; executing incident response plans preparing incident reports; communicating findings to management; evaluating security technologies to support cutting edge security monitoring and response; working closely with all departments to ensure policies and procedures are effectively implemented and utilized Providing cyber security engineering administration configuration hardening operation monitoring documentation and remediation of cyber security systems corporate infrastructure endpoints and processes This position reports directly to the Director of ITCSO Primary Responsibilities and Duties Identify validate and remediate security vulnerabilities detected in The McPherson Companies corporate infrastructure and endpoints Support and monitor The McPherson Companies current endpoint and network security platforms HIPS HIDS on premises firewalls Anti VirusAnti Malware Email security Mobile Device Management etc Support and monitor the external outsourced SOC platform Assist IT staff in the procurement testing implementation and configuration of new security controls Assist IT staff in updating and security patching to corporate infrastructure and endpoints Assist with responding to and managing any Security Information Gathering SIG questionnaires any required compliance audits andor maturity assessments from 3rd parties Educate end users on cybersecurity best practices and manage our cybersecurity awareness training and phishing assessment programs Compile reports as needed detailing current operational status of security measures utilized by company Investigate potential security violations and breaches and provide recommendations to management Perform analysis to determine root causes of any incident Assist IT staff in testing and updates of the Business Continuity PlanAssist with the design development documentation and enforcement of new and existing information security processes procedures and policies Provide computer system audits to ensure the highest level of security and data protection Maintain up to date knowledge on current security practices and tools Position Requirements You have at least 3 years experience in an endpoint security network security or general security focused IT support role BS in Computer Science or Information Security preferred Experience with planning researching and developing security policies standards and procedures Experience working within ITIL frameworks with specific knowledge of Change Management standards and procedures Proven experience with the following Windows administration Active Directory and Group PolicyManagement of firewall hardware platforms Applications used for network management andor monitoring Security orchestration and automation tools and technologies Serverclient communications data center architecture and network topology Proven experience with incident response technologies and methodologies Knowledge of configuration and operation of the WindowsLinux Operating systems Application whitelisting and enterprise anti malware Configurationmanagementrule writing SIEM log analysis and correlation Ability to analyze forensic and static malware Must have strong researchanalysis skills Understanding of the MITRE ATT&CK framework preferred Demonstrated ability to create complex scripts develop tools or automate processes Security certifications ex GSEC OSCP CISSP Security is a plus Position Competencies Ability to work independently as well as with a team Ability to work in a fast paced environment performing multiple dutiestasks within defined deadlines Proven experience identifying problems of varying complexities and finding effective solutions with few guidelines Responsive to the needs of customers internal and external Sense of urgency and commitment with strong follow up skills Proven precision and attention to detail with a high level of accuracy Demonstrate a professional and positive attitude in all internal and external customer interactions Excellent interpersonal skills written and verbal communication and listening skills Self driven and motivated individual with excellent planning and organizational skills Display proficiency with Microsoft Office Word Outlook PowerPoint etc Working Environment The work of this position is performed in an environmentally controlled office environment This position requires the ability to work under pressure and communicate with a diverse population including other employees customers vendors etc This position also requires prolonged periods of sitting in a regular seated position as well as the use of general office equipment including phones printers computers mouse keyboard etc The job description of the Cyber Security Engineer is not inclusive and is subject to changes additions and deletions as determined by the supervisor The McPherson Companies Inc is an Equal Opportunity Employer MFVetsDisabled

Are you looking for an exciting job where you can put your skills and talents to work at a company you can feel proud to be a part of? Do you want a workplace that will challenge you and offer you opportunities to learn and grow? A position at Xcel Energy could be just what you're looking for. Position Summary: The Security Architect is responsible for developing information security architecture products related to systems, processes, applications, data, and technology across the enterprise. Work with stakeholders (e.g. security, technology, legal, business) to understand needs and align capabilities to ensure that security architecture direction and standards are set, communicated, and maintained. Perform strategic planning to ensure ESEM program-level strategies are consistent with organizational goals and requirements, respond to risk and threat, and are coordinated and deconflicted. Report strategy development results out to senior leadership for use in decision making. Essential Responsibilities: * Solution Support: Works with security stakeholders, project teams, and asset owners to determine applicable security requirements and controls. Follows projects through execution. * Identifies and applies existing patterns and technical controls to ensure consistency in security delivery. Identifies compensating controls when standard solutions cannot be applied. * Architecture Framework: Develop enterprise-level Information Security strategic architectures. Defines controls and integration standards and governs project adherence to standards, frameworks and industry-specific requirements. * Architectural Governance: Participate in the Architecture, Engineering, and/or Design Communities of Practice. Assist in the development of reference architectures and security