Cyber Security Analyst jobs at Huntington Ingalls Industries

Required Travel: 0 - 10% Employment Type: Full Time/Salaried/Exempt Anticipated Salary Range: $111,812.00 - $170,000.00 Security Clearance: Secret Level of Experience: Senior This opportunity resides with Warfare Systems (WS), a business group within HII's Mission Technologies division. Warfare Systems comprises cyber and mission IT; electronic warfare; and C5ISR systems. HII works within our nation's intelligence and cyber operations communities to defend our interests in cyberspace and anticipate emerging threats. Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware development uniquely enable us to support sensitive missions for the U.S. military and federal agency partners. Meet HII's Mission Technologies Division Our team of more than 7,000 professionals worldwide delivers all-domain expertise and advanced technologies in service of mission partners across the globe. Mission Technologies is leading the next evolution of national defense - the data evolution - by accelerating a breadth of national security solutions for government and commercial customers. Our capabilities range from C5ISR, AI and Big Data, cyber operations and synthetic training environments to fleet sustainment, environmental remediation and the largest family of unmanned underwater vehicles in every class. Find the role that's right for you. Apply today. We look forward to meeting you. To learn more about Mission Technologies, click here for a short video: *************************** Job Description + Core Responsibilities: + + Assurance & Assessment (A&A): Develop recommendations focused on ensuring security controls are robust and effective. + IA Testing: Perform testing on security requirements and controls to verify compliance and effectiveness. + Roadmap Development: Create plans for programs of record that outline the steps for implementing security activities in line with the RMF (Risk Management Framework) and DoDI 8510.01. + Documentation Reviews: Evaluate documents such as System Security Plans (SSPs), Cybersecurity (CS) strategies, Information Assurance Plans (IAPs), and Configuration Management (CM) plans, then provide recommendations to the Subject Matter Expert (SCA) for further analysis. + Cloud Security Focus: + Cloud Service Providers (CSPs): Experience with one or more platforms such as AWS, Microsoft Azure, GCP, or OCI is essential; familiarity with government cloud environments (e.g., Cloud One or CloudWorks) is a plus. + Standards & Benchmarks: Knowledge of CIS Cloud Security Benchmarks is important for ensuring proper cloud configuration hardening. + Security Requirements: Ability to interpret and assess environments against the Cloud Computing Security Requirements Guide Essential Job Responsibilities + Design & Implementation: + Develop state-of-the-art secure operating systems, networks, and database products. + Conduct risk assessments and provide actionable design recommendations tailored to mitigate various security threats. + Technical Proficiencies: + Engage with a wide range of security issues such as firewalls, encrypted data traffic, and network access controls. + Utilize encryption technologies, conduct penetration and vulnerability tests, and explore various security research avenues. + Reporting: + Prepare detailed security reports that may be required for regulatory or oversight agencies. Minimum Qualifications + Experience & Education: + For a Bachelor's Degree Level: A minimum of 9 years of relevant experience. + For a Master's Degree Level: At least 7 years of relevant experience. + Alternative Experience Path: A High School Diploma or equivalent paired with 13 years of relevant experience. + Knowledge Base: + Strong understanding of information security standards, rules, and regulations across multiple domains-desktop, server, application, database, and network security-for effective risk identification and analysis. + Experience with one or more Cloud Service Providers amongst (Amazon Web Services (AWS), Microsoft Azure (Azure), Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI)); experience with government cloud environments such as Cloud One or CloudWorks a plus + Familiarity with CIS Cloud Security Benchmarks for cloud configuration hardening + Security Clearance: + A Secret clearance is required. Physical Requirements Job performance requires adequate visual acuity and manual dexterity for meeting the requirements of a Systems Analyst discipline. Office work environment normally encountered. The listed salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, HII's Mission Technologies division takes a variety of factors into consideration which include, but are not limited to, the role's function and a candidate's education or training, work experience, and key skills. Together we are working to ensure a future where everyone can be free and thrive. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to ************************** and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call ************** for assistance. Press #3 for HII Mission Technologies.

App & Cloud Security Engineer - Lead Start: 2-3 weeks from date of offer *Background Check Required* *No VISA Sponsorship* Hospital based in Boston, MA is building out a unified security team that will encompass both App and Cloud. This team will manage security across the full application lifecycle- from inception and code review to deployment and underlying infrastructure maintenance. This position is the 1st hire for this department will be instrumental in the build out. Growth plans are to be a team of 8 over the next 3 years. The Role: Lead Engineer (First Hire) Position: High-level Individual Contributor (Engineer III) acting as the "founding member" and leader of this new function. Key Responsibilities: Define the strategy and build the program from the ground up. Serve as the Product Owner for Wiz and Snyk. Collaborate closely with separate Cloud Engineering and Security Remediation teams. Ideal Candidate Profile: Someone with a background in Cloud Incident Response is highly desired. The client values the unique perspective this brings to defining a risk-prioritized approach to remediation. Career Trajectory: Opportunity to evolve into a Principal IC (Engineer IV) or pivot into leadership (Manager/Sr. Manager) as the team grows. Environment: Predominately Azure with some AWS as well. GCP is being sun-setted. Qualifications Bachelor's degree in Information Security, Computer Science, or related field; advanced degrees or equivalent professional experience preferred. Minimum of 5+ years of progressive experience in application security, cloud security, or related cybersecurity roles. Relevant industry certifications preferred (CISSP, CCSP, CSSLP, AWS/Azure Security Specialty, GIAC certifications). Skills for Success Expert-level knowledge and practical experience in secure software development methodologies, OWASP Top 10, and application security testing tools (SAST, DAST, IAST). A comprehensive understanding of secure coding principles, with the ability to guide development teams in adhering to these best practices. Hands-on experience with static and dynamic application security testing tools is preferred. Proven expertise in securing major cloud platforms (AWS, Azure, GCP), including experience with Cloud Security Posture Management tools, cloud-native security services, and infrastructure-as-code security. Deep understanding of modern software architectures, microservices, APIs, and container security best practices (e.g., Docker, Kubernetes). Ability to think strategically, creatively, and innovatively to design and implement robust security controls. Demonstrated leadership skills with strong project management capabilities, able to effectively communicate complex technical security issues clearly to technical and non-technical stakeholders. Proven track record of delivering and managing successful security projects and continuous improvement initiatives. Strong ability to apply documented processes, playbooks, and frameworks (e.g., OWASP, NIST CSF, etc.) to effectively address and resolve a wide variety of application security challenges. Knowledge of established security frameworks, including NIST Cybersecurity Framework (CSF), NIST 800-53 with a focus on their application in securing software and application environments. Preferred certifications include: Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), GIAC Penetration Tester Certification (GPEN), GIAC Experienced Penetration Tester (GX-PT), GIAC Certified Red Team Professional (GRTP), GIAC Security Operations Certified (GSOC), GIAC Security Expert (GSE), etc. Must know how to use common M365 Office Suite of products.

