Information assurance full time jobs

Responsibilities & Qualifications RESPONSIBILITIES Serve as a cybersecurity SME, providing support for ESS and EKC system assessments. Fully versed in the general tenets of the DoD's authorization process, including relevant cybersecurity policies, procedures, and processes. Support the DoD cybersecurity process by serving as a SME for ESS and/or EKC systems undergoing authorization. Design, develop, and implement cybersecurity measures into systems, delivering comprehensive cybersecurity assessment documentation. Understand and apply security controls identified in NIST 800-53 to the process of assessing and authorizing DLA ESS and EKC systems. Determine the severity value of identified vulnerabilities and assess their potential impact on the system's current or future authorization status. Perform key functions related to security control selection, implementation, and documentation. Collaborate closely with the Information Systems Security Manager (ISSM) on complex system details. Monitor and control communications at key internal boundaries among subsystems and provide system-wide common controls that meet or exceed the requirements of constituent subsystems. Lead the development, integration, and testing processes to deliver and deploy production-ready systems that meet business requirements and project schedules. Work closely with product management to translate business requirements into technical solutions, architecture design, level of effort, and project schedule. Design architecture and establish best practices to produce efficient and effective system operations while minimizing refactoring and rework. Provide support for the Security Technical Implementation Guides (STIGs) process and develop and submit cybersecurity documentation as required. Ensure the implementation of DoD STIG compliance for ESS/EKC systems/applications and maintain compliance with required DoD STIGs. Support reviews associated with STIGs, cyber assessments, and continuous monitoring activities. REQUIRED QUALIFICATIONS Experience: Five (5) years of relevant C&A experience MF and NIST C&A experience DOD cybersecurity experience Certifications: (One of the following) CGRC/CAP CASP+ CCSP SSCP Security+ GSEC CISM CISSO FITSP-M GCIA GCSA GCIH GSLC GICSP CISSP-ISSMP CISSP Clearance: Must possess a Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). Overview We are seeking a Senior System Security / Cybersecurity Analyst to join our team supporting DLA Integrated Electronic Security Systems (IESS) and Electronic Key Control (EKC). TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles - the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at ***************** Apply now to explore jobs with us! The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation. By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration. Additional Job Information WORK ENVIRONMENT AND PHYSICAL DEMANDS The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Location: Columbus, OH Type of environment: On Site Noise level: Medium Work schedule: Schedule is day shift Monday - Friday. May be requested to work evenings and weekends to meet program and contract needs. Amount of Travel: Less than 10% PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus. WORK AUTHORIZATION/SECURITY CLEARANCE U.S. Citizen Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). OTHER INFORMATION Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment. EQUAL EMPLOYMENT OPPORTUNITY In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information, or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment. TekSynap is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please contact *************** for assistance.

Cintas is currently looking for an IT Security Engineer-Level 2 for the IT Security Team within IT. This role researches, recommends and implements changes to enhance information systems security and monitoring capabilities. The Information Security Engineer-Level 2 is responsible for: engineering solutions (processes, technologies) to mitigate control gaps; presenting proposed solutions to IT management; coordinating with vendors for proof-of-concept, proof-of-value, and pilot exercises; reviewing information systems to identify potential security weaknesses, recommending improvements to reduce vulnerabilities; taking part of on-call rotation to triage any potential security incidents; participating in network and systems design to ensure implementation of appropriate systems security policies; maintaining and growing knowledge and understanding of information security, risk management and regulatory compliance topics, providing occasional after hours and weekend support for project efforts; acting as mentor for junior engineers; and working collaboratively with various Cintas partners to design, build, and deploy security frameworks. **Skills/Qualifications** REQUIRED: + High school diploma/GED required; Bachelor's degree in Computer Science or related IT area, preferred + Minimum 7 years of experience in Information Technology + Minimum 4 years of experience in Information Security + Strong knowledge of cyber security practices and procedures + Strong knowledge of networking and infrastructure best practices + Ability to act as the primary SME for Cloud Security + Strong working knowledge of the CSF Framework + Strong working knowledge of GCP, GCVE required; Azure preferred Preferred: + Industry certifications (e.g., GCP, ACE) Benefits Cintas offers comprehensive and competitive medical, dental and vision benefits, with premiums below the national average. We offer flexibility with four different medical plan options; one plan is offered at zero cost. Additionally, our employee-partners enjoy: - Competitive Pay - 401(k) with Company Match/Profit Sharing/Employee Stock Ownership Plan (ESOP) - Disability, Life and AD&D Insurance, 100% Company Paid - Paid Time Off and Holidays - Skills Development, Training and Career Advancement Opportunities Company Information Cintas Corporation helps more than one million businesses of all types and sizes get Ready to open their doors with confidence every day by providing products and services that help keep their customers' facilities and employees clean, safe, and looking their best. With offerings including uniforms, mats, mops, towels, restroom supplies, workplace water services, first aid and safety products, eye-wash stations, safety training, fire extinguishers, sprinkler systems and alarm service, Cintas helps customers get Ready for the Workday . Headquartered in the U.S., Cincinnati, OH, Cintas is a publicly held Fortune 500 company traded over the Nasdaq Global Select Market under the symbol CTAS and is a component of both the Standard & Poor's 500 Index and Nasdaq-100 Index. Cintas Corporation is proud to be an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, age, genetic information, disability, protected veteran status, or any other characteristic or category protected by local, state, or federal law. This job posting will remain open for at least five (5) days. **Job Category:** Information Technology **Organization:** **Employee Status:** Regular **Schedule:** Full Time **Shift:** 1st Shift

Information System Security OfficerJob Category: Information TechnologyTime Type: Full time Minimum Clearance Required to Start: SecretEmployee Type: RegularPercentage of Travel Required: NoneType of Travel: None* * * The Opportunity: CACI is seeking a skilled and experienced Information Systems Security Officer (ISSO) to join our team at Wright Patterson Air Force Base in Ohio. This critical role will be responsible for implementing and maintaining robust cybersecurity measures to protect Air Force information systems. The ideal candidate will have a strong background in DoD cybersecurity protocols, risk management, and cloud-based security tools. As an ISSO, you will play a vital role in ensuring the integrity, confidentiality, and availability of sensitive information while supporting the mission-critical operations onsite at Wright Patterson AFB. If you are passionate about cybersecurity and ready to contribute to national defense in a dynamic environment, we encourage you to apply for this challenging and rewarding position. Responsibilities: Create and implement Air Force security policies, procedures, and controls to protect information systems. Conduct risk assessments and develop risk management plans to identify and mitigate vulnerabilities. Configure cloud-based security tools to monitor networks, systems, and user activity for security breaches, analyze threats, and review security and audit logs. Develop and perform continuous monitoring techniques and procedures. Review and evaluate STIG and static code analysis scans for compliance and vulnerabilities. Provide security guidance to technical and software development teams throughout the software development lifecycle (SDLC). Ensure software, hardware, and user access controls comply with security configuration guidelines. Report incidents or vulnerabilities and initiate counter measures and actions to restore cybersecurity posture. Qualifications: Required: Bachelor's degree in a related field or 6 years' experience. Knowledgeable of DoDI 8500.01 (Cyber Security), 8510.01 (Risk Management Framework for Air Force Information Technology), AFI 17-101(Risk Management Framework for Air Force Information Technology), and NIST SP 800-53 Security and Privacy Controls. Active DoD 8140 IAM Level II certification (CASP+, CCNP Security, CISA, CISSP (or Associate), CCSP, GCED, or GCIH). Strong knowledge of IT security principles, network monitoring, operating systems, and security tools. Strong customer service, interpersonal, and communication skills (written and verbal). Good organizational, time management, analytical, and problem-solving skills. Must be able to work as part of a team and individually, meeting tight deadlines. Candidates must be U.S. Citizens and have the ability to obtain a secret clearance investigation in a timely manner. Desired: Knowledgeable with Enterprise Mission Assurance Support Service (eMASS) and associated artifacts and Plan of Actions & Milestone (POA&M) requirements. Knowledgeable about ZeroTrust tools and techniques including Identity, Credential, and Access Management (ICAM) efforts. Ability to review and analyze for consistency, congruency, and in-depth due diligence. Experience with Cloud environments and Cloud security tools. Experience in software development environments including DevSecOps and tools such as the Atlassian suite (Jira, Confluence, etc). Experience with security control evidence development. Familiarity with Configuration Management and Configuration Control Boards. - ________________________________________________________________________________________ What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy. Your potential is limitless. So is ours. Learn more about CACI here. ________________________________________________________________________________________ Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here. The proposed salary range for this position is: $75,200-$158,100 CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