best practices. Governs project adherence to standards. * Communication & Relationship Building: Communicate with stakeholders and leadership on key technical decisions, program status, and risks. Prepare and deliver effective documentation and presentations on projects, overall program architecture and design. Communicate security risks and technical information to executives, peers and other stakeholders. * Trend Analysis / Technology Investment: Ensure that security architecture areas are integrated with major programs from a domain and enterprise architecture perspective. Perform technology watch functions and keeps abreast of latest developments. Set direction and provide Information Security Roadmap updates relative to key technology direction regarding long-term capabilities required and project impacts. * Technology Leadership: Provide technical leadership to other architects and project engineers. Act as a mentor and role model to other IT architects and engineers. Assists management with development of plans to acquire, train and retain high performing technical talent in critical areas. Senior Security Architect - Comp range: $112,200 - $159,400 Minimum Requirements: * Minimum of 8 years' experience in IT including 5 years of direct experience in IT engineering and cyber security. * Demonstrated verbal/written communication and presentation skills. * Demonstrated experience collaborating with internal stakeholders, 3rd parties, management. * Ability to influence without direct authority. * Experience with technology implementation projects for enterprise-scale organizations. Preferred Requirements: * Bachelor's degree with a concentration in computer science, technology, accounting or business or equivalent combination of education and experience. * Industrial Control Systems (ICS) / Operational Technology (OT) experience. * Experience with relevant standards and security frameworks (e.g. NERC CIP, NIST CSF, NIST 800-53, IEC 62443). * Experience securing cloud-based services (e.g. SaaS, IaaS, PaaS). * Experience with virtualization technologies: traditional, containerized, network (SDWAN). * Experience with application security programs. Principal Security Architect - Comp range: $129,000 - $183,200 Minimum Requirements: * 5 years' experience of systems architecture or systems engineering. * 10 years' experience in Information Security. * 3 years' experience designing complex systems. * 3 years' experience with systems integration and engineering. * Strong oral and written communication skills. * Must be able to understand and respond to clients' business needs. * Demonstrated experience collaborating with internal employees, third parties, and management to develop solutions and ensure stakeholder buy-in. * Ability to influence without direct authority. Preferred Requirements: * Information Security experience in the electric utility industry. * Experience with technology implementation projects for enterprise-scale organizations. As a leading combination electricity and natural gas energy company, Xcel Energy offers a comprehensive portfolio of energy-related products and services to 3.4 million electricity and 1.9 million natural gas customers across eight Western and Midwestern states. At Xcel Energy, we strive to be the preferred and trusted provider of the energy our customers need. If you're ready to be a part of something big, we invite you to join our team. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Individuals with a disability who need an accommodation to apply please contact us at *************************. Non-Bargaining The anticipated starting base pay for this position is: $112,200.00 to $183,200.00 per year This position is eligible for the following benefits: Annual Incentive Program, Medical/Pharmacy Plan, Dental, Vision, Life Insurance, Dependent Care Reimbursement Account, Health Care Reimbursement Account, Health Savings Account (HSA) (if enrolled in eligible health plan), Limited-Purpose FSA (if enrolled in eligible health plan and HSA), Transportation Reimbursement Account, Short-term disability (STD), Long-term disability (LTD), Employee Assistance Program (EAP), Fitness Center Reimbursement (if enrolled in eligible health plan), Tuition reimbursement, Transit programs, Employee recognition program, Pension, 401(k) plan, Paid time off (PTO), Holidays, Volunteer Paid Time Off (VPTO), Parental Leave Benefit plans are subject to change and Xcel Energy has the right to end, suspend, or amend any of its plans, at any time, in whole or in part. In any materials you submit, you may redact or remove age-identifying information including but not limited to dates of school attendance and graduation. You will not be penalized for redacting or removing this information. Deadline to Apply: 01/28/26 EEO is the Law | EEO is the Law Supplement | Pay Transparency Nondiscrimination | Equal Opportunity Policy (PDF) | Employee Rights (PDF) All Xcel Energy employees and contractors share responsibility for protecting the company's information and systems by adhering to cybersecurity policies, standards, and best practices, recognizing that cybersecurity is everyone's responsibility. ACCESSIBILITY STATEMENT Xcel Energy endeavors to make *************************** accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Xcel Energy Talent Acquisition at *************************. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

Bowhead is seeking a Lead Cybersecurity Intrusion Detection Analyst to join our team in Vicksburg, MS. The Cybersecurity Intrusion Detection Analyst use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. They provide on-site 24x7x365 operational support in the form of event/incident handling and analysis capability to cybersecurity service subscribers. These highly skilled individuals will work in various capacities alongside Warning Intelligence Analysts and Engineers. The Cybersecurity Intrusion Detection Analyst will work in the Attack Sensing and Warning (AS&W) division which senses changes in subscriber networks through comparison to established baselines and the fusion/integration of closed and open source intelligence to enhance sensing capability. They will perform the analysis of disparate data sources to form a cohesive view of the current cyber security state. They will characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. These positions are in a 24x7x365 Cybersecurity environment and qualified candidates must be able to work 12 hour shifts - day or night on a Panama schedule. Responsibilities Provides leadership and supervision to the incident response staff and performs highly technical