A Southern Company Security Analyst participates in monitoring, hunting and responding to cyber security events. He or She, provides a front-line role during cyber security incidents, identifying the extent of the threat, business impacts and advising or sometimes performing the most suitable course of action to contain, eradicate and remediate an incident. A Southern Company Security Analyst maintains a good knowledge of the threat landscape, helps enhance visibility and response capabilities by identifying new methods of detecting threats. A Southern Company Security Analyst is proactive and seeks out adversaries determined to negatively impact Southern Companies reputation, financial interest or threatens the safety of our employees and customers. Candidates are expected to discuss and demonstrate they meet required qualifications for applicable roles. Responsibilities Take action on security events presented to Analyst via SIEM, user submissions, dashboards, etc. Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats Remain abreast of emerging threat patterns and provide recommendations to detect threats Assists with patching recommendations and workarounds for zero-day threats. Coordinate mitigation or remediations task with stakeholders or supporting teams Communicates with management on incident updates. Monitors SIEM and analyzes security events to determine appropriate actions Monitors emails containing links/attachments associated with potential phishing attempts to determine appropriate actions Identify and tune false positives associated with current security events Document analytical steps and findings associated with security event investigations Qualifications Required for Cyber Security Analyst 2 years IT security experience Minimum 2 years of experience in performing analysis on Windows and LINUX/UNIX systems Minimum 2 years of experience and/or familiarity in the following areas: Network/Endpoint: analysis tools Scripting languages Windows/Unix command line utilities Reputation analysis associated with IP's, Domains, Email Addresses Ticketing Systems Required to submit to a background examination. Experience operating within a security application such as Kali, Metasploit, and etc. Familiar with and have worked within Cyber Security Frameworks such as: NIST 800 - 61 Attack Life Cycle SANS Security Controls MITRE SANS Security 500 Series or other industry standard equivalent Experience with PCAP analysis Experience investigating endpoint and network security events Experience investigating user reported Phishing events (specifically investigating suspicious links and attachments) Experience analyzing security events utilizing sandbox technology Experience operating within a security application such as Kali, Metasploit, and etc. Oral and written communication skills Experience taking ownership of incidents from acknowledgement to resolution Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies Experience initiating security event investigations Preferred capabilities: Oral and written communication skills Ability to take ownership of incidents from acknowledgement to resolution Ability to initiate security event investigations Ability to comprehend and articulate business impact associated with security events Interacting with vendors to support proof of concepts Proficient in Microsoft Office products: Excel, Word, Outlook and etc. Exposure, experience and/or knowledge of cloud technology Familiar with NIST 800-61 and SANS Critical Security Controls Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies Desired certifications: GIAC Security Essentials (GCIH) GIAC Certified Intrusion Analyst (GCIA) Security+ Other certifications within IT Security Characteristics of an Southern Company Cyber Analyst Self-Motivated - Cyber Analysts do not only act when security tools trigger alerts, we are suspicious by nature and can generate security events based on self-initiated task. Perseverance - Cyber Analysts identify resources that allow us to move through or around barriers as we analyze cyber security events. Dependable - Cyber Analysts work within a team environment and thus, we rely on one another for knowledge-sharing and dependence. Integrity - As Cyber Analysts, our reputation is our code of ethics. We are not perfect. We admit our mistakes. We do the right thing. Sense of Humor - Although this may vary, just have one; I promise we can work with it. We have a lot of fun in what we do, so you will need a sense of humor to keep up. This position falls under the company's Insider Threat Program and will have access to, and control over sensitive data, systems or assets. Enhanced personnel screening, which includes a background review, drug screen and psychological assessment, will be required if you are selected for this position

System Analyst is responsible for utilizing cyber security monitoring tools to provide day-to-day operational support and monitoring of the IT computing infrastructure. This is Shift Work. The Analyst will be expected to provide timely response, troubleshooting and escalation of alerts and coordinate incident response efforts with Cyber Security Operations Center (CSOC) within the Information Security Group. Required Education/Experience * Bachelor's Degree in computer science or related field and 2 years of work experience in Cyber or in an IT related field. or * Associate's Degree in computer science or related field and 4 years of relevant work experience, with at least 2 years of work experience in an IT field or * High School Diploma/GED and 5 years of relevant work experience, with at least 3 years of work experience in an IT field. Relevant Work Experience * Previous IT experience is required. * Previous Cyber Experience is required * Scripting experience preferred * Knowledge of security tools is preferred * Good understanding of industry standard policy, processes and procedures covering incident, problem and change management is preferred Skills and Abilities * Strong written and verbal communication skills * Ability to work within tight timeframes and meet strict deadlines * Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc. Licenses and Certifications * Driver's License Required * Other: Technical certifications Security+, CYSA+ or equivalent, CISSP, etc. Preferred Physical Demands * Sit or stand to answer a phone for the duration of the workday * Sit or stand to use a keyboard, mouse, and computer for the duration of the workday * Ability to read small print and symbols * Work rotating shifts, including nights, midnights, weekends and holidays Additional Physical Demands * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. * Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required. * Must be able and willing to travel within Company service territory, as needed. Core Responsibilities * Monitor, troubleshoot and support intrusion prevention, endpoint protection, data loss prevention, and access control technologies. * 1st Level triage, analysis, and processing of alerts. * Respond swiftly to all alerts; perform initial risk/impact assessments or escalating issues as appropriate. * Open and track incidents through to resolution. * Facilitate communications to both internal and external parties. * Support Corporate Security through forensics analysis of systems, malware, or network. * This is a rotating position with a shift differential that covers holidays, weekends, and nights. * Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required. * Enforce change management controls and guidelines. * Provide real time and near real time responses to end users, technical support groups and IT management. * Perform other related tasks and assignments as required. * Respond to and participate in any incident response efforts. * 1st level threat intelligence processing. * Metric collection. * Perform other related tasks and assignments as required.

System Analyst is responsible for utilizing cyber security monitoring tools to provide day-to-day operational support and monitoring of the IT computing infrastructure. This is Shift Work. The Analyst will be expected to provide timely response, troubleshooting and escalation of alerts and coordinate incident response efforts with Cyber Security Operations Center (CSOC) within the Information Security Group. Required Education/Experience Bachelor's Degree in computer science or related field and 2 years of work experience in Cyber or in an IT related field. or Associate's Degree in computer science or related field and 4 years of relevant work experience, with at least 2 years of work experience in an IT field or High School Diploma/GED and 5 years of relevant work experience, with at least 3 years of work experience in an IT field. Relevant Work Experience Previous IT experience is required. Previous Cyber Experience is required Scripting experience preferred Knowledge of security tools is preferred Good understanding of industry standard policy, processes and procedures covering incident, problem and change management is preferred Skills and Abilities Strong written and verbal communication skills Ability to work within tight timeframes and meet strict deadlines Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc. Licenses and Certifications Driver's License Required Other: Technical certifications Security+, CYSA+ or equivalent, CISSP, etc. Preferred Physical Demands Sit or stand to answer a phone for the duration of the workday Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Ability to read small print and symbols Work rotating shifts, including nights, midnights, weekends and holidays Additional Physical Demands The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required. Must be able and willing to travel within Company service territory, as needed. Core Responsibilities Monitor, troubleshoot and support intrusion prevention, endpoint protection, data loss prevention, and access control technologies. 1st Level triage, analysis, and processing of alerts. Respond swiftly to all alerts; perform initial risk/impact assessments or escalating issues as appropriate. Open and track incidents through to resolution. Facilitate communications to both internal and external parties. Support Corporate Security through forensics analysis of systems, malware, or network. This is a rotating position with a shift differential that covers holidays, weekends, and nights. Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required. Enforce change management controls and guidelines. Provide real time and near real time responses to end users, technical support groups and IT management. Perform other related tasks and assignments as required. Respond to and participate in any incident response efforts. 1st level threat intelligence processing. Metric collection. Perform other related tasks and assignments as required.

