Information assurance officer jobs near me - 96 jobs

LendSwift is a modern, technology-driven consumer lending company on a mission to provide fast, transparent credit solutions to underserved borrowers. We deliver flexible lending products while maintaining the highest standards of compliance, security, and trust. Our sister company is GigFi, which provides merchant cash advances to gig workers and small businesses. We're seeking an experienced Chief Compliance Officer (CCO) / Chief Information Security Officer (CISO) to lead our compliance and information security programs. This executive will be a key member of the leadership team, ensuring LendSwift operates with full regulatory compliance and robust data security across all operations. The ideal candidate has deep expertise in consumer lending, a strong track record in bank partnership lending models, and proven success building and overseeing compliance and information security frameworks. Tasks Compliance: Maintain and improve a comprehensive Compliance Management System (CMS) that aligns with applicable federal and state consumer lending laws and regulations (e.g., TILA, ECOA, FCRA, GLBA, UDAAP). Manage and maintain strong working relationships with our bank partners, ensuring ongoing compliance with bank oversight requirements and participation in exams and audits. Oversee licensing, regulatory reporting, and interactions with federal and state regulators. Advise senior leadership on compliance risks, trends, and mitigation strategies. Lead compliance training, monitoring, and issue management programs. Information Security: Own the design and execution of our enterprise information security program to protect customer and company data. Ensure compliance with GLBA, SOC2, PCI DSS, and other applicable data security frameworks. Develop and enforce policies, procedures, and controls for data privacy, cybersecurity, and incident response. Oversee vendor due diligence and third-party risk management as it relates to information security. Report regularly to executive leadership and the Board on the state of information security. Requirements 8+ years of progressive leadership experience in compliance and/or information security in the consumer lending industry. Extensive knowledge of the bank partnership lending model and managing bank sponsor relationships. Hands-on experience with multi-state lending operations and regulatory requirements. Proven ability to lead, build, and scale compliance and security programs in a high-growth environment. Strong communication skills; comfortable engaging with regulators, bank partners, auditors, and legal counsel. Bachelor's degree required; JD, CIPP, CISSP, or other relevant certifications a plus. Benefits Highly flexible remote work environment. Unlimited PTO. Lean, AI-forward leadership team. The chance to shape compliance and security strategy for a growing fintech innovator. Competitive compensation and comprehensive benefits. #J-18808-Ljbffr

Posting Type Remote As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure. In this role, the main responsibilities will be to investigate and analyze emerging threats against our assets, identities, and clients. You will also provide actionable remediation guidance to end users and collaborate with highly skilled cyber experts to anticipate and mitigate evolving threats using world-class toolsets and next generation capabilities. Job Description and Requirements Responsibilities: Review, validation, and triage of alerts and technical analysis of log data from a diverse inventory of sensors, correlated signature logic, and threat intelligence sources. Assess the impact of security events by leveraging host, cloud and network-based indicators and evidence to deliver actionable incident escalations. Develop and deploy detection and prevention signatures with response actions as part of a layered defensive strategy leveraging multiple technologies and data types. Build automation to search through collected telemetry to detect and isolate advanced threats that evade existing security solutions. Create Standard Operating Procedures, SOC playbooks, configuration guides, and secure standards. Automate incident handling processes. Engage in the continuous research of emerging threats and apply appropriate countermeasures within the context of a rapidly changing environment. Serve as a subject matter expert in the mechanism and analysis of observed malicious activity. Clearly document and communicate investigation findings to both technical and executive stakeholders. Identify and automate away technical burden. Build automation to deploy, operate and connect multiple cyber security tools and applications. Preferred Qualifications: 7+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team for Cloud applications and corporate networks Exposure to threat detection development and tuning Experience in software design and development DevSecOps experience Ability to perform threat hunting, threat emulation, and/or purple teaming exercises Familiarity with industry standard security devices and their configuration Experience in reverse engineering malicious code to explore infection and propagation mechanisms Experience with threat intelligence tools and processes Certifications: One or more of the following certifications are preferred (GCFA, GCIA, GCIH, GNFA, GREM, OSCP, OSEP, OSED, OSWE, OSDA, OSCE3, CompTIA Security+, CCNA CyberOps, or CEH) 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Minimum Qualifications: 5+ years of experience in a Security Operations Center, Incident Response, or Threat Detection team Strong cyber incident response skills (such as: Network forensics, memory forensics, and/or packet analysis) Ability to read, write and analyze PowerShell, C#, and Python Capability to independently manage the prioritization of complex security events Advanced understanding of common SOC/CIRT operational processes and documentation Advanced knowledge of TCP/IP, network services, cryptography, cloud, and web application attacks Ability to collaborate within a global cross-functional team to execute on high-level objectives and drive the maturation of Relativity's security posture Deep understanding of infection mechanisms, malicious behavior, exploitation techniques, and mitigating controls Good understanding of tools, tactics, and procedures utilized by attackers to access private systems and data Strong analytical and problem-solving skills Ability to leverage programming and scripting languages to build automations and develop SOAR playbooks Relativity is committed to competitive, fair, and equitable compensation practices. This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives. The expected salary range for this role is between following values: $150,000 and $226,000 The final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position. Suggested Skills: Cybersecurity, Infrastructure Security, Network Security, Penetration Testing, Security Architecture Design, Security Audit, Security Information, Security Information and Event Management (SIEM), Security Operations, Vulnerability Management