customer support to organization users. Manages the incident response and threat detection function. Proactively analyzes network and systems traffic, event logs, and threat intelligence data, to properly identify and triage susceptibility of core campus technical assets, determine likelihood of exploitation and implement and/or refine preventative and detective security controls Participates in the development and monitoring of policies and procedures for department or department operations. Assesses, analyzes, and consults on the security of information assets - networks, endpoints, databases, applications, services, platforms, environments, etc. Contributes to asset inventory and categorization processes. Receive and distribute AS&W information Conduct AS&W activities to develop appropriate response (receives and archive task orders, directives, and other required actions, Maintain internal and external source location information) Coordinate AS&W information from other sources to aid in analysis of alerts. Analyze the Intrusion Detection System alerts to identify unauthorized or anomalous activity. Identify, documents, and reports unauthorized activity/attacks (including IP addresses and ports, attack vector, and attack timeframe) in all incidents and reports per HPCMP CSSP sops. Take action, if appropriate, to prevent or mitigate potential impact to the DODIN based on cyber threats, and develop and distribute countermeasures and interim guidance to prevent or mitigate threats and/or attacks on DODIN. Monitor a platform capable of performing information security continuous monitoring (ISCM) for the purposes of detecting cyber intrusions, attacks, anomalous behavior, and possible insider threats. Collect intrusion artifacts (e.g., source code, malware, and trojans) Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Report incidents and events within proper channels and within timelines identified in the CJCSM 6510.01B Provide a 24/7x365 event/incident handling and analysis capability; Provide operations log accessible to personnel documenting all mandated reportable cyber events/incidents; Analyze detected cyber events to identify incidents; Categorize and characterize cyber incidents; Notify affected Subscribers of cyber incidents and collect assessments of mission impact for the loss of the system during the incident response process; Analyze cyber incidents to develop specific responses; Distribute tailored countermeasures or interim guidance to Subscribers to eradicate and prevent cyber incidents across all subscribers; Perform forensic analysis of systems and malware in cases where subscribers lack the capability and ensure relevant IOCs are shared with Warning Intelligence; Mitigate operational and/or technical impact due to cyber incidents; Contain the spread of malware to prevent further damage to IT systems through detection, analysis, and execution of containment measures. Qualifications Must possess Bachelor's degree or equivalent experience. Must have at least 5 years intrusion detection experience. Must have at least 2 years relevant IT and/or System administrator experience and 3 years relevant Information Security experience Must have the certifications for DOD 8570 IAT Level II minimally. Must have the certifications for DOD 8570 CSSP-Analyst or CSSP-Incident Responder. Must have the ability to earn DoD 8570 computing environment certification within 6 months. Understanding of network hardware devices and experience configuring Access Control Lists or other Firewall or Router configuration experience Ability to demonstrate strong knowledge of computer security concepts Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience. Advanced knowledge of network technologies and protocols Advanced understanding of current threats and trends present in the Information Security and Technology field Must complete the specified Joint Qualification Requirement training within 180 days of date of hire, unless otherwise specified. SECURITY CLEARANCE REQUIRED: Must currently hold and be able to maintain an active Secret clearance with the ability to obtain a Top Secret/SCI. US Citizenship is a requirement for Secret clearance at this location. Physical Demands: • Must be able to lift up to 25 pounds • Must be able to stand and walk for prolonged amounts of time • Must be able to twist, bend and squat periodically #LI-MN1

Chevron believes the future of energy is lower carbon. And we know that affordable, reliable, ever-cleaner energy is essential to achieving a more prosperous and sustainable world. For Chevron, reducing the carbon intensity of oil and gas represents a tremendous opportunity to advance the global net zero ambitions of the Paris Agreement and build a lower-carbon economy. Technology will play a crucial role in achieving this goal, and Chevron is seeking professionals with a desire to thrive in a cutting-edge digital, global environment to securely advance the global energy transition. We differentiate ourselves through the application of technology, taking an approach that includes in-house expertise, proprietary solutions, and strategic partnerships. Investing in people is a key component of our company - you will be supported by mentoring programs and employee networks to excel your professional development. Rewards include competitive pay, cash incentives, flexible benefit programs and flexible work schedules - every other Friday off and remote work where approved. Information Security is one of five job families within Information Technology. Roles within this job family Provide subject matter expertise and support in the assessment, development, implementation, execution and validation of security program, strategy, and operations. Protects information and information systems from unauthorized access and use. Provide assurance and mitigation actions from security threats. Establishes and leverages defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within Chevron assets to protect information, information systems, and networks from threats. Develops and maintains the cybersecurity strategy, policies and risk management processes to ensure that the organization effectively secures Chevron's operations. Impartially conducts investigations, recovery, and preservation of electronically stored information to protect Chevron. Identifies and assesses the capabilities and activities of cybersecurity adversaries; produces findings to help initialize or support investigation activities. Identifies vulnerabilities, tests Chevron's digital security defenses, analyzes malicious code and leverages all authorized resources and analytic techniques