Bowhead seeks a Cybersecurity Network Defense Analyst to join our team in Dayton, OH. The Cybersecurity Network Defense Analyst uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. They provide on-site 24x7x365 operational support in the form of event/incident handling and analysis capability to cybersecurity service subscribers. These highly skilled individuals will work in various capacities alongside Warning Intelligence Analysts and Engineers. The Cybersecurity Network Defense Analyst will work in the Attack Sensing and Warning (AS&W) division which senses changes in subscriber networks through comparison to established baselines and the fusion/integration of closed and open source intelligence to enhance sensing capability. They will perform the analysis of disparate data sources to form a cohesive view of the current cyber security state. They will characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. Responsibilities * Receive and distribute AS&W information• Conduct AS&W activities to develop appropriate response (receives and archive task orders, directives, and other required actions, and maintain internal and external source location information)• Coordinate AS&W information from other sources to aid in analysis of alerts• Analyze the Intrusion Detection System alerts to identify unauthorized or anomalous activity• Identify, documents, and reports unauthorized activity/attacks (including IP addresses and ports, attack vector, and attack timeframe) in all incidents and reports per HPCMP CSSP sops• Take action, if appropriate, to prevent or mitigate potential impact to the DODIN based on cyber threats, and develop and distribute countermeasures and interim guidance to prevent or mitigate threats and/or attacks on DODIN• Monitor a platform capable of performing information security continuous monitoring (ISCM) for the purposes of detecting cyber intrusions, attacks, anomalous behavior, and possible insider threats• Collect intrusion artifacts (e.g., source code, malware, and trojans) • Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation• Report incidents and events within proper channels and within timelines identified in the CJCSM 6510.01B• Provide a 24/7x365 event/incident handling and analysis capability• Provide operations log accessible to personnel documenting all mandated reportable cyber events/incidents• Analyze detected cyber events to identify incidents• Categorize and characterize cyber incidents• Notify affected Subscribers of cyber incidents and collect assessments of mission impact for the loss of the system during the incident response process• Analyze cyber incidents to develop specific responses• Distribute tailored countermeasures or interim guidance to Subscribers to eradicate and prevent cyber incidents across all subscribers• Perform forensic analysis of systems and malware in cases where subscribers lack the capability and ensure relevant IOCs are shared with Warning Intelligence• Mitigate operational and/or technical impact due to cyber incidents• Contain the spread of malware to prevent further damage to IT systems through detection, analysis, and execution of containment measures Qualifications * Must possess Bachelor's degree or equivalent experience• Must have at least 2 years intrusion detection experience• Must have at least 2 years relevant IT and/or System administrator experience and 2 years relevant Information Security experience• Must have the certifications for DOD 8570 IAT Level II minimally• Must have the certifications for DOD 8570 CSSP-Analyst or CSSP-Incident Responder• Must have the ability to earn DoD 8570 computing environment certification within 6 months• Understanding of network hardware devices and experience configuring Access Control Lists or other Firewall or Router configuration experience• Ability to demonstrate strong knowledge of computer security concepts• Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience• Advanced knowledge of network technologies and protocols• Advanced understanding of current threats and trends present in the Information Security and Technology field• Must complete the specified Joint Qualification Requirement training within 180 days of date of hire, unless otherwise specified SECURITY CLEARANCE REQUIRED: Must currently hold a security clearance at the Secret level. US Citizenship is a requirement for Secret clearance at this location. Physical Demands:• Must be able to lift up to 25 pounds• Must be able to stand and walk for prolonged amounts of time• Must be able to twist, bend and squat periodically #LI-MN1

Bowhead seeks a Cybersecurity Network Defense Analyst to join our team in Dayton, OH. The Cybersecurity Network Defense Analyst uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. They provide on-site 24x7x365 operational support in the form of event/incident handling and analysis capability to cybersecurity service subscribers. These highly skilled individuals will work in various capacities alongside Warning Intelligence Analysts and Engineers. The Cybersecurity Network Defense Analyst will work in the Attack Sensing and Warning (AS&W) division which senses changes in subscriber networks through comparison to established baselines and the fusion/integration of closed and open source intelligence to enhance sensing capability. They will perform the analysis of disparate data sources to form a cohesive view of the current cyber security state. They will characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. Responsibilities • Receive and distribute AS&W information • Conduct AS&W activities to develop appropriate response (receives and archive task orders, directives, and other required actions, and maintain internal and external source location information) • Coordinate AS&W information from other sources to aid in analysis of alerts • Analyze the Intrusion Detection System alerts to identify unauthorized or anomalous activity • Identify, documents, and reports unauthorized activity/attacks (including IP addresses and ports, attack vector, and attack timeframe) in all incidents and reports per HPCMP CSSP sops • Take action, if appropriate, to prevent or mitigate potential impact to the DODIN based on cyber threats, and develop and distribute countermeasures and interim guidance to prevent or mitigate threats and/or attacks on DODIN • Monitor a platform capable of performing information security continuous monitoring (ISCM) for the purposes of detecting cyber intrusions, attacks, anomalous behavior, and possible insider threats • Collect intrusion artifacts (e.g., source code, malware, and trojans) • Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation • Report incidents and events within proper channels and within timelines identified in the CJCSM 6510.01B • Provide a 24/7x365 event/incident handling and analysis capability • Provide operations log accessible to personnel documenting all mandated reportable cyber events/incidents • Analyze detected cyber events to identify incidents • Categorize and characterize cyber incidents • Notify affected Subscribers of cyber incidents and collect assessments of mission impact for the loss of the system during the incident response process • Analyze cyber incidents to develop specific responses • Distribute tailored countermeasures or interim guidance to Subscribers to eradicate and prevent cyber incidents across all subscribers • Perform forensic analysis of systems and malware in cases where subscribers lack the capability and ensure relevant IOCs are shared with Warning Intelligence • Mitigate operational and/or technical impact due to cyber incidents • Contain the spread of malware to prevent further damage to IT systems through detection, analysis, and execution of containment measures Qualifications • Must possess Bachelor's degree or equivalent experience • Must have at least 2 years intrusion detection experience • Must have at least 2 years relevant IT and/or System administrator experience and 2 years relevant Information Security experience • Must have the certifications for DOD 8570 IAT Level II minimally • Must have the certifications for DOD 8570 CSSP-Analyst or CSSP-Incident Responder • Must have the ability to earn DoD 8570 computing environment certification within 6 months • Understanding of network hardware devices and experience configuring Access Control Lists or other Firewall or Router configuration experience • Ability to demonstrate strong knowledge of computer security concepts • Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience • Advanced knowledge of network technologies and protocols • Advanced understanding of current threats and trends present in the Information Security and Technology field • Must complete the specified Joint Qualification Requirement training within 180 days of date of hire, unless otherwise specified SECURITY CLEARANCE REQUIRED: Must currently hold a security clearance at the Secret level. US Citizenship is a requirement for Secret clearance at this location. Physical Demands: • Must be able to lift up to 25 pounds • Must be able to stand and walk for prolonged amounts of time • Must be able to twist, bend and squat periodically #LI-MN1