Full-time Description Job Title: Information System Security Officer (ISSO) Job Type: Full-time Salary Range: $150,000 - $175,000 Dynanet started with a focus on IT infrastructure and operations, helping organizations enhance their networks and overcome the limitations of 1990s technology. From strengthening communication channels to introducing innovative ways to collaborate and share information, Dynanet played a crucial role in shaping the early stages of digital transformation. The company's efforts helped organizations build the very fabric of connectivity that now powers our modern world. Over the last three decades, Dynanet has grown into a trusted partner for organizations looking to innovate boldly and transform seamlessly. While technology continues to evolve and unlock new opportunities, for nearly 30 years, Dynanet remains committed to delivering cutting-edge solutions that drive lasting change for its customers. Through agility, foresight, and an unwavering dedication to excellence, Dynanet continues to empower organizations to thrive in a rapidly changing digital landscape. Our story is more than just a story of technology - it's a story of vision, growth, and transformation that has shaped the past and continues to pave the way for the future. About the Role: The Information System Security Officer (ISSO) is responsible for ensuring the security and compliance of organizational information systems by implementing, monitoring, and managing cybersecurity policies, procedures, and controls. The ISSO serves as a key resource for system security, compliance, and risk management, working to protect systems and sensitive information from cybersecurity threats. Roles & Responsibilities: Compliance and Risk Management: Ensure systems comply with security frameworks (e.g., RMF, NIST 800-53, FISMA) and manage ongoing system risk through assessments and reviews. Security Documentation: Develop, maintain, and update System Security Plans (SSPs), security assessments, and Plans of Action and Milestones (POA&Ms). Monitoring and Incident Response: Monitor information systems for vulnerabilities and security events, and coordinate incident response efforts where needed. Assessment and Authorization (A&A): Support the A&A process and ensure systems meet necessary requirements for Authority to Test (ATT) and Authority to Operate (ATO) or meet other regulatory accreditations. Vulnerability and Configuration Management: Perform regular vulnerability scans, monitor patch management, and ensure secure system configurations. Security Training and Awareness: Provide cybersecurity training and foster awareness among users to promote adherence to security policies. Collaboration with Stakeholders: Work with IT teams, management, and external authorities to maintain alignment on security goals and address identified risks. Required Professional Skills: Must have an existing CBP Full BI Certifications: CISSP, CAP, Security+, CISM, or other applicable certifications Dynanet Team Requirements and Expectations: Possess Strong written and verbal communication skills. Highly organized with an ability to prioritize, balance, and effectively advance multiple competing priorities in a high-volume, fast-paced environment. Ability to interact in a professional and collaborative manner with fellow Dynanet Teammates and the clients, and business partners that we work with. Ability and desire to challenge and educate yourself to support and advance IT services delivery in the Federal agencies we serve. Excellent judgment and creative problem-solving skills. Respond to team member and client requests via email, MS teams, or other communication means during core business hours. Active listening skills to understand clients' needs, and collaboration skills to work with other developers and designers. Education/Experience Requirements: Bachelor's degree in Cybersecurity, IT, or related field (or equivalent experience) Must have an existing CBP Full BI Education: Bachelor's degree in IT, Cybersecurity, or related field (or equivalent experience). Certifications: CISSP, CAP, Security+, CISM, or other applicable certifications Experience: Eight (8) years of experience in information security, risk management, or related fields. Skills: Knowledge of RMF, NIST standards, vulnerability management, incident response, and security tools (e.g., Nessus, SIEM). Employee Benefits Overview: Industry Competitive Compensation Medical and Dental Insurance Paid Time Off/Holidays 401(k) Retirement Plans with Matching Remote Work* (Contract dependent) Paid Training Employee Referral Program Employee Development Program