":"As an Information Security Compliance Analyst, you will learn about the regulatory, contractual, and legislative requirements that affect technology used by our Company . You will be responsible for coordinating with internal and external parties to complete a variety of cyber security assessments, help raise security awareness of associates, provide guidance on industry standard cyber security requirements, and track on-going activities that help meet our security and compliance goals. If you thrive on solving complex problems, embrace continuous learning, and approach challenges with curiosity and critical thinking, apply today! #LI-DNI","job_category":"Information Technology","job_state":"OH","job_title":"Information Security Compliance Analyst","date":"2025-12-04","zip":"45430","position_type":"Full-Time","salary_max":"0","salary_min":"0","requirements":"Strong critical thinking skills required~^~Basic computer skills required~^~Strong written and verbal communication~^~Strong ability to drive task and organizing\/maintaining records~^~Ability to think creatively and strategically~^~Passion for learning new and emerging technology~^~Technology education or certifications, experience with enterprise IT environments, experience working with security regulatory requirements, and knowledge of security frameworks such as NIST CFS, NIST 800-53, ISO, PCI-DSS a plus","training":"","benefits":"Our associates receive medical, dental, vision, and life insurance. We also offer company contributions to your HSA, 6% match on 401(k), and a work\/life balance with paid time off. At our Dayton office, you can take advantage of our great training programs and facility amenities, including an onsite dining facility offering complimentary breakfast and lunch, a fitness center, and an onsite medical center. We also offer a wide variety of sports and social leagues to participate in after work, along with volunteering initiatives through our Associate Foundation. Reynolds and Reynolds promotes a healthy lifestyle by providing a non-smoking environment. Reynolds and Reynolds is an equal opportunity employer. ","

Full Part/Time: Full time Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information Security, Information Security Management, Information System Security Certifications: None Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) II is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide "day-to-day" support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include: * Assist the ISSM in meeting their duties and responsibilities. * Prepare, review, and update authorization packages. * Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. * Notify ISSM when changes occur that might affect the authorization determination of the information system(s). * Conduct periodic reviews of information systems to ensure compliance with the security authorization package. * Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. * Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. * Ensure all IS security-related documentation is current and accessible to properly authorized individuals. * Ensure audit records are collected, reviewed, and documented (to include any anomalies) * Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. * Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. * Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. * Prepare reports on the status of security safeguards applied to computer systems. * Perform ISSO duties in support of in-house and external customers. * Conduct continuous monitoring activities for authorization boundaries under your preview. * Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: * 5+ years related experience. * 2+ years SAP experience required. * Prior performance in roles such as System, Network Administrator or ISSO. Education: * Bachelor's degree OR Associate's degree in a related area + 2 years' experience OR equivalent experience (4 years) Certifications: * IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II - within 6 months of hire Clearance Required to Start: * TS/SCI required * Must be able to Attain - TS/SCI with CI Polygraph #AirforceSAPOpportunities The likely salary range for this position is $92,735 - $125,465. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA OH Dayton Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Required Travel: 0 - 10% Employment Type: Full Time/Salaried/Exempt Anticipated Salary Range: $72,181.00 - $100,000.00 Security Clearance: TS/SCI Level of Experience: Mid This opportunity resides with Warfare Systems (WS), a business group within HII's Mission Technologies division. Warfare Systems comprises cyber and mission IT; electronic warfare; and C5ISR systems. HII works within our nation's intelligence and cyber operations communities to defend our interests in cyberspace and anticipate emerging threats. Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware development uniquely enable us to support sensitive missions for the U.S. military and federal agency partners. Meet HII's Mission Technologies Division Our team of more than 7,000 professionals worldwide delivers all-domain expertise and advanced technologies in service of mission partners across the globe. Mission Technologies is leading the next evolution of national defense - the data evolution - by accelerating a breadth of national security solutions for government and commercial customers. Our capabilities range from C5ISR, AI and Big Data, cyber operations and synthetic training environments to fleet sustainment, environmental remediation and the largest family of unmanned underwater vehicles in every class. Find the role that's right for you. Apply today. We look forward to meeting you. To learn more about Mission Technologies, click here for a short video: *************************** Job Description As the Information Systems Security Officer (ISSO) the individual works closely with the Information Systems Security Manager (ISSM) proposing, coordinating, implementing and enforcing information system security policies, standards and methodologies. Implementing operating systems and network devices security configuration in accordance with approved Security Technical Implementation Guides (STIGs). Collaborate with team members to define and implement cybersecurity requirements for managed systems and software. Conduct security assessments of Risk Management Framework (RMF) controls implemented for assigned systems. Identify corrective actions and mitigation strategies to achieve and sustain RMF compliance. Job Duties Include: Performing vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP). Performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems. Essential Job Responsibilities Assist with all activities associated with the assessment and authorization (A&A) of all hosted computing environments. Perform cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity testing and evaluation and to assist the ISSM with the final approval for Authority to Operate (ATO) and/or Authority to Connect (ATC). Interface with end users to discuss IT, data management and collaboration tools understanding and benefits. Ensures software, hardware and firmware complies with appropriate security configuration guidelines. Coordinates changes or modifications with the ISSM and SCAR/SCA. Initiates protective or corrective measures, in coordination with the ISSM. Reports security incidents or vulnerabilities to the ISSM. Minimum Qualifications + 2 years relevant experience with Bachelors in related field; 0 years experience with Masters in related field; or High School Diploma or equivalent and 6 years relevant experience. + Experience planning and implementing network layouts of varying classifications in SCIF/SAPF spaces. + Ability to coordinate and plan IT requirements across several Enterprise, MAJCOM, and agency partners. + Familiarity with ICD/ICS 705 Standards as they pertain to networks. + DoD 8570 (Sec+ or applicable) IAT level II cert required + Active TS/SCI clearance with ability to gain SAP/SAR Preferred Requirements Experience working as a COMSEC responsible Officer or familiarity handling and safeguarding COMSEC Physical Requirements May require working in an office or laboratory environment. Capable of climbing ladders and tolerating confined spaces and extreme temperature variances. The listed salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, HII's Mission Technologies division takes a variety of factors into consideration which include, but are not limited to, the role's function and a candidate's education or training, work experience, and key skills. Together we are working to ensure a future where everyone can be free and thrive. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to ************************** and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call ************** for assistance. Press #3 for HII Mission Technologies.