General Atomics (GA), and its affiliated companies, is one of the world's leading resources for high-technology systems development ranging from the nuclear fuel cycle to remotely piloted aircraft, airborne sensors, and advanced electric, electronic, wireless and laser technologies. Whether a specific satellite for a specific mission or a constellation of interconnected spacecraft, the GA-EMS Space Systems team is re-defining how customers can access the possibilities of space. GA-EMS offers modular and scalable satellite platforms backed with a history of operational flight experience to support defense, civil, commercial, and academic mission requirements. We're seeking a Space Systems Cyber Security Engineer to join our team in Englewood, CO. In this role, you'll collaborate closely with the lead cyber security engineer to implement program strategies aimed at achieving and maintaining authority to operate (ATO) for our cutting-edge space systems solutions. **DUTIES AND RESPONSIBILITIES:** + Serve as an Information Systems Security Engineer (ISSE) for one or more development programs. + Security requirements: Capture, refine, and integrate information security requirements into system designs and development processes + Security assessments: Conduct technical assessments to identify system vulnerabilities and ensure compliance with applicable regulations + Security architecture: Design and implement secure system architectures, including hardware, software, data, and operational procedures + Threat mitigation: Evaluate and mitigate system security threats and associated risks + Security controls: Review and tailor security controls to meet specific program needs and ensure effectiveness + Security documentation: Develop and maintain Risk Management Framework (RMF) documentation and supporting artifacts + Standards compliance: Assess systems against relevant cybersecurity standards, frameworks, and publications + Secure operations: Support the secure operation, monitoring, and maintenance of deployed systems **Other Responsibilities:** + Participate in and lead discussions in cyber security/information assurance working group meetings with our customers + Develop content and present at program design and readiness reviews. + Support development and execution of tests required for accreditation. + Responsible for technical and schedule execution of the cyber security scope of work of one or more programs. + Ensures all work products are produced in accordance with the project plan to satisfy the customer requirements. + Ensures all work product are completed on schedule. + Define Integrated Master Schedule (IMS) tasks necessary to complete the scope of work and achieve program milestones. + Maintains the strict confidentiality of sensitive information. + Performs other duties as assigned. + Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company. Expected to work in a safe manner in accordance with established operating procedures and practices. We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply. 49181 **Job Qualifications:** + Typically requires a bachelors degree, masters degree or PhD in engineering or a related technical discipline from an accredited institution and progressive engineering experience as follows; six or more years of experience with a bachelors degree, four or more years of experience with a masters degree, or two or more years with a PhD. May substitute equivalent engineering experience in lieu of education. + Possess one or more of the following security certifications: CISSP, GIAC (any), CISM, CISA, or Security+ Experience with system design aligned to the NIST Risk Management Framework (RMF) or similar standards, including full lifecycle activities such as Approval & Authorization, POA&M development, and continuous monitoring + Familiarity with NIST Special Publications, including SP 800-30, 800-53, 800-82, and 800-171 + Knowledge of ISO/IEC 27000 series information security standards + Experience applying DISA Security Technical Implementation Guides (STIGs) + Hands-on experience with virtualized environments using VMware and/or Amazon Web Services (AWS) + Ability to work extended hours to support critical test activities or operational needs + Must have or be able to obtain a TS/SCI security clearance. **Preferred Qualifications:** + Experience with NASA's Security Information Technology policies, specifically NPR 2810.1 + Background in the space domain, including satellite ground systems, mission management, command and control systems, or satellites + Strong understanding of network architecture, including TCP/IP and UDP design, as well as experience with switches, routers, and firewalls **Salary:** $98,100 - $171,398 **Travel Percentage Required** 0 - 25 **Relocation Assistance Provided** Provided **US Citizenship Required?** Yes **Clearance Required?** Desired **Clearance Level** Mid-Level (3-7 years) **Workstyle** Onsite General Atomics is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity/Affirmative Action Employer and will consider all qualified applicants for employment without regard to race, color, religion, religious creed, ancestry, gender, pregnancy, sex, sexual orientation, transitioning status, gender identity, gender expression, national origin, age, genetic information, military and veteran status, marital status, medical condition, mental disability, physical disability, or any other basis protected by local, state, or federal law. EEO is the law. We also prohibit compensation discrimination under all applicable laws. To learn more visit ************************************************* Notices.pdf. U.S. Citizenship is required for certain positions.

Enlighten, honored as a Top Workplace from USA Today, is a leader in big data solution development and deployment, with expertise in cloud-based services, software and systems engineering, cyber capabilities, and data science. Enlighten provides continued innovation and proactivity in meeting our customers' greatest challenges. Why Enlighten? At Enlighten, our team's unwavering work ethic, top talent and celebration of innovative ideas have helped us thrive. We know that our employees are essential to our company's success, so we seek to take care of you as much as you take care of us. Here are a few highlights of our benefits package: - 100% paid employee premium for healthcare, vision and dental plans. - 10% 401k benefit. - Generous PTO + 10 paid holidays. - Education/training allowances. Anticipated Salary Range: $114,236.00 - $160,000.00. The salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, Enlighten takes a variety of factors into consideration which include, but are not limited to, the role's function, internal equity and a candidate's education or training, work experience, certifications and key skills. Occasionally positions/roles may include additional non-recurrent compensation and will be addressed by the recruiter during the interview process. Job Description Enlighten is looking for a Cyber Hunt Analyst with Data Science experience to apply strong cyber security, Defensive Cyber Operations (DCO), and networking domain knowledge to support cyber analytics product development, threat analysis, statistical analysis, model development, and direct customer mission support. Regular cyber hunt activities consist of hunting for threats, reporting on findings, and converting tools, techniques, and processes into automated capabilities for the current cyber platform. Regular data science activities consist of operational research, statistical analysis, hypothesis testing, model building/testing, and communicating results using visualizations. Will also be responsible for collecting customer Cyber Operations requirements, generating use cases, providing Cyber SME support, and system training to end users. #LI-DW2 #Mid-Senior Level Essential Job Responsibilities + Conduct threat hunt operations on assigned Big Data Platform(s) - BDP. + Present threat hunt findings through live - interactive remote conference sessions. + Perform data analytics across disparate data sets. + Assist customer(s) with their threat hunting operations. + Perform quality assurance checks on data that is resident on the BDP. + Evaluate and analyze new data feeds to determine relevance and usability of data. + Support BDP analytic requests (data search, visualizations, dashboards..etc). + Provide real time customer support during normal working hours (BDP support chat room). + Maintain situational awareness of emerging cyber threats for possible action and notification to an impacted customer(s). + Support BDP demonstration requests to showcase various capabilities of the platform. + Support BDP training events either in person or virtually. + Provide advice on data enrichment and functions to enhance customer experience. + Other duties as assigned Minimum Qualifications + Security Clearance - A current Secret level U.S. Government Security Clearance is required with the ability to obtain a TS/SCI level clearance; U.S. Citizenship required. + 5+ years of experience in cyber security operations related fields and a Bachelors in related field or 3 years experience with Masters; or High School Diploma and 9 years experience. + Experience with supporting DoD customers, ideally supporting US Cyber Command, DISA, or DCDC. + Cyber Hunt methodologies and techniques. + SIEMs - (e.g., Splunk, Q-Radar, ELK). + SOARs (e.g., Sentinel, CORTEX, X-SOAR). + Developing and deploying threat detection signatures and detecting host and network-based intrusions. + Collecting data from a variety of cyber defense resources. (e.g., CVE, OSINT). + Recognizing and categorizing types of vulnerabilities and associated attacks. + Reading and interpreting signatures (e.g., SNORT, SIGMA, Yara, YAML). + Cyber defense and vulnerability assessment tools and their capabilities. + Network traffic analysis methods (e.g.,TCP-DUMP, Wireshark, Bro/Zeek). + Familiar with cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks), and incident response and handling methodologies. (e.g., MITRE ATT&CK, LM Killchain). + Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. + Excellent customer service, public speaking, and presentation skills. + Ability to complete technical tasks without supervision. + Ability to foster and support a collaborative working environment. + Must have Data+, Security+, CySA+, GCIH, GNFA, GCFA or other industry recognized Cybersecurity Certification. + Travel as needed to support all duties listed above. + Must be able to work on customer site on average 4 days a week in either Columbia or Ft. Meade, MD. Flexibility is essential to adapt to schedule changes as needed. Preferred Requirements + TS/SCI level clearance is preferred. + DoD SOC experience is a plus We have many more additional great benefits/perks that you can find on our website at **************** [eitccorp.com].