to penetrate targeted environments. Positions available Cybersecurity Engineer - Information Technology (IT) Cybersecurity Engineer - Operational Technology (OT) Locations Houston, TX Cybersecurity Engineer - Information Technology (IT) We are looking for motivated individuals to consult, design, and deploy enterprise cybersecurity technologies and solutions. You will use your infrastructure experience and cybersecurity knowledge or introduce new cybersecurity capabilities that protect Chevron from cybersecurity threats. Successful candidates will work closely with architects, business partners, and other IT areas to solve difficult, rapidly changing security challenges from the network perimeter and the cloud, up to and including the end-point device. You understand next generation security technologies and are effective in collaborating and communicating across teams. Key responsibilities Develops and implements solutions and processes to maintain the reliability, effectiveness, and efficiency of network security infrastructure components across the enterprise. Works with project managers, team members, architects, business units and other stakeholders to create agile solutions, identifying continuous improvement opportunities, creating new or improved processes and automation to support step changes in operational efficiencies. Leads, provides subject matter expertise, and collaborates extensively with other IT asset SMEs in design, deployment, and implementation of network security solutions by utilizing next generation security technologies and improving frameworks for controls and policies achieve the “Secure By Design” strategy by defining engineering standards and security guardrails for the enterprise. Supports the work of the Automation agile team to help replace highly manual and repetitive work with software driven workflows and automations. Collaborates with global business units to design and deploy network security solutions suited to their unique environments. Analyzes network security needs and designs solutions that meet business requirements for protection, standardization, efficiency, scalability, supportability, and cost-effectiveness. Transitions developed solutions to operations, including delivery of educational and training programs, and continues to provide Level 3 support. Cybersecurity Engineer - Operational Technology (OT) We are looking for motivated individuals to lead the strategic direction and technical design of a highly complex set of OT Cybersecurity guardrails, and secure implementation of all OT digital technologies across Chevron. You will work across all product lines to make quality investment decisions around identifying and mitigating risk. Successful candidates will understand Cyber capabilities such as detection and response to threats, risk management, forensics, and insider risk operations, etc. You understand next generation security technologies and are effective in collaborating and communicating across teams. Key responsibilities Understand industrial control technologies and integration points (i.e., control system application, firmware, PLC) Understand OT frameworks (i.e., Purdue Model, Zones & Conduits) and the application to an OT environment. Participate in upgrades to a system, installation of security patches, OT utilities, and equipment. Know and understand how to secure a PCN end-to-end by applying technical controls. Co-facilitate a cyber tabletop, risk assessment, and/or vulnerability assessment. Understand the underlying architecture and technical components for PCN architectures. Participate in the research, development, and testing of emerging OT technologies. Understand Defense in Depth for OT and implement OT Secure By Design principles. Participate as team member on Cyber Incident Response team for OT Requirements Preferred education / degrees Bachelor's or master's degree in Information Technology, Computer Science, or related STEM field. Must be currently enrolled in a four-year college or university and classified as a senior or graduate student with anticipation of receiving a bachelor's or master's degree by July 2025; OR college graduates with less than two years' experience since receiving a degree. Must provide a current, unofficial transcript with online resume (as proof of good academic standing) when applying for this position to be considered. Experience School, work experiences, or exposure in cybersecurity Preferred skills / competencies Highly organized with ability to prioritize and thrive in a fast-paced environment. Communicates in a clear, concise, understandable manner both orally and in writing, within and across work groups. Listens carefully and asks questions to understand the views, concerns, and comments of others. Promotes communications in all directions within work groups and between work groups. Encourages open expression of ideas and opinions. Understand how to read a Pen Tester report. Additional information Relocation may be considered within Chevron parameters. Chevron regrets that it is unable to sponsor employment visas for this position. To be considered for this position, applicants must be legally authorized to work in the United States as a U.S. citizen or national, asylee, refugee, or lawful permanent resident. Regulatory Disclosure for US Positions: The compensation and reference to benefits for this role is listed on this posting in compliance with applicable law. The anticipated salary range for this position is $94,000 - $110,000 annually. The selected candidate's compensation will be determined based on their respective degree level and discipline for U.S. payroll offers. Chevron offers competitive compensation and benefits programs which includes, but is not limited to, variable pay, health care coverage, retirement plan, protection coverage, time off and leave programs, training and development opportunities and a range of allowances connected to specific work situations. Details are available at ************************ U.S. Regulatory notice: Chevron is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), sexual orientation, gender identity, gender expression, national origin or ancestry, age, mental or physical disability, medical condition, reproductive health decision-making, military or veteran status, political preference, marital status, citizenship, genetic information or other characteristics protected by applicable law. We are committed to providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or an accommodation, please email us at ********************. Chevron participates in E-Verify in certain locations as required by law.