Cintas is currently looking for an Information Security GRC Analyst II for the Compliance team within the IT Security GRC (Governance, Risk, Compliance) organization. The IT GRC Analyst II is responsible for: supporting Cintas IT Governance, Risk and Compliance (GRC) operations; identifying, recommending, driving and implementing improvements; supporting the organization and retention of evidential documentation for Policy and regulatory compliance and assessment of levels of risk; responsible for security procedures documentation, controls execution, monitoring, and reporting; coordinating and owning key GRC practices; participating in annual budgeting and planning processes related to Cintas IT GRC. The role will have a heavy involvement with assessing, designing, and implementing controls compliant with PCI DSS requirements. This position is required to be on-site at the Cintas corporate headquarters in Mason, OH. Skills/Qualifications Required: H.S. Diploma/GED required; bachelor's degree in an appropriate discipline or its equivalent in related work experience preferred Minimum 4 years of experience in Information Technology Minimum 3 years of experience in IT Governance, Risk and/or Compliance Minimum 2 years of experience with PCI DSS Preferred: Familiarity with SOX, NIST or other cybersecurity, compliance, and risk frameworks Benefits Cintas offers comprehensive and competitive medical, dental and vision benefits, with premiums below the national average. We offer flexibility with four different medical plan options; one plan is offered at zero cost. Additionally, our employee-partners enjoy: • Competitive Pay • 401(k) with Company Match/Profit Sharing/Employee Stock Ownership Plan (ESOP) • Disability, Life and AD&D Insurance, 100% Company Paid • Paid Time Off and Holidays • Skills Development, Training and Career Advancement Opportunities Company Information Cintas Corporation helps more than one million businesses of all types and sizes get Ready™ to open their doors with confidence every day by providing products and services that help keep their customers' facilities and employees clean, safe, and looking their best. With offerings including uniforms, mats, mops, towels, restroom supplies, workplace water services, first aid and safety products, eye-wash stations, safety training, fire extinguishers, sprinkler systems and alarm service, Cintas helps customers get Ready for the Workday . Headquartered in the U.S., Cincinnati, OH, Cintas is a publicly held Fortune 500 company traded over the Nasdaq Global Select Market under the symbol CTAS and is a component of both the Standard & Poor's 500 Index and Nasdaq-100 Index. Cintas Corporation is proud to be an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, age, genetic information, disability, protected veteran status, or any other characteristic or category protected by local, state, or federal law. This job posting will remain open for at least five (5) days. Job Category: Information Technology Organization: Corporate Employee Status: Regular Schedule: Full Time Shift: 1st Shift

Information Technology Manager 1 - Security & Compliance Manager- 20078290 (250008DD) Organization: CommerceAgency Contact Name and Information: ************************ or **************Unposting Date: OngoingPrimary Location: United States of America-OHIO-Franklin County-Columbus Compensation: Pay range 16, step 1 $47.50/hr.Schedule: Full-time Work Hours: 8:00 am - 5:00 pm (Hours subject to change) Classified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: Information TechnologyTechnical Skills: Risk Management, CybersecurityProfessional Skills: Analyzation, Collaboration, Consultation, InnovationPrimary Technology: Security Monitoring Agency Overview This is a re-post. If you applied to posting 250006TA, you do not need to re-apply to be considered. The Mission of the Ohio Department of Commerce is promoting prosperity by protecting what matters most. The Division of Administration provides overall leadership and administrative support for all Divisions. The Division includes the Office of Director, Communications, Fiscal, Human Resources, IT, Legal and Legislative Affairs. As the state's chief regulator, the Department of Commerce impacts Ohioans every day. We are motivated by our mission to promote prosperity for businesses and licensees by protecting what matters most to the residents of our state. We ensure compliance through proactive outreach, education, and customer-focused service.Commerce is comprised of eight operating divisions and one standalone program that span a variety of industries including real estate, liquor, banking, securities, firefighting, construction and skilled trades, and cannabis. Through exceptional compliance practices and oversight, Commerce has a direct role in protecting Ohioans.Our Guiding PrinciplesMaking an IMPACT for the customer:InclusiveMotivatedProactiveAccountableCustomer-FocusedTeamwork Job DescriptionThe IT Security Manager will serve in a management role with technical capabilities and strategic planning oversight; responsible for overseeing and managing security programs, projects, personnel, logical/technical administration, and security acquisitions. Our preferred candidate possesses the ability and experience to focus on reducing security risks throughout the infrastructure to an acceptable level, in alignment with the organizations business needs and requirements. They will be capable of identifying, establishing, and adhering to tactical plans for achieving set goals within a dynamic fast-paced environment. Duties include but are not limited to: Lead the team responsible for security assessments, developing risk-based solutions and controls frameworks. Serve as the subject matter expert for control validation in the Security team. Create/Update/Maintain IT Security Guidelines and Standards. Develop System Policies and establish system standards. Communicate security controls and remediate any concerns. Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations. Conduct, document, and report on internal and third-party risk program. Collaborate with the DAS OISP team to ensure successful delivery of security & business objectives. Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements. Be a highly analytical and effective communicator capable of influencing other teams and departments. Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.Qualifications8 1/2 years (102 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting; 18 months exp. in performing project management functions as defined in series purpose. -Or completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; additional 6 1/2 years (78 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting.; 18 mos. exp. in performing project management functions as defined in series purpose. -Or 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. Or in offices of statewide information technology policy & planning, positions require completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; 3 yrs. exp. in utilizing word processing software; 3 yrs. exp. in utilizing internet browser(s) for research; 54 mos. exp. which included following: knowledge of information technology architecture components, developing information technology strategic plans, preparing & making presentations/public speaking, writing information technology related policy & procedures, preparing & monitoring budget, providing cost & resources estimates, & contract management; 2 yrs. exp. in utilizing e-mail system; 18 mos. exp. in project management or lead role on information technology project;12 mos. exp. in utilizing spreadsheet software; 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. -Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skills: Information TechnologySupplemental InformationApplications must clearly indicate how the applicant meets the minimum qualification for the position. If you meet minimum qualification due to educational achievement, please submit a copy of your unofficial transcript(s) with your application. All answers to the supplemental questions must be supported by information provided in the work experience &/or education sections on your civil service application. Please do not use “see resume” as a substitution for the completed application; assumptions will not be made. Application Status: You can check the status of your application online by signing into your profile. Careers to which you've applied will be listed. The application status is shown to the right of the position title and application submission details. The final candidate selected for this position will be required to undergo a criminal background check as well as other investigative reviews. Criminal convictions do not necessarily preclude an applicant from consideration for a position, unless restricted under state or federal law or federal restrictions. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration.All final applicants tentatively selected for this position will be required to submit to urinalysis to test for illegal drug use prior to appointments. Testing will also be performed for the presence of marijuana. An applicant with a positive test shall not be offered employment unless the applicant submits medical documentation of legally prescribed medications or a recommendation for medical marijuana. Also, an applicant with a positive test will not be considered for any position with the State of Ohio for a period of one year.ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.