General Atomics Aeronautical Systems, Inc. (GA-ASI), an affiliate of General Atomics, is a world leader in proven, reliable remotely piloted aircraft and tactical reconnaissance radars, as well as advanced high-resolution surveillance systems. We have an exciting opportunity for an Information Systems Security Officer (ISSO) to join our Classified Systems team in San Diego (Poway), CA. With general supervision, this position is responsible for participating in monitoring, evaluating and administering system compliance with information technology (IT) security requirements to ensure company, regulatory and customer requirements are met. **DUTIES AND RESPONSIBILITIES:** + interprets regulations as they apply to information systems, platforms, and IT operating processes, practices and procedures. + Participates in the development or modification of the computer environment information assurance security program plans and requirements. + Participates in the development, distribution, and maintenance of System Security Plans, instructions, guidance, and standard operating procedures. + Participates in audits of IT, platforms, and operating procedures; analyzes results. + Participates in identifying risks and makes recommendations for improvements; may participate in corrective measures when incidents or vulnerabilities are discovered. + Maintains knowledge of applicable policies, regulations, and compliance documents related to classified computing assets and environments. + May represent the organization as a primary contact with internal representatives. + Maintains the strict confidentiality of sensitive information. + Performs other duties as assigned. + Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company. + Expected to work in a safe manner in accordance with established operating procedures and practices. We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply.50211 **Job Qualifications:** + Typically requires a bachelors degree in a related discipline and six or more years of progressive professional experience in information assurance or a related field. Equivalent professional experience may be substituted in lieu of education. + Must possess an active Secret clearance and have the ability to obtain and maintain a TS (with SAP & SCI eligibility). + Must maintain DoD 8570 IAM Level I (e.g. Security +) professional certification as required by customers or contractual obligations. + Security + certification required. + Experience with DoD policy such as Risk Management Framework and Joint SAP Implementation Guide. + Operational experience with installing, troubleshooting, and auditing Windows desktop & server operating systems. + Experience with DISA STIGs, SCAP tool, ACAS. + Experience installing and troubleshooting common x86-based computer hardware. + Must demonstrate a general understanding of information assurance principles, theories, concepts and techniques. Must have experience organizing, planning, scheduling, conducting, and coordinating work assignments to meet project milestones or established completion dates. + Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes. **Must be customer focused and possess:** + The ability to identify issues, analyze data and develop solutions to a variety of problems. + Good analytical, verbal and written communication skills to accurately document, report, and present findings. + Good interpersonal skills enabling an effective interface with other professionals; and good computer skills. + Ability to work independently or in a team environment is essential as is the ability to work extended hours as required. **Salary:** $89,180 - $155,825 **Travel Percentage Required** 0 - 25 **Relocation Assistance Provided** Not Provided **US Citizenship Required?** Yes **Clearance Required?** Yes **Clearance Level** Mid-Level (3-7 years) **Workstyle** Onsite General Atomics is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity/Affirmative Action Employer and will consider all qualified applicants for employment without regard to race, color, religion, religious creed, ancestry, gender, pregnancy, sex, sexual orientation, transitioning status, gender identity, gender expression, national origin, age, genetic information, military and veteran status, marital status, medical condition, mental disability, physical disability, or any other basis protected by local, state, or federal law. EEO is the law. We also prohibit compensation discrimination under all applicable laws. To learn more visit ************************************************* Notices.pdf. U.S. Citizenship is required for certain positions.

**Electronic Security Analyst:** This position is responsible for analysis, strategic planning, project implementation, support, and technical expertise service of electronic security technology for Southern Company Services. This position interfaces closely with system/application developers and Technology Organization administrators, and other Corporate Security stakeholders to design, implement, manage, and troubleshoot electronic security systems, database solutions for new projects, enhancements to existing solutions, and implementation of purchased vendor packages. **JOB RESPONSIBILITIES:** + Function as a point of contact for the following (but not limited to): Software House CCure application, Avigilon CCTV Systems, and Cool Compliance access management entities across the Southern Company Services organization. + Coordinate with other Corporate Security stakeholders, external security integrators and contractors, and other business units to effectively implement physical security solutions. + Manages and contributes to projects related to achieving enterprise-wide Corporate Security Modernization goals including but not limited to: CCURE integration, product selection, implementation of asset management, and video surveillance administration. + Support software and databases(SQL, SSRS, PowerBI) related to Cool Compliance access management system requests. + Self-initiates tasks and projects to achieve strategic goals for Southern Company Security. + Ensure effective operation, compliance, standardization, health, and reliability of physical access control systems and video surveillance systems. **Minimum Requirements:** + High School graduate or equivalent. + Valid Driver's license. **Preferred:** + Working knowledge (design, implementation, programming, troubleshooting) of electronic security hardware and software systems including but not limited to Software House CCure access control and Avigilon surveillance solutions software. + Working knowledge of networking infrastructure. + Demonstrate strong ethics and discretion in handling sensitive or confidential information. + Must have a strong focus on teamwork, be a collaborator and build strong relationships with customers, suppliers and other TO organizations. + Familiarity with SQL, SQL Server, Power BI, SSRS + Project management experience. **About Southern Company** Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit *********************** . Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here **************************************************** . Additional and specific details about total compensation and benefits will also be provided during the hiring process. Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law. Job Identification: 15807 Job Category: Security Job Schedule: Full time Company: Southern Company Services