About Us EMCOR Construction Services (ECS) is part of EMCOR Group, Inc. (NYSE: EME), a Fortune 500 leader in mechanical and electrical construction, industrial and energy infrastructure, and building services for a diverse range of businesses. ECS is a nationwide group of 50+ operating companies with over 30,000 employees and annual revenues of $10.7 billion. Our operating companies are mechanical and commercial electrical contractors with expertise that includes virtually all U.S. commercial, healthcare, institutional, education, hospitality, manufacturing, transportation, and water and wastewater markets. We also have several operating companies that focus on commercial fire protection. They provide integrated life safety solutions, including fire detection and suppression systems, and the most advanced security technology available today. The ECS headquarters team provides key support for its electrical and mechanical companies, including finance and accounting, human resources, legal, national purchasing and information technology. ECS HQ is based out of McLean, Virginia. However, candidates in other locations and meeting the requirements below may be considered. Compensation Range: $75,000 - $90,000 This position is bonus eligible. SUMMARY The IT Technical Analyst is responsible for providing general IT support to ECS and the local IT support groups at our 50+ Operating Companies. Reporting to the ECS IT Support Manager, this position will troubleshoot Tier 1 through Tier 3 technical issues, liaison with local IT teams as necessary, and see problems through to resolution. The Technical Analyst is also a participant in acquisition activity. This position is based in McLean, Virginia. However, candidates in other locations and meeting the requirements below may be considered. Essential Duties & Responsibilities Include the following. Other duties may be assigned. * Deliver excellent support to ECS Operating Companies through exceptional customer service * Provide guidance and support to ECS and to ECS Operating Companies * Computer, software, printer, & mobile device inventory, setup, maintenance and management * Endpoint patch management and monitoring for computer and server operating systems * Manage Active Directory and Group Policy * Backup maintenance and monitoring * Provide end user help desk support * Deliver relevant education and training and create documentation for non-technical users * Ensure that Corporate SOP's are met * Work remotely and onsite at OpCos to perform and participate in IT projects and upgrades * Perform other duties as assigned by the IT Support Manager * Participate in pre- and post-acquisition activities * Travel required up to 40% to US-based operating companies ESSENTIAL CHARACTERISTICS AND SKILLS The successful candidate for this role is an individual who demonstrates a high level of service, commitment and execution. The following are required characteristics, knowledge, skills and abilities: * Outstanding customer service * Strong troubleshooting skills * Advanced knowledge of Active Directory, Users, Groups, ACLs, and Policies * Advanced knowledge of general MS Windows Applications * General understanding of networking concepts * Exceptional communication skills, written and oral; capable of leading meetings in a professional manner * Ability to work effectively independently and with technical teams as well as operational teams * Proactive change agent skills with competent follow through * Ability to communicate effectively at all levels Qualifications To perform this job successfully, the individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. POSITION REQUIREMENTS/PREFERRED EXPERIENCE * Previous experience working in an IT Support position * CompTIA A+ or Microsoft Certifications or equivalent experience * EDR support * Autopilot, SCCM or similar configuration technology experience * Ability to travel up to 40% to US-based operating companies as business needs arise * Ability to understand and follow Corporate Security & IT policies LANGUAGE SKILLS Must have the demonstrated ability to effectively communicate in English, cooperate, and collaborate with multiple levels of customer, employees, unions, government agencies, vendors and suppliers, and other contractor organizations. Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to talk and hear; and requires working at a computer (reading and keying) or extended periods of time. This role requires communicating verbally and in writing one on one, in small groups, as well as presenting to larger groups of employees. This role requires traveling by car and/or plane up to 40% of the time. Work Environment The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The employee may expect to work in typical office environment. Equal Opportunity Employer As a leading provider of mechanical and electrical construction, facilities services, and energy infrastructure, we offer employees a competitive salary and benefits package and we are always looking for individuals with the talent and skills required to contribute to our continued growth and success. Equal Opportunity Employer/Veterans/Disabled Notice to Prospective Employees Notice to prospective employees: There have been fraudulent postings and emails regarding job openings. EMCOR Group and its companies list open positions here. Please check our available positions to confirm that a post or email is genuine. EMCOR Group and its companies do not reach out to individuals to help with marketing or other similar services. If an individual is contacted for services outside of EMCOR's normal application process - it is probably fraudulent. Geographic Disclosure As a leading provider of mechanical and electrical construction, facilities services, and energy infrastructure, we offer employees a competitive salary and benefits package and we are always looking for individuals with the talent and skills required to contribute to our continued growth and success. Equal Opportunity Employer/Veterans/Disabled.

For this role, we are looking for a curious and innovative Security Engineer with a passion for information security, customer service, and compliance. You will be responsible for guiding security best practices while following security frameworks such as NIST, and SOC2. You will be leading the security programs to ensure minimal risk exposure. At IGS, we take a risk-based approach to our decisions and utilize industry best practices and security frameworks to guide us along the way. We are looking for someone that is good at understanding and solving complex and ambiguous problems and constantly seek improvement. Primary Responsibilities Architect and manage Azure Entra infrastructure, including tenant design, hybrid identity configurations, and conditional access policies. Maintain and optimize Active Directory environments, including domain controllers, group policies, organizational units, and security hardening. Design and implement Active Directory Federation Services (ADFS) and manage complex federation trusts between internal and external identity providers. Plan and execute domain trust relationships, including forest trusts, external trusts, and realm trusts across complex enterprise environments. Lead identity platform through organizational transitions, including tenant-to-tenant migrations, directory consolidations, and identity lifecycle transitions. Manage multi-tenant Microsoft 365 migrations, ensuring secure data transfer and seamless user transitions during