Information Technology Manager 1 - Security & Compliance Manager- 20078290 (250008DD) Organization: CommerceAgency Contact Name and Information: ************************ or **************Unposting Date: OngoingPrimary Location: United States of America-OHIO-Franklin County-Columbus Compensation: Pay range 16, step 1 $47.50/hr.Schedule: Full-time Work Hours: 8:00 am - 5:00 pm (Hours subject to change) Classified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: Information TechnologyTechnical Skills: Risk Management, CybersecurityProfessional Skills: Analyzation, Collaboration, Consultation, InnovationPrimary Technology: Security Monitoring Agency Overview This is a re-post. If you applied to posting 250006TA, you do not need to re-apply to be considered. The Mission of the Ohio Department of Commerce is promoting prosperity by protecting what matters most. The Division of Administration provides overall leadership and administrative support for all Divisions. The Division includes the Office of Director, Communications, Fiscal, Human Resources, IT, Legal and Legislative Affairs. As the state's chief regulator, the Department of Commerce impacts Ohioans every day. We are motivated by our mission to promote prosperity for businesses and licensees by protecting what matters most to the residents of our state. We ensure compliance through proactive outreach, education, and customer-focused service.Commerce is comprised of eight operating divisions and one standalone program that span a variety of industries including real estate, liquor, banking, securities, firefighting, construction and skilled trades, and cannabis. Through exceptional compliance practices and oversight, Commerce has a direct role in protecting Ohioans.Our Guiding PrinciplesMaking an IMPACT for the customer:InclusiveMotivatedProactiveAccountableCustomer-FocusedTeamwork Job DescriptionThe IT Security Manager will serve in a management role with technical capabilities and strategic planning oversight; responsible for overseeing and managing security programs, projects, personnel, logical/technical administration, and security acquisitions. Our preferred candidate possesses the ability and experience to focus on reducing security risks throughout the infrastructure to an acceptable level, in alignment with the organizations business needs and requirements. They will be capable of identifying, establishing, and adhering to tactical plans for achieving set goals within a dynamic fast-paced environment. Duties include but are not limited to: Lead the team responsible for security assessments, developing risk-based solutions and controls frameworks. Serve as the subject matter expert for control validation in the Security team. Create/Update/Maintain IT Security Guidelines and Standards. Develop System Policies and establish system standards. Communicate security controls and remediate any concerns. Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations. Conduct, document, and report on internal and third-party risk program. Collaborate with the DAS OISP team to ensure successful delivery of security & business objectives. Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements. Be a highly analytical and effective communicator capable of influencing other teams and departments. Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.Qualifications8 1/2 years (102 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting; 18 months exp. in performing project management functions as defined in series purpose. -Or completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; additional 6 1/2 years (78 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting.; 18 mos. exp. in performing project management functions as defined in series purpose. -Or 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. Or in offices of statewide information technology policy & planning, positions require completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; 3 yrs. exp. in utilizing word processing software; 3 yrs. exp. in utilizing internet browser(s) for research; 54 mos. exp. which included following: knowledge of information technology architecture components, developing information technology strategic plans, preparing & making presentations/public speaking, writing information technology related policy & procedures, preparing & monitoring budget, providing cost & resources estimates, & contract management; 2 yrs. exp. in utilizing e-mail system; 18 mos. exp. in project management or lead role on information technology project;12 mos. exp. in utilizing spreadsheet software; 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. -Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skills: Information TechnologySupplemental InformationApplications must clearly indicate how the applicant meets the minimum qualification for the position. If you meet minimum qualification due to educational achievement, please submit a copy of your unofficial transcript(s) with your application. All answers to the supplemental questions must be supported by information provided in the work experience &/or education sections on your civil service application. Please do not use “see resume” as a substitution for the completed application; assumptions will not be made. Application Status: You can check the status of your application online by signing into your profile. Careers to which you've applied will be listed. The application status is shown to the right of the position title and application submission details. The final candidate selected for this position will be required to undergo a criminal background check as well as other investigative reviews. Criminal convictions do not necessarily preclude an applicant from consideration for a position, unless restricted under state or federal law or federal restrictions. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration.All final applicants tentatively selected for this position will be required to submit to urinalysis to test for illegal drug use prior to appointments. Testing will also be performed for the presence of marijuana. An applicant with a positive test shall not be offered employment unless the applicant submits medical documentation of legally prescribed medications or a recommendation for medical marijuana. Also, an applicant with a positive test will not be considered for any position with the State of Ohio for a period of one year.ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.

: Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world's largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership. Information Security Analyst 2 Job Duties Governance, Risk, & Compliance (GRC) Application Subject Matter Expert - Operate and maintain Company's Governance, Risk and Compliance (GRC) platform, its libraries, reports, portals, and data integrations to effectively support operations, data accuracy and user processes. Serve as the primary liaison for GRC software vendors, by maintaining contact with vendor representatives, submitting troubleshooting tickets and software feedback to improve the user experience. Support Company's Enterprise Risk Management, Compliance, Vendor Management, Business Continuity Planning, Information Technology and Security, Project Management and Audit Programs with data entry, maintenance, and configuration. Develop, maintain, and distribute custom and ad hoc reporting of risk data including taxonomy analytics and Key Risk Indicators (KRI's). Security Architecture & Control Design - Develop/integrate cybersecurity designs for systems and networks for the processing of company data. Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements. Ensure that acquired or developed systems and architectures are consistent with company's cybersecurity architecture guidelines. Risk Assessment - Coordinate external risk assessments including audits, gap assessments, and penetration testing to evaluate security architectures and designs to determine the adequacy of security design and architecture. Determine protection needs (i.e., security controls) for company's information processing and document appropriately. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. Incident Response Communication- Coordinate communication and information sharing aspects of incident response. Draft messages and updates to internal and external audiences for Incident Response Team (IRT) review, such as employees, customers, partners, media, or public. Handle crisis management issues and provides guidance and education on incident prevention and response best practices. Perform other duties as assigned. Minimum Qualifications 2-4 years related experience Associate's degree (Information Technology, Cyber Security, Computer Science) Non-degree considered if 6+ years of related experience along with a high school diploma (GED) Preferred Qualifications Intermediate knowledge of various Information Security & Privacy Frameworks such as the Secure Controls Framework, NIST CSF, NIST 800-171, NIST 800-53, NIST Privacy Framework, ISO-27001, ISO-27701, GDPR, US & other global privacy regulations. Work experience in other Information Technology disciplines such as software development, help desk, networking, systems administration or similar in conjunction with professional certifications such as CASP+, CISSP Associate, or AWS Associate Level Certifications. Intermediate level of knowledge in at least one scripting or software development language such as PowerShell, Bash, Java, or Python. Good written and oral communication skills, deductive reasoning, and analytical investigative skills. Good interpersonal skills to facilitate positive relations between business groups. Requires excellent verbal and written communication skills, as well as a knowledge of company's culture and values. Work Authorization: Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future, are not eligible for hire. No agency calls please. Compensation and Benefits: Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and much more. EOE Veterans/Disabilities