General Atomics (GA), and its affiliated companies, is one of the world's leading resources for high-technology systems development ranging from the nuclear fuel cycle to remotely piloted aircraft, airborne sensors, and advanced electric, electronic, wireless and laser technologies. Whether a specific satellite for a specific mission or a constellation of interconnected spacecraft, the GA-EMS Space Systems team is re-defining how customers can access the possibilities of space. GA-EMS offers modular and scalable satellite platforms backed with a history of operational flight experience to support defense, civil, commercial, and academic mission requirements. We're seeking a Space Systems Cyber Security Engineer to join our team in Englewood, CO. In this role, you'll collaborate closely with the lead cyber security engineer to implement program strategies aimed at achieving and maintaining authority to operate (ATO) for our cutting-edge space systems solutions. DUTIES AND RESPONSIBILITIES: * Serve as an Information Systems Security Engineer (ISSE) for one or more development programs. * Security requirements: Capture, refine, and integrate information security requirements into system designs and development processes * Security assessments: Conduct technical assessments to identify system vulnerabilities and ensure compliance with applicable regulations * Security architecture: Design and implement secure system architectures, including hardware, software, data, and operational procedures * Threat mitigation: Evaluate and mitigate system security threats and associated risks * Security controls: Review and tailor security controls to meet specific program needs and ensure effectiveness * Security documentation: Develop and maintain Risk Management Framework (RMF) documentation and supporting artifacts * Standards compliance: Assess systems against relevant cybersecurity standards, frameworks, and publications * Secure operations: Support the secure operation, monitoring, and maintenance of deployed systems Other Responsibilities: * Participate in and lead discussions in cyber security/information assurance working group meetings with our customers * Develop content and present at program design and readiness reviews. * Support development and execution of tests required for accreditation. * Responsible for technical and schedule execution of the cyber security scope of work of one or more programs. * Ensures all work products are produced in accordance with the project plan to satisfy the customer requirements. * Ensures all work product are completed on schedule. * Define Integrated Master Schedule (IMS) tasks necessary to complete the scope of work and achieve program milestones. * Maintains the strict confidentiality of sensitive information. * Performs other duties as assigned. * Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company. Expected to work in a safe manner in accordance with established operating procedures and practices. We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply. Job Category Engineering Travel Percentage Required 0% - 25% Full-Time/Part-Time Full-Time Salary State Colorado Clearance Level Top Secret Pay Range Low 98,100 City Englewood Clearance Required? Desired Pay Range High 171,398 Recruitment Posting Title Space Systems Cyber Security Engineer Job Qualifications * Typically requires a bachelors degree, masters degree or PhD in engineering or a related technical discipline from an accredited institution and progressive engineering experience as follows; six or more years of experience with a bachelors degree, four or more years of experience with a masters degree, or two or more years with a PhD. May substitute equivalent engineering experience in lieu of education. * Possess one or more of the following security certifications: CISSP, GIAC (any), CISM, CISA, or Security+ * Experience with system design aligned to the NIST Risk Management Framework (RMF) or similar standards, including full lifecycle activities such as Approval & Authorization, POA&M development, and continuous monitoring * Familiarity with NIST Special Publications, including SP 800-30, 800-53, 800-82, and 800-171 * Knowledge of ISO/IEC 27000 series information security standards * Experience applying DISA Security Technical Implementation Guides (STIGs) * Hands-on experience with virtualized environments using VMware and/or Amazon Web Services (AWS) * Ability to work extended hours to support critical test activities or operational needs * Must have or be able to obtain a TS/SCI security clearance. Preferred Qualifications: * Experience with NASA's Security Information Technology policies, specifically NPR 2810.1 * Background in the space domain, including satellite ground systems, mission management, command and control systems, or satellites * Strong understanding of network architecture, including TCP/IP and UDP design, as well as experience with switches, routers, and firewalls US Citizenship Required? Yes Experience Level Mid-Level (3-7 years) Relocation Assistance Provided? Yes Workstyle Onsite

**Electronic Security Analyst:** This position is responsible for analysis, strategic planning, project implementation, support, and technical expertise service of electronic security technology for Southern Company Services. This position interfaces closely with system/application developers and Technology Organization administrators, and other Corporate Security stakeholders to design, implement, manage, and troubleshoot electronic security systems, database solutions for new projects, enhancements to existing solutions, and implementation of purchased vendor packages. **JOB RESPONSIBILITIES:** + Function as a point of contact for the following (but not limited to): Software House CCure application, Avigilon CCTV Systems, and Cool Compliance access management entities across the Southern Company Services organization. + Coordinate with other Corporate Security stakeholders, external security integrators and contractors, and other business units to effectively implement physical security solutions. + Manages and contributes to projects related to achieving enterprise-wide Corporate Security Modernization goals including but not limited to: CCURE integration, product selection, implementation of asset management, and video surveillance administration. + Support software and databases(SQL, SSRS, PowerBI) related to Cool Compliance access management system requests. + Self-initiates tasks and projects to achieve strategic goals for Southern Company Security. + Ensure effective operation, compliance, standardization, health, and reliability of physical access control systems and video surveillance systems. **Minimum Requirements:** + High School graduate or equivalent. + Valid Driver's license. **Preferred:** + Working knowledge (design, implementation, programming, troubleshooting) of electronic security hardware and software systems including but not limited to Software House CCure access control and Avigilon surveillance solutions software. + Working knowledge of networking infrastructure. + Demonstrate strong ethics and discretion in handling sensitive or confidential information. + Must have a strong focus on teamwork, be a collaborator and build strong relationships with customers, suppliers and other TO organizations. + Familiarity with SQL, SQL Server, Power BI, SSRS + Project management experience. **About Southern Company** Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit *********************** . Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here **************************************************** . Additional and specific details about total compensation and benefits will also be provided during the hiring process. Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law. Job Identification: 15807 Job Category: Security Job Schedule: Full time Company: Southern Company Services

Electronic Security Analyst: This position is responsible for analysis, strategic planning, project implementation, support, and technical expertise service of electronic security technology for Southern Company Services. This position interfaces closely with system/application developers and Technology Organization administrators, and other Corporate Security stakeholders to design, implement, manage, and troubleshoot electronic security systems, database solutions for new projects, enhancements to existing solutions, and implementation of purchased vendor packages. JOB RESPONSIBILITIES: Function as a point of contact for the following (but not limited to): Software House CCure application, Avigilon CCTV Systems, and Cool Compliance access management entities across the Southern Company Services organization. Coordinate with other Corporate Security stakeholders, external security integrators and contractors, and other business units to effectively implement physical security solutions. Manages and contributes to projects related to achieving enterprise-wide Corporate Security Modernization goals including but not limited to: CCURE integration, product selection, implementation of asset management, and video surveillance administration. Support software and databases(SQL, SSRS, PowerBI) related to Cool Compliance access management system requests. Self-initiates tasks and projects to achieve strategic goals for Southern Company Security. Ensure effective operation, compliance, standardization, health, and reliability of physical access control systems and video surveillance systems. Minimum Requirements: High School graduate or equivalent. Valid Driver's license. Preferred: Working knowledge (design, implementation, programming, troubleshooting) of electronic security hardware and software systems including but not limited to Software House CCure access control and Avigilon surveillance solutions software. Working knowledge of networking infrastructure. Demonstrate strong ethics and discretion in handling sensitive or confidential information. Must have a strong focus on teamwork, be a collaborator and build strong relationships with customers, suppliers and other TO organizations. Familiarity with SQL, SQL Server, Power BI, SSRS Project management experience.

ISSO/SYSTEMS SECURITY ENGINEER Bowhead is seeking a skilled full-time ISSO/Systems Security Engineer to join our team in Dahlgren, VA. The ideal candidate will have a strong background in computer networking concepts and protocols, as well as network security methodologies. The ISSO/Systems Security Engineer will be responsible for identifying and mitigating vulnerabilities in security systems, conducting vulnerability scans, and applying system, network, and operating system hardening techniques. Responsibilities Key Responsibilities: Conducting vulnerability scans and recognizing vulnerabilities in security systems. Using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.). Conducting application vulnerability assessments. Identifying systemic security issues based on the analysis of vulnerability and configuration data. Sharing meaningful insights about the context of an organization's threat environment that improve its risk management posture. Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Troubleshooting and diagnosing cyber defense infrastructure anomalies and working through resolution. Performing impact/risk assessments. Required Skills: Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems. Skill in using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.). Skill in system, network, and OS hardening techniques (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.). Skill in conducting application vulnerability assessments. Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. Ability to share meaningful insights about the context of an organization's threat environment that improve its risk management posture. Ability to cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Tenable Assured Compliance Assessment Solution (ACAS) Trellix Endpoint Security System (ESS), previously known as McAfee Host Based Security System (HBSS) Skill in applying host/network access controls (e.g., access control list). Skill in using Virtual Private Network (VPN) devices and encryption. Skill in securing network communications. Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution. Skill in performing impact/risk assessments. Skill to develop insights about the context of an organization's threat environment Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Qualifications Required: Knowledge of computer networking concepts and protocols, and network security methodologies. Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth & concept of zero trust). Knowledge of basic system, network, and OS hardening techniques. Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. Knowledge of application vulnerabilities. Knowledge of system administration, network, and operating system hardening techniques. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Preferred: Knowledge of cyber threats and vulnerabilities. Knowledge of specific operational impacts of cybersecurity lapses. Knowledge of host/network access control mechanisms (e.g., access control list, capabilities list). Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Knowledge of network traffic analysis methods. Knowledge of Virtual Private Network (VPN) security. Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly. Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). Knowledge of application security risks. Physical Demands: Must be able to lift up to 10 pounds Must be able to stand and walk for prolonged amounts of time Must be able to twist, bend and squat periodically SECURITY CLEARANCE REQUIREMENTS: Must be able to obtain a Top Secret clearance may start with a Secret clearance. US Citizenship is a requirement for Top Secret clearance at this location. #LI-JR1