organizational changes. Develop and maintain disaster recovery and business continuity plans for identity infrastructure. Implement identity security best practices, including privileged access management, MFA enforcement, and identity protection policies. Monitor identity infrastructure health, performance, and security posture, responding to incidents and anomalies. Collaborate with business stakeholders during organizational transitions to ensure smooth identity transitions with minimal business impact. Other Responsibilities Work closely with IT and other departments to ensure security measures are integrated into all aspects of the organization's technology and operations. Apply knowledge of information security principles and practices. Ability to think strategically but willingness to handle, first-hand, the mechanics of technology services required by the business. Other duties and responsibilities as assigned. Required Skills Proven experience managing complex Microsoft 365 environments, particularly multi-tenant migrations and consolidations. Strong understanding of Active Directory Federation Services, domain trusts, and forest architectures. Hands-on experience with Azure Entra, including conditional access, privileged identity management, and hybrid identity configurations. Solid understanding of authentication protocols (SAML, OAuth 2.0, OpenID Connect, Kerberos, LDAP). Exceptional organizational skills, follow through, and multitasking abilities. Decisiveness, good judgment, analytical aptitude, and problem-solving skills to act with authority and take risks in an environment with little direction from others. Excellent communicator with strong organizational savvy and leadership skills necessary to interface with and influence all levels of organization. Ability to work in a fast-paced and dynamic environment. Minimum Education and Experience Minimum of 5 years of technical experience, with at least 3 years of security focus. Demonstrated knowledge of, and experience in implementing security technologies and processes. Professional certifications within security-related areas, while not a minimum requirement, would be highly desirable. #LI-AM1 Work Authorization: Applicants must be authorized to work in the US on a full-time basis. Unfortunately, a current or future need for sponsorship is not supported or available for this position. Salary Range: $87,630.00 - $140,210.00 *This range reflects base pay only. Incentive earnings, like commissions or bonuses, are not included. This role is also eligible for an annual incentive plan based on company performance. How We Support Your Wellbeing: Our employees are our most valuable asset. That's why at IGS, we are committed to offering a holistic benefit program that allows employees to stay healthy, feel secure, and maintain flexibility in their wellbeing journey. Healthcare Essentials: Comprehensive coverage including medical (plus free telehealth), dental, vision, and employer health savings account contributions. Mental Wellbeing: Robust support through Headspace and free mental healthcare visits for you and your dependents. Family Planning Support: Extensive assistance with Maven, paid family and caregiver leave, and fertility, adoption, and surrogacy services. Financial Readiness: Strong financial foundation with a 401(k) plan, company match, and access to financial wellbeing tools. Work-Life Balance: paid time off, tuition reimbursement, paid leaves, employee hardship fund, and a wide range of additional perks. Equal Opportunity Employment: It is the policy of IGS Energy to ensure equal employment opportunity in accordance with all applicable federal and state regulations and guidelines. Employment discrimination against employees and applicants due to race, color, religion, sex (including sexual harassment), national origin, disability, age, sexual orientation, gender identity, military status, and veteran status or other legally protected class under applicable law is prohibited.

Ever since we started in 2007, Sunrun has been at the forefront of connecting people to the cleanest energy on Earth. It's why we've become the #1 home solar and battery company in America. Today, we're on a mission to change the way the world interacts with energy, and we're building a company and brand that puts power at the center of life. And we're doing it by designing a dynamic culture where employee development, well-being, and safety come first. We're unlike any other solar company. Our vertically integrated model gives us total control over every part of the energy lifecycle - from sale through installation and beyond - so you can find endless opportunities for growth. Come join a career you can grow in and a culture you can run with. This position is primarily remote, with occasional visits to a local office or our corporate headquarters for team-building, training, and collaborative project work. These on-site sessions are designed to strengthen connections, share insights, and ensure a seamless experience for our team and customers. Equipment pick-up from a local branch will be required. We will provide advance notice whenever on-site attendance is required, making these times purposeful and rewarding. Position Overview: The Application Security Engineer at Sunrun plays a pivotal role in protecting the applications that power our business. This position requires expertise across identity systems, and software development lifecycle. You will be responsible for driving the identification, assessment, and mitigation of security risks from the initial design phase through deployment and beyond. You will collaborate closely with developers and IT teams to integrate robust security practices, implement advanced protective measures for both applications and identities, and foster a comprehensive culture of security across the organization. Key Responsibilities Threat Modeling & Security Design: Assess potential attack vectors and design defense-in-depth strategies that address gaps across infrastructure, 1st and 3rd party applications, and identity management. Secure Software Development Life Cycle (SSDLC): Partner with application development teams to integrate security into every stage of the development lifecycle. Champion secure coding standards, conduct security code reviews, and provide expert guidance to minimize vulnerabilities before production. Identity & Access Management (IAM): Design, implement, and manage identity security solutions across 1st and 3rd party applications. Showcase hands-on experience in implementing strategies like Zero Trust architecture and modern authentication standards like WebAuthn. Implement & Manage Security Controls: Design, implement, and fine-tune application security controls like SAST/DAST vulnerability scanning andand standardizing secure coding practices. Establish and improve operational processes to ensure their continued effectiveness. Guidance, Training & Compliance: Develop and maintain security policies and standards for both application and identity security. Provide ongoing training to developers to elevate secure coding practices. Stakeholder Collaboration: Use strong critical thinking and communication skills to present complex technical concepts to business stakeholders, gain alignment, and independently drive security initiatives forward. Qualifications 7+ years of combined experience in application security and identity & access management (IAM), with a proven track record of supporting application development teams. Deep