This role is primarily responsible for executing the tactical and strategic initiatives of the Information Security team to include programs such as risk and vulnerability management, incident response, security architecture, cloud security and third-party vendor management. Work is typically assigned by the Information Security Manager, although the Information Security Analyst is expected to operate with minimal oversight and be able to identify areas of opportunity to get involved with information security tasks and initiatives. The ideal candidate is comfortable working in a fast-paced environment, communicating to technical and non-technical staff, and capable of switching between tasks as situations and criticality arise and be passionate about learning and continuous education. ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned. Execute on security strategy as defined by the Information Security Manager. Participation in the Firm's Vulnerability Management Program, working with cross-functional teams to identify, manage and mitigate security vulnerabilities across the Firm. Assist with the administration of the Firm's Vendor Risk Management process, including analyzing and responding to third-party risk assessments. Monitor and respond to information security alerts and notifications (IDS/IPS, SIEM, AV/EDR, etc.). Design, review and administer Azure cloud security controls and architecture, including auditing Azure cloud environments. Utilize scripting languages such as PowerShell and Python to automate tasks and improve security operations. Collaborate and advise on IT projects to ensure security issues are addressed throughout the project life cycle. Assist other IT teams in developing and employing security solutions across various applications and product platforms. Administer and utilize various endpoint and network security tools, such as CrowdStrike, SIEM tools, Fortinet or other comparable advanced detection and response tools. Administer and utilize vulnerability scanning, packet analysis and exploitation tools such as Nessus, nmap, Wireshark, tcpdump, Metasploit or similar technologies. Design, review and aid with implementation of secure networks and system architecture (ex. network topology reviews, firewall ruleset reviews, minimum security baselines, etc.). Apply appropriate controls referenced in various security frameworks and standards, such as the NIST CSF 2.0 Framework, NIST 800-53, CIS Controls, etc. Monitor and secure Microsoft client and server systems, along with Fortinet and Cisco (or comparable) network devices. Assist with the management and maintenance of user security policy education, training and awareness programs. Conduct security research to stay abreast of latest security issues, including laws and regulations which may affect the Firm. Other duties as requested and assigned. QUALIFICATION REQUIREMENTS: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. EDUCATION/EXPERIENCE: Bachelor's Degree in Computer Science, Management Information Systems or related field with a minimum of 5-7 years of experience in Information Technology, or equivalent combination of education and experience. This must include 3-5 years of experience in Information Security with two or more of the following domains: Windows Systems Administration, UNIX/Linux Systems Administration, Networking, Access Control, Incident Response, and Information & Data Security. Preferred Certifications: Certified Information Systems Security Professional (CISSP) GIAC GSEC, GCIH, GCIA, GCWN, or equivalent certification CompTIA Security+, CySA+, Network+, CASP or equivalent certification Microsoft Azure Security Certifications (i.e. AZ-500, SC-100 to SC-400) TECHNICAL SKILLS: Demonstrated proficiency in Microsoft Office Suite including Word, Outlook, Excel, and PowerPoint. Proven aptitude to learn new software applications. LANGUAGE SKILLS: Very strong communication skills, both written and oral. Excellent interpersonal communication skills necessary to maintain effective relationships with staff, trusted third-party partners, attorneys and clients. Establish credibility with staff and attorney base through quality work and communications that bring to bear the right mix of confidence, tact, persistence and reliability. Written communications must be concise, professional and accurate. MATHEMATICAL SKILLS: Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals. REASONING ABILITY: Ability to apply common sense understanding to carry out instructions furnished in written, oral, or diagram form. Ability to deal with problems involving several concrete variables in standardized situations. Ability to define problems, collect data, establish facts and draw valid conclusions. Ability to interpret an extensive variety of instructions and deal with several abstract and concrete variables. Exhibit independent thinking and decision making. Ability to interpret an extensive variety of instructions in mathematical or diagram form and deal with several abstract and concrete variables. Ability to think strategically, develop tactics and execute pragmatically. OTHER SKILLS and ABILITIES: Excellent organizational and planning skills with ability to prioritize multiple tasks and projects to meet deadlines. Ability to work under pressure in a fast-paced environment with demanding individuals. Strong analytical and organizational skills with a tolerance for uncertainty and an ability to prioritize and complete simultaneous projects with minimal supervision. Outstanding creativity; flexibility and persistence; motivation and energy with the ability to work with little supervision and collaborate with other members of the team. Ability to work overtime when needed. Work occasionally requires more than 40 hours per week to perform the essential duties of the position. A tolerance for uncertainty and an ability to prioritize and complete simultaneous projects with minimal supervision. Thorough understanding of technologies that can be applied to firm operations and enhance working efficiency. Ability to exercise discretion with confidential and sensitive information. PHYSICAL DEMANDS: The physical demands described here are representative of those that should be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle, or feel objects, documents, books, pen/pencil, paper, controls and manipulate a keyboard, and input data into a PC; and talk or hear. The employee is frequently required to walk. The employee is occasionally required to use hands to prepare correspondence and reports on a personal computer. The employee is occasionally required to stand and reach with hands and arms. And stoop, kneel, bend, crouch or crawl. Ability to operate a variety of standard office equipment including a computer, copy and facsimile machines. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception and the ability to adjust focus. WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderate. The salary offered in any location will be determined by a wide range of factors, including, but not limited to, experience level, education/training, geographic region, and relevant skills. Associates also participate in a performance- and hours-based bonus program. The expected annual salary for this position ranges from $100,000- $115,000 Baker & Hostetler LLP is an Equal Opportunity Employer. #LI-Remote

JobID: 210664241 JobSchedule: Full time JobShift: Day : Take on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the future of software security at one of the world's largest and most influential companies. As a Lead Security Engineer at JP Morgan Chase within the Cybersecurity & Technology Controls, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions. Job Responsibilities : * Specific experience deploying commercial software at scale into an enterprise environment. Develop and enforce robust change management practices to ensure system integrity and security. * Show strong experience defining and implementing infrastructure as Code (IaC), working with CI/CD pipelines, and associated automation tooling. * Function in systems engineering, systems integrations, and systems administration roles. Demonstrate strong working knowledge of Windows and Linux systems internals. * Execute on key deliverables in the security engineering space. Design and develop production deployments with the ability to think beyond routine or conventional approaches in order to deliver technology solutions for key stakeholders. * Develop secure and high-quality production code and review and debug code written by others. Able to implement complex business logic in Python, Bash, PowerShell, and other scripting languages. * Engage effectively with third-party vendors and communicate and collaborate with a broad range of internal teams. * Minimize security vulnerabilities by following industry insights and government regulations to continuously evolve security protocols, including creating processes to determine the effectiveness of current controls. * Work with stakeholders and business leaders to understand security needs and recommend business modifications during periods of vulnerability. Required qualifications, capabilities, and skills * Formal training or certification on Engineering and/or Cybersecurity concepts and 5+ years applied experience as a cloud engineer, deployment engineer, DevOps engineer, or equivalent role. * Experience with cloud engineering, deployment engineering, DevOps engineering, or equivalent * Demonstrated skills in planning, designing, and implementing enterprise level security solutions. * Strong experience defining and implementing infrastructure as Code (IaC), working with CI/CD pipelines, and associated automation tooling * Commanding knowledge of a programming/scripting language for automation and integration tasks. Proficiency in all aspects of the Software Development Life Cycle. * Strong analytical experience with problem solving mindset and the ability to solve complex challenges. * Advanced understanding of agile methodologies such as CI/CD, Application Resiliency, and Security. Preferred qualifications, capabilities, and skills * Cloud computing related certifications with an AWS focus are strongly preferred, such as Certified Solutions Architect, DevOps Engineer, or similar. * Experience effectively communicating with senior business leaders. #CTC