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience * Master's Degree and with 3 years of relevant experience IT or Information security or * Bachelor's Degree and with 5 years of relevant experience IT or Information security or * Associate's Degree and with 6 years of relevant experience IT or Information security or * High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience * Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). * Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience * Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. * Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. * Knowledge of IAM, rolebased access control, and policy enforcement, required. * Experience integrating cloud telemetry and logs with SIEM tools, required. * Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. * Experience with scripting (Python, PowerShell, Bash) and automation, required. * Experience with WAF and cloud API gateway configurations, required. * Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. * Experience collaborating with cloud service teams for planning and remediation, required. * Experience implementing application security best practices and training engineering teams, required. * Familiarity with CDN operations, certificates, and brand monitoring preferred, required. * Experience with SIEM integration, telemetry collection, and event analysis, preferred. * Demonstrated experience leading technical teams or project groups, preferred. * Experience with Container Security, preferred. * Experience securing API endpoints and implementing advanced cloud application protections, preferred. * Knowledge of AI/ML data protection and secure model deployment practices, preferred. * Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. * Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities * Effective leadership skills * Demonstrated problem solving skills * Demonstrated problem solving skills * Strong written and verbal communication skills * Ability to drive multiple projects to successful completion * Proactively approaches responsibilities Licenses and Certifications * Driver's License Required * Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred * Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands * Ability to push, pull, and lift up to 25 pounds * Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities * Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. * Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. * Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. * Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. * Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. * Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. * Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. * Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. * Implement and manage WAF policies and API gateways to safeguard cloud applications and services. * Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. * Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. * Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience Master's Degree and with 3 years of relevant experience IT or Information security or Bachelor's Degree and with 5 years of relevant experience IT or Information security or Associate's Degree and with 6 years of relevant experience IT or Information security or High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. Knowledge of IAM, rolebased access control, and policy enforcement, required. Experience integrating cloud telemetry and logs with SIEM tools, required. Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. Experience with scripting (Python, PowerShell, Bash) and automation, required. Experience with WAF and cloud API gateway configurations, required. Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. Experience collaborating with cloud service teams for planning and remediation, required. Experience implementing application security best practices and training engineering teams, required. Familiarity with CDN operations, certificates, and brand monitoring preferred, required. Experience with SIEM integration, telemetry collection, and event analysis, preferred. Demonstrated experience leading technical teams or project groups, preferred. Experience with Container Security, preferred. Experience securing API endpoints and implementing advanced cloud application protections, preferred. Knowledge of AI/ML data protection and secure model deployment practices, preferred. Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities Effective leadership skills Demonstrated problem solving skills Demonstrated problem solving skills Strong written and verbal communication skills Ability to drive multiple projects to successful completion Proactively approaches responsibilities Licenses and Certifications Driver's License Required Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands Ability to push, pull, and lift up to 25 pounds Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. Implement and manage WAF policies and API gateways to safeguard cloud applications and services. Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.