knowledge of application security principles, secure coding practices, common vulnerabilities (e.g., OWASP Top 10), and zero-trust architecture. Hands-on experience with security testing tools (SAST, DAST), Web Application Firewalls (WAF), and IAM platforms (e.g., Okta, AWS IAM). Proficiency in programming languages such as Java, Python, or JavaScript. Strong familiarity with cloud environments (AWS, GCP) and their native security and identity controls. Demonstrated expertise in threat modeling and designing defense-in-depth strategies for complex applications. Solid understanding of modern identity standards and technologies, including MFA, SSO, and WebAuthn. Excellent communication and collaboration skills, with the ability to articulate technical findings and security risks to diverse audiences. Strong critical thinking and creative problem-solving skills, with the ability to analyze systems from an attacker's perspective and devise effective countermeasures. Preferred Qualifications Experience with Okta and Salesforce security principles and best practices. Certifications (preferred): Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE), or similar credentials. Recruiter: Kristina Sedjo (*************************) Please note that the compensation information is made in good faith for this position only . It assumes that the successful candidate will be located in markets within the United States that warrant the compensation. Please speak with your recruiter to learn more. Starting salary/wage for this opportunity: 150,290.60 to 180,348.72 Compensation decisions will not be based on a candidate's salary history. You can learn more here. This job description outlines the primary responsibilities, some essential job functions, and qualifications for the role. It may not include all essential functions, tasks, or requirements. If you are a qualified individual with a disability and you need reasonable accommodation during the hiring process or to perform this role, please contact us at candidateaccommodations@sunrun.com. Sunrun is proud to be an equal opportunity employer that does not tolerate discrimination or harassment of any kind. We believe that empowering people and valuing their differences are essential for our mission of connecting people to the cleanest energy on earth. Learn more here: EEO | Sunrun

As a Cyber Security Engineer working in tandem with an outsourced segment of the SOC providing incident response, and event management you will be responsible for analyzing and responding to incidents; executing incident response plans, preparing incident reports; communicating findings to management; evaluating security technologies to support cutting edge security monitoring and response; working closely with all departments to ensure policies and procedures are effectively implemented and utilized. Providing cyber security engineering, administration, configuration, hardening, operation, monitoring, documentation, and remediation of cyber security systems, corporate infrastructure, endpoints, and processes. This position reports directly to the Director of IT/CSO. Primary Responsibilities and Duties: Identify, validate, and remediate security vulnerabilities detected in The McPherson Companies corporate infrastructure and endpoints Support and monitor The McPherson Companies current endpoint and network security platforms (HIPS, HIDS, on-premises firewalls, Anti-Virus/Anti-Malware, Email security, Mobile Device Management, etc.) Support and monitor the external outsourced SOC platform. Assist IT staff in the procurement, testing, implementation, and configuration of new security controls Assist IT staff in updating and security patching to corporate infrastructure and endpoints Assist with responding to, and managing, any Security Information Gathering (SIG) questionnaires, any required compliance audits and/or maturity assessments from 3rd parties. Educate end users on cybersecurity best practices and manage our cybersecurity awareness training and phishing assessment programs Compile reports as needed detailing current operational status of security measures utilized by company Investigate potential security violations and breaches and provide recommendations to management. Perform analysis to determine root causes of any incident Assist IT staff in testing and updates of the Business Continuity Plan Assist with the design, development, documentation, and enforcement of new and existing information security processes, procedures, and policies Provide computer system audits to ensure the highest level of security and data protection Maintain up-to-date knowledge on current security practices and tools Position Requirements: You have at least 3+ years experience in an endpoint security, network security, or general security-focused IT support role BS in Computer Science or Information Security preferred Experience with planning, researching and developing security policies, standards and procedures Experience working within ITIL frameworks with specific knowledge of Change Management standards and procedures Proven experience with the following: Windows administration Active Directory and Group Policy Management of firewall hardware platforms Applications used for network management and/or monitoring Security orchestration and automation tools and technologies Server/client communications, data center architecture, and network topology Proven experience with incident response technologies and methodologies Knowledge of configuration and operation of the Windows/Linux Operating systems. Application whitelisting and enterprise anti-malware (Configuration/management/rule writing) SIEM log analysis and correlation Ability to analyze forensic and static malware Must have strong research/analysis skills Understanding of the MITRE ATT&CK framework preferred Demonstrated ability to create complex scripts, develop tools, or automate processes Security certifications (ex: GSEC, OSCP, CISSP, Security+) is a plus Position Competencies: Ability to work independently as well as with a team. Ability to work in a fast-paced environment, performing multiple duties/tasks within defined deadlines. Proven experience identifying problems of varying complexities and finding effective solutions with few guidelines. Responsive to the needs of customers internal and external. Sense of urgency and commitment with strong follow up skills. Proven precision and attention to detail with a high level of accuracy. Demonstrate a professional and positive attitude in all internal and external customer interactions. Excellent interpersonal skills, written and verbal communication, and listening skills. Self-driven and motivated individual with excellent planning and organizational skills. Display proficiency with Microsoft Office Word, Outlook, PowerPoint, etc. Working Environment: The work of this position is performed in an environmentally controlled office environment. This position requires the ability to work under pressure and communicate with a diverse population including other employees, customers, vendors, etc. This position also requires prolonged periods of sitting in a regular seated position as well as the use of general office equipment including phones, printers, computers, (mouse, keyboard etc.) The job description of the Cyber Security Engineer is not inclusive and is subject to changes, additions, and deletions as determined by the supervisor. The McPherson Companies, Inc. is an Equal Opportunity Employer M/F/Vets/Disabled.