We are seeking an Information Systems Security Manager (ISSM) with extensive hands-on experience driving cybersecurity compliance within a defense contractor environment and leading classified network security initiatives, ensuring compliance with Risk Management Framework (RMF), NIST 800-53, DFARS ************, and 32 CFR Part 117 (NISPOM). The ideal candidate will be able to work on-site in Dayton, OH, with 20% travel to our Florida site to support related security projects. Essential Functions: Lead and manage the security posture of classified SIPR networks, ensuring compliance with DoD security policies and CMMC requirements. Develop, implement, and maintain security policies, procedures, and documentation to protect classified systems. Own and manage system accreditation packages with hands-on experience using eMASS and Xacta, ensuring Authority to Operate (ATO) maintenance. Conduct regular security audits, vulnerability assessments, and risk analyses, proactively mitigating threats to classified systems. Oversee and drive incident response procedures for classified environments, ensuring timely reporting and mitigation of security incidents. Administer and optimize security tools and technologies, including HBSS, ACAS, and SIEM Solutions. Collaborate with government security agencies, internal teams, and executive leadership to ensure compliance and address security concerns. Ensure compliance with DoD 8570/8140 certification requirements and maintain appropriate cybersecurity credentials. Support and lead security inspections, audits, and self-assessments to uphold regulatory standards. Perform other duties as required. Standard Essential Functions: Regular and reliable attendance on a full time basis [or in accordance with posted schedule]. Responsible for exhibiting professional behavior with both internal and external business associates that reflects positively on the company and is consistent with the company's policies and practices. Embodies AEVEX's cultural values and aligns daily actions with department goals and company culture. Qualifications and Competencies: Security Clearance- Ability to obtain/maintain a Top Secret DoD clearance, U.S. Citizenship required. Expert knowledge of RMF, NIST 800-53, DFARS ************, CMMC, and 32 CFR Part 117 (NISPOM). Proven experience managing system accreditations with eMASS and Xacta. Strong leadership experience in building and managing security teams. Hands-on experience with HBSS, ACAS, SIEM solutions, and other cybersecurity tools. Education / Certifications: Bachelors Degree in cybersecurity, IT, computer science, or other related field preferred. Certifications: CISSP, or equivalent (Security+ CE alone is not sufficient). Experience: 2 - 5 years of hands-on experience as an ISSM within a defense contractor environment, leading cybersecurity compliance initiatives. Physical Requirements: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties the employee is: Frequently required to sit, and to reach to use computers and other office equipment For the purpose of this summary, occasionally is used to represent up to 1/3 of the time given to the work day, frequently represents 1/3 to 2/3 of the time and constantly represents 2/3 or more of the time. About AEVEX AEVEX, headquartered in Solana Beach, California, supports the U.S. national security mission and partner nation needs around the world by providing full-spectrum aviation, remote sensing, and analysis solutions. The company's capabilities include custom design and engineering; rapid prototyping; sensor integration and sustainment; aircraft modification and certification; flight test instrumentation and support; mission operations service; advanced intelligence data processing, exploitation, and dissemination solutions; and tailored hardware and software mission-system tools. AEVEX uses agile and customized approaches to rapidly define, develop, and deliver specialized solutions for airborne special mission needs for the U.S. Government, partner nations, and commercial businesses. AEVEX has major offices in California, Florida, North Carolina, Ohio, and Virginia. AEVEX provides a full suite of comprehensive benefits, including a 401(k)-retirement plan, comprehensive Medical, Dental, Vision, Disability and Life insurance group coverage with a portion of the premiums paid by the company, professional development funds, and an Employee Assistance Plan (EAP) with counseling, legal help, child and elder care support, among other benefits for qualified employees. Equal Employment Opportunity: AEVEX is an Equal Opportunity employer. We are committed to providing equal employment opportunities to all employees and applicants without regard to race, religious creed, color, sex (including pregnancy, breast feeding and related medical conditions), gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship status, military and veteran status, marital status, age, protected medical condition, genetic information, physical disability, mental disability, or any other protected status in accordance with all applicable federal, state and local laws.

Job Title: Journeyman Information Systems Security Manager (ISSM) Job Description: Sumaria Systems is seeking an Information System Security Manager (ISSM) to ensure system and application deliverables meet all required cyber security policies and regulations for the Technical Advisory and Assistance Services (TAAS) program at Hanscom AFB. This is a full-time position. Responsibilities Support system/application Assessment and Authorization (A&A) efforts, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing National, DoD, and Department of the Air Force policies (i.e., RMF). Recommend policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data. Conduct risk and vulnerability assessments and inspections of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Evaluate threats and vulnerabilities to information systems to ascertain the need for additional safeguards. Evaluate system sources of changes such as Deficiency Reports (DRs), Problem Reports (PRs), Change Requests/Proposals (CRs/CPs), and AF Form 1067s; provide inputs to the root cause analysis reporting and the formulation of recommended solution from alternatives; determine the security impacts of proposed or actual changes to the system, environment, threats, and vulnerabilities; and if any, document in written reports the changes/revisions to the system s RMF artifacts. Review and provide inputs to modification packages, program/system documents and support agreements updates, and communications and network infrastructure upgrades to ensure proper cybersecurity configuration modification management; implementation of technical, managerial, operational requirements; and support requirements (e.g. planning, testing, test infrastructure, documentation, training, etc.) are identified. Review system test plans and test results and if necessary, observe system testing for security control implementation in accordance with cybersecurity policies, guidance, and plan. Perform security impact analysis on any system change and appropriately prepare letters of assurance, security impact letters, and risk assessment letters to include exceptions, deviations, or waivers to cybersecurity requirements when applicable. Continuously monitor intelligence and open-source information for vulnerabilities affecting systems, assess risk, and provide POA&M recommendations. Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations visions and goals. Conduct systems security monitoring, evaluations, audits, and reviews. Recommend systems security contingency plans and disaster recovery procedures. Recommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures. Participate in network and systems (to include cryptographic) design to ensure implementation of appropriate systems security policies. Facilitate the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes. Assess security events to determine impact and implementing corrective actions. Ensure the rigorous application of cybersecurity and cryptographic policies, principles, and practices throughout the system development lifecycle. Author, monitor, and record system information in applicable databases. Prepare and record system, security status, and portfolio management information into the Air Force Information Technology Investment Portfolio Suite (referred to as ITIPS) for FISMA; Security, Interoperability, Supportability, Sustainability, Usability (SISSU); Clinger Cohen Act; and other statutory compliance. Author, review, certify, and/or maintain security management plans and RMF package artifacts including but not limited to: RMF Implementation Plans, System Security Management Plans, Information Support Plans, Program Protection Plans (PPPs), Security Risk Analyses, Security Vulnerability and Countermeasure Analyses, Vulnerability Management Plans, Common Control Packages, Security Concepts of Operations, OPSEC Plans, Authority-to-Connect guest system packages, and other system/network security related documents. Support and assist external teams in the evaluation of systems Cybersecurity posture to include teams performing non-regular cyber tests, war-games, cyber penetration tests, and cyber studies conducted by the NSA, DISA, Air Force Audit Agency, or other organizations. Support the development, coordination, and implementation of cybersecurity-related special projects and taskers, e.g., Defensive Cyber Operations (DCO), Higher Headquarter requests, Notice to Airmen (NOTAMs), Technical Change Orders (TCOs), System Program Office (SPO), 16th AF, USSTRATCOM, USCYBERCOM, SAF/A6, SpOC/S6, AFGSC/A6, 460 Space Wing, and AFNWC/NC efforts. Qualifications Education: Bachelor s degree in a related field. Must hold one of the following certifications: CISSP, CISM, GSLC, or CCISO. Experience with the certification and accreditation process. Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems. Knowledge of intrusion prevention and network access control tools/systems. Understanding of system audit principles and security risk assessment. Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST. Able to perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. Knowledge of cryptography and cryptographic key management concepts. General experience includes development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented. Must have a solid understanding of network infrastructure and mission assurance. Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB. Must have solid communications skills and be capable of working with all levels of an organization. Must be a US Citizen and hold a current Top Secret clearance. Travel: Minor Security Clearance Required: Top Secret with SCI Years of Experience: 3+ years experience in Cyber Security or information assurance. Position Type: Full Time Work Location: Hanscom AFB, Massachusetts Top salaries paid for qualified candidates. Agency submissions are not being accepted at this time. For more information on Sumaria Systems, please visit our website at **************** Sumaria is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or protected veteran status. Sumaria is a Full Lifecycle Engineering, Technical Services and Professional Solutions company in support of the Warfighter, supporting modernization, high end services and next generation capabilities in contested domains. Sumaria has been a trusted partner to U. S. Department of Defense for more than 40 years, providing Lifecycle Systems Engineering, Advisory & Analysis/SETA, C5ISR and Enterprise Information Technology solutions. With expertise to lead, insight to deliver and commitment to succeed; we staff each mission with a carefully selected team of seasoned professionals. We're Headquartered in Peabody, MA, and have regional offices across the nation. Sumaria Systems only provides engineering services to the federal government and does not provide professional engineering or surveying services to the public within the meaning of Ohio Revised Code Section 4733.16.