Title: Network & Systems Security Analyst, Cisco Focus, Progression Company: Tampa Electric Company State and City: Florida - Tampa Shift: 8 Hr. X 5 Days Hiring Manager: David Cain Recruiter: Mark E Koener TITLE: Network & Systems Security Analyst Progression PERFORMANCE COACH: Mgr Network Engineering & Cyber Security Operations COMPANY: Tampa Electric DEPARTMENT: High Performance Computing & BP Support FOCUS Areas - Cisco Networking - Cisco Wireless - Cisco ISE - Networking Engineering Related Skills POSITION CONCEPT The Network & Systems Security Analyst is responsible for planning/designing, implementing, and supporting new and existing network, server, storage infrastructure. This role is also responsible for ensuring all network security controls (i.e., firewalls, web application firewalls [WAF], proxies, network segmentation, NAC, ACLs, etc.) are implemented and managed per corporate information security standards. Additionally, responsibilities include assessing enterprise assets and critical assets for secure configurations and maintaining and enforcing regulations and standards such as NERC Critical Infrastructure Protection (CIP), Sarbanes-Oxley (SOX), and Payment Card Industry (PCI). Responsible for the design, planning, operation, maintenance, and support of the TECO and NMGC network infrastructure. This includes primary accountability for network technologies such as route/switch, on-premise LAN/WAN, IPAM, Wi-Fi, ISP management, site-to-site VPNs, proxies (forward and reverse), perimeter firewall management, DNS, Azure cloud environments, automation, NAC/user access, hyperconverged infrastructure, and overall network security. Partners with the Telecommunication teams on establishing/upgrading existing circuits/communication links. Responsible for the NERC Cyber Infrastructure Protection and disaster recovery plans. Responsible for VoIP, SIP, DHCP, DNS, TCP/IP routing and routing protocols such as OSPF and BGP, binary mathematics, NAT, PAT, IPsec and SSL VPN technologies, GRE tunneling, route redistribution, traffic shaping, port-level filtering, SD-WAN, MPLS and other communications related technologies. Responsible for the installation, configuration, and maintenance of all WAN and LAN connectivity which includes core and campus switches, routers, firewalls, wireless access points, WAN scalers and load balancer technologies. Responsible for the design, installation, configuration, and maintenance of DNP over IP and serial SCADA communications between the primary and backup control centers, power plants, solar sites, and substations. Responsible for the configuration and maintenance of Smart GRID communication hardware switches and routers between the primary and backup control centers. NETWORK & SYSTEMS SECURITY ANALYST I (LEVEL 1) Monitors and troubleshoots server, network, and security controls related problems and failures; and installs and configures hardware/software. Works under direct supervision. PRIMARY DUTIES AND RESPONSIBILITIES 1. Plan, design, and implement network, server, and storage infrastructure based on project requirements, capacity plans, and system support. (20%) 2. Problem solving involves basic troubleshooting following the OSI (Open Systems Interconnection) model, making or calling for equipment repairs, and problem escalation. (20%) 3. Detection and correction of work stoppages and/or errors are accomplished by monitoring systems and changing configurations, as necessary. (20%) 4. Install and support network, server, and storage hardware and software. (10%) 5. Direct participation in the planning and designing, maintenance, testing and documentation of the company's disaster recovery plans are vital. (10%) 6. Provide and apply appropriate security consulting and support for IT infrastructure across multiple platforms (Firewalls, proxies, WAFs, ACLs, NAC, Operating Systems, NetScaler load balancers, DDoS protection, and other network devices). (10%) 7. Provide third-level technical support for security systems and authentication mechanisms on all operating system platforms. (10%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least one related network, system, operating system, or information security professional certification: (e.g., Microsoft Certified Solutions Associate (MCSA), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Certified Ethical Hacker (CEH), GIAC Certifications, Certified Information Systems Security Professional (CISSP). Preferred: ITIL v3, CCNA, MCSA, VCP, Security+, CISSP EXPERIENCE Required: Minimum four (4) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, or Cisco Networking. In lieu of some experience listed above, may consider three (3) years of related experience with an Associate's Degree or two (2) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Working knowledge of network, server, and security controls infrastructure regardless of the complexity • Working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal and organizational skills • Basic working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI WORKING CONDITIONS Normal working conditions with occasional extended hours during the week and weekends. PHYSICAL DEMANDS/REQUIREMENTS Normal physical demands related to an office and operational (Power Plant, Solar, Control Center) workplace environment. Must be able to lift 50-pound boxes and ascend/descend a ladder to service network access points. NETWORK & SYSTEMS SECURITY ANALYST II (LEVEL 2) In addition to the duties & responsibilities of the Level 1 Analyst, has increased responsibilities in consulting on small project design and plans. May serve as a project lead and mentor Level 1 Analyst. Works under general supervision. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (30%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (40%) 3. Design and planning required for small projects. (20%) 4. Project leadership, consulting, or cross-train peers. (10%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least two related network, system, operating system, or information security professional certification: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum six (6) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider four (4) years of related experience with an Associate's Degree or three (3) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least two related network, system, operating system, or information security professional certification: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum six (6) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider four (4) years of related experience with an Associate's Degree or three (3) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Intermediate knowledge of network, server, and security controls infrastructure regardless of the complexity • Good working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Good working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal and organizational skills • Good working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI NETWORK & SYSTEMS SECURITY ANALYST III (LEVEL 3) In addition to the duties & responsibilities of the Level 2 Analyst, has increased responsibilities in consulting on small project design and plans. May serve as a project lead, cross-train peers, and mentor Analysts. Works under general direction. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (20%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (20%) 3. Design and planning required for small projects. (40%) 4. Project leadership, consulting, or cross-train peers. (20%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least three or two, with the condition to obtain a third certification within one year of hire for this position, related network, system, operating system, or information security professional certifications: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum eight (8) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider six (6) years of related experience with an Associate's Degree or four (4) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Expert knowledge of network, server, and security controls infrastructure regardless of the complexity • Thorough working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Thorough working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal, mentoring, and organizational skills • Good working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI NETWORK & SYSTEMS SECURITY ARCHITECT (LEVEL 4) In addition to the duties & responsibilities of the Level 3 Analyst, has increased responsibilities in consulting on small project design and plans. May serve as a project lead on larger projects, cross-train peers, and mentor all levels of Analysts. Works under general direction. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (10%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (10%) 3. Design and planning required for small and large projects. (40%) 4. Project leadership, consulting, or cross-train peers. (40%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least three related network, system, operating system, or information security professional certifications: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum ten (10) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider eight (8) years of related experience with an Associate's Degree or six (6) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Expert knowledge of network, server, and security controls infrastructure regardless of the complexity • Thorough working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Thorough working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal, mentoring, consulting, and organizational skills • Thorough working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI LEAD NETWORK & SYSTEMS SECURITY ANALYST (PERFORMANCE COACH) In addition to the duties & responsibilities of the Level 3 Analyst, has increased responsibilities in leading and managing Level 1 through 3 Analyst. May serve as a project lead on larger projects, cross-train peers, and mentor all levels of Analyst. Works under general direction. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (10%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (10%) 3. Design and planning required for small and large projects. (25%) 4. Project leadership, consulting, or cross-train peers. (25%) 5. Lead and manage the network analyst (Level 1, 2, and 3) team (30%) QUALIFICATIONS LICENSES/CERTIFICATIONS Required: Has obtained at least three or two, with the condition to obtain a third certification within one year of hire for this position, related network, system, operating system, or information security professional certifications: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA). Leadership/management certifications/certificates may be considered in lieu of professional certifications. Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (MIS). EXPERIENCE Required: Minimum ten (10) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider eight (8) years of related experience with an Associate's Degree or six (6) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Expert knowledge of network, server, and security controls infrastructure regardless of the complexity • Thorough working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Thorough working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal, mentoring, coaching, and organizational skills • Thorough working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI #LI-SC1 TECO offers a competitive Benefits package!! Competitive Salary *401k Savings plan w/ company matching * Pension plan * Paid time off* Paid Holiday time * Medical, Prescription Drug, & Dental Coverage *Tuition Assistance Program * Employee Assistance Program * Wellness Programs * On-site Fitness Centers * Bonus Plan and more!

Crusoe's mission is to accelerate the abundance of energy and intelligence. We're crafting the engine that powers a world where people can create ambitiously with AI - without sacrificing scale, speed, or sustainability. Be a part of the AI revolution with sustainable technology at Crusoe. Here, you'll drive meaningful innovation, make a tangible impact, and join a team that's setting the pace for responsible, transformative cloud infrastructure. About This Role: At Crusoe, the AI Security Engineer is central to ensuring the safety, integrity, and resilience of our rapidly evolving AI ecosystem. You will serve as the technical authority on securing Large Language Models (LLMs), AI-powered platforms, and the infrastructure that supports them-driving both strategy and execution for our next generation of secure AI systems. What You'll Be Working On: AI Security SME & Strategic Partner: Act as the technical leader and SME on the practical security of our AI and LLM ecosystem and define the long-term technical roadmap for AI security architecture and drive high-impact cross-functional initiatives. LLM Architecture & Design Ownership: Lead the design and implementation of highly secure Generative AI solutions for security applications, focusing on architectural patterns like Retrieval-Augmented Generation (RAG) AI-Powered Tooling & Automation: Architect and implement custom, AI-powered security tooling that automates threat detection, vulnerability analysis, and data access control, moving from proof-of-concept to production at scale. Secure MLOps & Governance: Establish governance and processes for secure MLOps pipelines. Define standards for model versioning, deployment, and monitoring, ensuring they meet rigorous compliance and security requirements. Threat Mitigation & Mentorship: Lead threat modeling exercises for novel AI systems. Apply advanced security and privacy best practices, and mentor senior engineers on secure development practices in the GenAI domain. System-Level Ownership: Drive the entire lifecycle of critical AI security projects. What You'll Bring to the Team: 3+ years of professional experience building and maintaining production systems, with strong Python programming skills and experience across the stack (backend/frontend). Deep expertise in advanced Generative AI techniques, including implementing Retrieval-Augmented Generation (RAG), designing AI Agents and Multi-step Cognitive Processes (MCP), and building with workflow orchestration frameworks. Proven ability to own the entire model lifecycle by designing and managing robust MLOps pipelines; experience with containerization (Docker), virtualization (VMs), and cloud platforms (AWS, GCP, Azure) is a plus. Experience in designing, implementing, and fine-tuning custom LLMs, coupled with a strong understanding of NLP fundamentals, transformer architectures, PyTorch/TensorFlow, and data structures. Strong curiosity about security, privacy, and threat modeling; a desire to safely "break" systems to secure them and apply best practices to AI pipelines and deployments. Strong product sense for rapid iteration and refinement based on data, combined with a collaborative mindset to work closely with engineers, product managers, and security analysts in a fast-paced environment. Benefits: Industry competitive pay Restricted Stock Units in a fast growing, well-funded technology company Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents Employer contributions to HSA accounts Paid Parental Leave Paid life insurance, short-term and long-term disability Teladoc 401(k) with a 100% match up to 4% of salary Generous paid time off and holiday schedule Cell phone reimbursement Tuition reimbursement Subscription to the Calm app MetLife Legal Company paid commuter benefit; $300 per month Compensation: Compensation will be paid in the range of $135,000 - $150,000. Restricted Stock Units are included in all offers. Compensation to be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data. Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.