Job Title: Security Engineer Specialist I,II, III, Sr Work Place Flexibility: Onsite Legal Entity: Entergy Operations, Inc.-EOI Note: This position could be filled by an Security Engineer Specialist I,II,III, OR Sr depending upon qualifications JOB SUMMARY/PURPOSE Responsible for providing technical leadership for the fleet through optimization and reliability of security equipment, proactive identification and resolution of security issues, and technical assistance to the Maintenance departments on security equipment maintenance. Responsible for design engineering of new security systems before and during the construction and turnover. Evaluates and selects optimum design alternatives. JOB DUTIES/RESPONSIBILITIES * Security system ownership / engagement / advocacy / prioritization for deficiency resolution leading to high levels of security equipment reliability. Proactive performance monitoring, trending of security systems. * Use and sharing of Operating Experience (EN Fleet and industry). Work planning and prioritization (including long-range planning and life-cycle management). * Prioritize / establish action plans to address deficiencies on assigned systems via the corrective action and work management processes. Interface with Maintenance and Operations for cost effective maintenance strategies on assigned systems. * Support Maintenance and Operations in security system troubleshooting and provide system / discipline expertise for troubleshooting significant events or complex plant problems. * Support changes in assigned security system configuration/design and design basis. MINIMUM REQUIREMENTS Minimum education required of the position B.S. Degree in Mechanical or Electrical Engineering or other closely related scientific discipline / physical science generally associated with power plant operations, or equivalent work experience (equivalent experience is defined as demonstrated success at the Engineer / Technical Specialist level.) Minimum experience required of the position * Eng I-II 0-2 years of experience in nuclear power plant engineering, maintenance, operations or equivalent. * Eng III-Sr 2 - 5 years experience in nuclear power plant engineering, maintenance, operations or equivalent. Minimum knowledge, skills and abilities required of the position Technical proficiency as subject matter expert in NSSS mechanical systems at nuclear power plants. Outstanding communication and change management skills. Any certificates, licenses, etc. required for the position Desired: SRO license or certification on a PWR or BWR; Professional Engineering license. WORKING CONDITIONS/ESSENTIAL FUNCTIONS/PHYSICAL REQUIREMENTS As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties. * LI-POST Primary Location: Mississippi-Jackson Mississippi : Jackson Job Function: All Other Jobs FLSA Status: Professional Relocation Option: Level II Union description/code: NON BARGAINING UNIT Number of Openings: 1 Req ID: 121163 Travel Percentage:25% to 50% An Equal Opportunity Employer, Minority/Female/Disability/Vets. Please click here to view the EEO page, or see statements below. EEO Statement: The Entergy System of Companies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a protected veteran in accordance with applicable federal, state and local laws. The Entergy System of Companies complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment including, but not limited to, recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. The Entergy System of Companies expressly prohibits any form of unlawful employee harassment based on race, color, religion, sex, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of the Entergy System of Company employees to perform their expected job duties is absolutely not tolerated. Accessibility: Entergy provides reasonable accommodations for online applicants. Requests for a reasonable accommodation may be made orally or in writing by an applicant, employee, or third party on his or her behalf. If you are an individual with a disability and you are in need of an accommodation for the recruiting process please click here and provide your name, contact number, the accommodation requested and the requisition number that you are requesting the accommodation for. Employee Services will contact you regarding your request. Additional Responsibilities: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties. Know Your Rights: Workplace Discrimination is Illegal The non-confidential portions of the affirmative action program for individuals with disabilities and protected veterans shall be available for inspection upon request by any employee or applicant for employment. Please contact ************************ to schedule a time to review the affirmative action plan during regular office hours. EEI Testing: One way that Entergy has found to identify and assess the abilities and skills needed for certain jobs is through pre-employment testing. If this position does require an EEI test, the type of test will be located under the qualifications section of the job posting. If you are invited to a test session, we strongly recommend you review and complete the practice test as well as review the testing brochure for your respective test. The test brochure will give you critical information on the test such as time allocated and number of questions. Also, keep in mind that the actual test is timed; you should practice timing yourself while doing the practice tests. The practice test information and test brochures can be located by going to the EEI website, ********************************* Logon ID: entergy, password: practice test (2 words). Travel expenses incurred in connection with EEI testing are non-reimbursable. In addition to EEI testing there is also Fit-for-Duty testing which will identify and assess the abilities and skills needed for certain jobs. If this position does require Fit-for-Duty testing, the type of test will be located under the qualifications section of the job posting. WORKING CONDITIONS: As a provider of essential services, Entergy expects its employees to be available to work additional hours, to work in alternate locations, and/or to perform additional duties in connection with storms, outages, emergencies, or other situations as deemed necessary by the company. Exempt employees may not be paid overtime associated with such duties. Please note: Authorization to work in the United States is a precondition to employment in this position. Entergy will not sponsor candidates for work visas for this position.