WhiteDog is seeking an Information Security Analyst to join our Security Operations Center team. The Analyst will help coordinate and report on cyber incidents impacting SOC-as-a-Service customers. This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work. Onsite Location: Cincinnati, OH (no remote available) Employment Type: Full-Time, hourly Compensation: $22-$28/hour Key Responsibilities: Responsible for working in a 24x7 Security Operation Center (SOC) in person. (Hours - 7:00pm-7:00am PST) Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Integrate and share information with other analysts and other teams. Ability to work and be available for on-call activities Other duties as assigned. Experience and Skills: Experience in security device management and SIEM. Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc. Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix. Knowledge of applications, databases, middleware to address security threats against the same. Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems). Knowledge of TCP/IP Protocols, network analysis, and network/security applications. Knowledge of common Internet protocols and applications. Ability to multi-task, prioritize, and manage time effectively. Strong attention to detail. Excellent interpersonal skills and professional demeanor. Excellent verbal and written communication skills. Excellent customer service skills. Proficient in Microsoft Office Applications. Qualifications: The successful candidate will possess the personality traits, work habits, communication, and social skills necessary to work effectively within a dynamic and highly operational environment. This person will have exemplary personal and professional integrity and demonstrate strong interpersonal skills. In addition, the qualified candidate will have a strong desire to succeed in a nationally and internationally recognized operational environment. Bachelor's or Master's degree in a related field or equivalent demonstrated experience and knowledge. You must be a US Citizen 1-3 years' experience as a Security/Network Administrator or equivalent knowledge. Security Essentials Certification (GSEC) Certified Intrusion Analyst (GCIA) Certified Incident Handler (GCIH) Certified Ethical Hacker (CEH) Certified Penetration Tester (CWAPT) CompTIA Network+ CompTIA Security+ Benefits: WhiteDog offers a competitive compensation plan with great earning potential. Our benefits include medical coverage, dental coverage, disability, life insurance, 401K and an amazing work environment! We are an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, ethnicity, religious affiliation, gender, gender identity or expression, sexual orientation, national origin, or disability status. EOE AA M/ F/Vet/Disabled

Cintas is currently looking for an Information Security GRC Analyst II for the Compliance team within the IT Security GRC (Governance, Risk, Compliance) organization. The IT GRC Analyst II is responsible for: supporting Cintas IT Governance, Risk and Compliance (GRC) operations; identifying, recommending, driving and implementing improvements; supporting the organization and retention of evidential documentation for Policy and regulatory compliance and assessment of levels of risk; responsible for security procedures documentation, controls execution, monitoring, and reporting; coordinating and owning key GRC practices; participating in annual budgeting and planning processes related to Cintas IT GRC. The role will have a heavy involvement with assessing, designing, and implementing controls compliant with PCI DSS requirements. **This position is required to be on-site at the Cintas corporate headquarters in Mason, OH.** **Skills/Qualifications** **Required:** + H.S. Diploma/GED required; bachelor's degree in an appropriate discipline or its equivalent in related work experience preferred + Minimum 4 years of experience in Information Technology + Minimum 3 years of experience in IT Governance, Risk and/or Compliance + Minimum 2 years of experience with PCI DSS **Preferred** **:** + Familiarity with SOX, NIST or other cybersecurity, compliance, and risk frameworks Benefits Cintas offers comprehensive and competitive medical, dental and vision benefits, with premiums below the national average. We offer flexibility with four different medical plan options; one plan is offered at zero cost. Additionally, our employee-partners enjoy: - Competitive Pay - 401(k) with Company Match/Profit Sharing/Employee Stock Ownership Plan (ESOP) - Disability, Life and AD&D Insurance, 100% Company Paid - Paid Time Off and Holidays - Skills Development, Training and Career Advancement Opportunities Company Information Cintas Corporation helps more than one million businesses of all types and sizes get Ready to open their doors with confidence every day by providing products and services that help keep their customers' facilities and employees clean, safe, and looking their best. With offerings including uniforms, mats, mops, towels, restroom supplies, workplace water services, first aid and safety products, eye-wash stations, safety training, fire extinguishers, sprinkler systems and alarm service, Cintas helps customers get Ready for the Workday . Headquartered in the U.S., Cincinnati, OH, Cintas is a publicly held Fortune 500 company traded over the Nasdaq Global Select Market under the symbol CTAS and is a component of both the Standard & Poor's 500 Index and Nasdaq-100 Index. Cintas Corporation is proud to be an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, age, genetic information, disability, protected veteran status, or any other characteristic or category protected by local, state, or federal law. This job posting will remain open for at least five (5) days. **Job Category:** Information Technology **Organization:** Corporate **Employee Status:** Regular **Schedule:** Full Time **Shift:** 1st Shift

Company: HII's Mission Technologies division Required Travel: 0 - 10% Employment Type: Full Time/Salaried/Exempt Anticipated Salary Range: $72,181.00 - $100,000.00 Security Clearance: TS/SCI Level of Experience: Mid This opportunity resides with Warfare Systems (WS), a business group within HII's Mission Technologies division. Warfare Systems comprises cyber and mission IT; electronic warfare; and C5ISR systems. HII works within our nation's intelligence and cyber operations communities to defend our interests in cyberspace and anticipate emerging threats. Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware development uniquely enable us to support sensitive missions for the U.S. military and federal agency partners. Meet HII's Mission Technologies Division Our team of more than 7,000 professionals worldwide delivers all-domain expertise and advanced technologies in service of mission partners across the globe. Mission Technologies is leading the next evolution of national defense - the data evolution - by accelerating a breadth of national security solutions for government and commercial customers. Our capabilities range from C5ISR, AI and Big Data, cyber operations and synthetic training environments to fleet sustainment, environmental remediation and the largest family of unmanned underwater vehicles in every class. Find the role that's right for you. Apply today. We look forward to meeting you. To learn more about Mission Technologies, click here for a short video: *************************** Job Description As the Information Systems Security Officer (ISSO) the individual works closely with the Information Systems Security Manager (ISSM) proposing, coordinating, implementing and enforcing information system security policies, standards and methodologies. Implementing operating systems and network devices security configuration in accordance with approved Security Technical Implementation Guides (STIGs). Collaborate with team members to define and implement cybersecurity requirements for managed systems and software. Conduct security assessments of Risk Management Framework (RMF) controls implemented for assigned systems. Identify corrective actions and mitigation strategies to achieve and sustain RMF compliance. Job Duties Include: Performing vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP). Performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems. Essential Job Responsibilities Assist with all activities associated with the assessment and authorization (A&A) of all hosted computing environments. Perform cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity testing and evaluation and to assist the ISSM with the final approval for Authority to Operate (ATO) and/or Authority to Connect (ATC). Interface with end users to discuss IT, data management and collaboration tools understanding and benefits. Ensures software, hardware and firmware complies with appropriate security configuration guidelines. Coordinates changes or modifications with the ISSM and SCAR/SCA. Initiates protective or corrective measures, in coordination with the ISSM. Reports security incidents or vulnerabilities to the ISSM. Minimum Qualifications * 2 years relevant experience with Bachelors in related field; 0 years experience with Masters in related field; or High School Diploma or equivalent and 6 years relevant experience. * Experience planning and implementing network layouts of varying classifications in SCIF/SAPF spaces. * Ability to coordinate and plan IT requirements across several Enterprise, MAJCOM, and agency partners. * Familiarity with ICD/ICS 705 Standards as they pertain to networks. * DoD 8570 (Sec+ or applicable) IAT level II cert required * Active TS/SCI clearance with ability to gain SAP/SAR Preferred Requirements Experience working as a COMSEC responsible Officer or familiarity handling and safeguarding COMSEC Physical Requirements May require working in an office or laboratory environment. Capable of climbing ladders and tolerating confined spaces and extreme temperature variances. The listed salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, HII's Mission Technologies division takes a variety of factors into consideration which include, but are not limited to, the role's function and a candidate's education or training, work experience, and key skills. Together we are working to ensure a future where everyone can be free and thrive. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to ************************** and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call ************** for assistance. Press #3 for HII Mission Technologies.

: Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world's largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership. **Information Security Analyst 2** **Job Duties** + Governance, Risk, & Compliance (GRC) Application Subject Matter Expert - Operate and maintain Company's Governance, Risk and Compliance (GRC) platform, its libraries, reports, portals, and data integrations to effectively support operations, data accuracy and user processes. Serve as the primary liaison for GRC software vendors, by maintaining contact with vendor representatives, submitting troubleshooting tickets and software feedback to improve the user experience. Support Company's Enterprise Risk Management, Compliance, Vendor Management, Business Continuity Planning, Information Technology and Security, Project Management and Audit Programs with data entry, maintenance, and configuration. Develop, maintain, and distribute custom and ad hoc reporting of risk data including taxonomy analytics and Key Risk Indicators (KRI's). + Security Architecture & Control Design - Develop/integrate cybersecurity designs for systems and networks for the processing of company data. Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements. Ensure that acquired or developed systems and architectures are consistent with company's cybersecurity architecture guidelines. + Risk Assessment - Coordinate external risk assessments including audits, gap assessments, and penetration testing to evaluate security architectures and designs to determine the adequacy of security design and architecture. Determine protection needs (i.e., security controls) for company's information processing and document appropriately. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. + Incident Response Communication- Coordinate communication and information sharing aspects of incident response. Draft messages and updates to internal and external audiences for Incident Response Team (IRT) review, such as employees, customers, partners, media, or public. Handle crisis management issues and provides guidance and education on incident prevention and response best practices. Perform other duties as assigned. **Minimum Qualifications** + 2-4 years related experience + Associate's degree (Information Technology, Cyber Security, Computer Science) + Non-degree considered if 6+ years of related experience along with a high school diploma (GED) **Preferred Qualifications** Intermediate knowledge of various Information Security & Privacy Frameworks such as the Secure Controls Framework, NIST CSF, NIST 800-171, NIST 800-53, NIST Privacy Framework, ISO-27001, ISO-27701, GDPR, US & other global privacy regulations. Work experience in other Information Technology disciplines such as software development, help desk, networking, systems administration or similar in conjunction with professional certifications such as CASP+, CISSP Associate, or AWS Associate Level Certifications. Intermediate level of knowledge in at least one scripting or software development language such as PowerShell, Bash, Java, or Python. Good written and oral communication skills, deductive reasoning, and analytical investigative skills. Good interpersonal skills to facilitate positive relations between business groups. Requires excellent verbal and written communication skills, as well as a knowledge of company's culture and values. **Work Authorization:** Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future, are not eligible for hire. No agency calls please. **Compensation and Benefits:** Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and much more. EOE Veterans/Disabilities

Information Technology Manager 1 - Security & Compliance Manager- 20078290 (250008DD) Organization: CommerceAgency Contact Name and Information: ************************ or **************Unposting Date: OngoingPrimary Location: United States of America-OHIO-Franklin County Compensation: Pay range 16, step 1 $47.50/hr.Schedule: Full-time Work Hours: 8:00 am - 5:00 pm (Hours subject to change) Classified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: Information TechnologyTechnical Skills: Risk Management, CybersecurityProfessional Skills: Analyzation, Collaboration, Consultation, InnovationPrimary Technology: Security Monitoring Agency Overview This is a re-post. If you applied to posting 250006TA, you do not need to re-apply to be considered. The Mission of the Ohio Department of Commerce is promoting prosperity by protecting what matters most. The Division of Administration provides overall leadership and administrative support for all Divisions. The Division includes the Office of Director, Communications, Fiscal, Human Resources, IT, Legal and Legislative Affairs. As the state's chief regulator, the Department of Commerce impacts Ohioans every day. We are motivated by our mission to promote prosperity for businesses and licensees by protecting what matters most to the residents of our state. We ensure compliance through proactive outreach, education, and customer-focused service.Commerce is comprised of eight operating divisions and one standalone program that span a variety of industries including real estate, liquor, banking, securities, firefighting, construction and skilled trades, and cannabis. Through exceptional compliance practices and oversight, Commerce has a direct role in protecting Ohioans.Our Guiding PrinciplesMaking an IMPACT for the customer:InclusiveMotivatedProactiveAccountableCustomer-FocusedTeamwork Job DutiesThe IT Security Manager will serve in a management role with technical capabilities and strategic planning oversight; responsible for overseeing and managing security programs, projects, personnel, logical/technical administration, and security acquisitions. Our preferred candidate possesses the ability and experience to focus on reducing security risks throughout the infrastructure to an acceptable level, in alignment with the organizations business needs and requirements. They will be capable of identifying, establishing, and adhering to tactical plans for achieving set goals within a dynamic fast-paced environment. Duties include but are not limited to: Lead the team responsible for security assessments, developing risk-based solutions and controls frameworks. Serve as the subject matter expert for control validation in the Security team. Create/Update/Maintain IT Security Guidelines and Standards. Develop System Policies and establish system standards. Communicate security controls and remediate any concerns. Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations. Conduct, document, and report on internal and third-party risk program. Collaborate with the DAS OISP team to ensure successful delivery of security & business objectives. Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements. Be a highly analytical and effective communicator capable of influencing other teams and departments. Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.Qualifications8 1/2 years (102 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting; 18 months exp. in performing project management functions as defined in series purpose. -Or completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; additional 6 1/2 years (78 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting.; 18 mos. exp. in performing project management functions as defined in series purpose. -Or 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. Or in offices of statewide information technology policy & planning, positions require completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; 3 yrs. exp. in utilizing word processing software; 3 yrs. exp. in utilizing internet browser(s) for research; 54 mos. exp. which included following: knowledge of information technology architecture components, developing information technology strategic plans, preparing & making presentations/public speaking, writing information technology related policy & procedures, preparing & monitoring budget, providing cost & resources estimates, & contract management; 2 yrs. exp. in utilizing e-mail system; 18 mos. exp. in project management or lead role on information technology project;12 mos. exp. in utilizing spreadsheet software; 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. -Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skills: Information TechnologySupplemental InformationApplications must clearly indicate how the applicant meets the minimum qualification for the position. If you meet minimum qualification due to educational achievement, please submit a copy of your unofficial transcript(s) with your application. All answers to the supplemental questions must be supported by information provided in the work experience &/or education sections on your civil service application. Please do not use “see resume” as a substitution for the completed application; assumptions will not be made. Application Status: You can check the status of your application online by signing into your profile. Careers to which you've applied will be listed. The application status is shown to the right of the position title and application submission details. The final candidate selected for this position will be required to undergo a criminal background check as well as other investigative reviews. Criminal convictions do not necessarily preclude an applicant from consideration for a position, unless restricted under state or federal law or federal restrictions. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration.All final applicants tentatively selected for this position will be required to submit to urinalysis to test for illegal drug use prior to appointments. Testing will also be performed for the presence of marijuana. An applicant with a positive test shall not be offered employment unless the applicant submits medical documentation of legally prescribed medications or a recommendation for medical marijuana. Also, an applicant with a positive test will not be considered for any position with the State of Ohio for a period of one year.ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.