At Veza, we're building the next generation of Access Identity Security - and we're bringing GenAI into the core of that mission. We're seeking a Senior Backend Engineer who is excited to work on multi-agent systems, LLM-based automation, and Model Context Protocols (MCP) to transform how access control intelligence is built and delivered. This is a rare opportunity to operate at the frontier of LLM research and backend systems engineering, contributing to both the design of scalable architectures and the implementation of intelligent agents that reason, decide, and act. You will: Building APIs and backend services, test and evaluation frameworks in Python/Golang to support agentic workflows. Prototyping and productizing LLM-based capabilities into the identity access pipeline. Developing agent orchestration layers and working with frameworks like LangGraph or AutoGen. Designing systems around context-awareness, memory, and autonomous decision-making. You Have: Education: Bachelor's or Master's degree in Computer Science, Engineering, or a related field. Experience: 5+ years of backend development experience. Strong proficiency in one or more programming languages, such as Python, Golang, or Java. Experience designing and implementing RESTful APIs and Microservices Architectures. Experience with cloud platforms, such as AWS, Azure, or Google Cloud Platform, and familiarity with IAM services and features. Curiosity and/or experience with GenAI technologies, multi-agent systems, or prompt orchestration. Strong communication and interpersonal skills, with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders. Strong sense of Product feature Ownership - from Ideation to Deployment The compensation for this role depends on several factors such as the candidate's skills, qualifications, experience, and work location. For candidates offered a position at the posted job level, the provided range is the expected base salary. This does not include any additional variable compensation, such as commission. Compensation Disclosure $154,000-$210,000 USD Our Culture We're driven to build a strong company culture and are looking for individuals with solid alignment with the following: Ownership Mindset Act with Integrity Guardians of our Customers Opinionated Humility Build Trust, Earn Trust At Veza, your base pay is one part of your total compensation package. For this position, the reasonably expected pay range can be discussed with your recruiter for the level at which this job has been scoped. Your base pay will depend on several factors, including your experience, qualifications, education, location, and skills. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for equity and a competitive benefits package. Veza is proud to be an equal opportunity employer. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, or other applicable legally protected characteristics. We also consider qualified applicants according to applicable federal, state, and local laws. If a candidate with a disability requires an accommodation during the recruitment process, please email ******************* About Veza Veza is the identity security company. Identity and security teams use Veza to secure identity access across SaaS apps, on-prem apps, data systems, and cloud infrastructure. Veza solves the blind spots of traditional identity tools with its unique ability to ingest and organize permissions metadata in the Veza Authorization Graph. Global enterprises like Blackstone, Wynn Resorts, and Expedia trust Veza to visualize access permissions, monitor permissions activity, automate access reviews, and remediate privilege violations. Founded in 2020, Veza is headquartered in Redwood City, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures. Visit us at veza.com and follow us on LinkedIn, Twitter, and YouTube.

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR The Information Systems Security Officer (ISSO) is responsible for supporting the full lifecycle of security assessment and authorization (A&A) activities for information systems. The ISSO ensures that assigned systems comply with federal cybersecurity standards and maintain their Authority to Operate (ATO) through continuous monitoring and documentation. The ISSO will be responsible for developing and providing risk assessments, Security Control Assessments (SCA), A&A documentation and various reports, based on NIST guidelines and client's policies, procedures and request. The ISSO will be responsible for providing security recommendations on any system changes or new technologies, analysis on vulnerability scans, conducting continuous monitoring activities, and provide mitigation recommendations for any risks or threats. RESPONSIBILITIES: Lead and conduct Pre-Security Assessment and Authorization (A&A) activities, including stakeholder identification, change request submissions, appointment memorandums, and IT Security Kickoff meetings. Supports the ISBO in day-to-day IT security activities. Assists the ISBO with reviews of the security posture of the system and report any findings to the ISBO, CISO, and the AO. Conduct Information System Categorization by identifying information types, completing FIPS-199 assessments, and facilitating Business Impact Analyses (BIA), Privacy Threshold Analyses (PTA), and Privacy Impact Assessments (PIA). Develop and maintain system security documentation, including: System Administration Plan (SAM) Configuration Management Plan (CMP) IT Contingency Plan (ITCP) Information Security Continuous Monitoring (ISCM) Plan Incident Response Plan (IRP) Security Assessment Report (SAR) System Security Plan (SSP) Coordinate initial and annual ITCP testing in collaboration with the OCIO Business Continuity and Disaster Recovery (BCDR) Office. Develop and manage inter-agency agreements and documentation such as MOUs, MOAs, ISAs, IT Security Waivers, and Risk Acceptance Memorandums. Document and maintain Security Control Implementation details, ensuring updates are made according to required frequency. Coordinate vulnerability and compliance scans, Security Control Assessments (SCA), and track remediation efforts with the IT Security Test Team. Manage and update Plan of Action and Milestones (POA&M) entries, submitting remediated findings for closure. Prepare and present SAR to Authorizing Officials to obtain or renew ATO. Perform Information Security Continuous Monitoring (ISCM) activities to ensure ongoing compliance and security posture of systems. Develop and update project schedule, including A&A / SCA task and milestones, task dependencies, and personnel resources. Conduct A&A activities and tasks and obtain ATO in line with NIST and client guidance and directives. Determining the baseline IT Security requirements for IT Systems, identifying system boundaries, determining information categories, assisting with FIPS-199. Ensure that IT Systems are operated, used, maintained, and disposed of in accordance with internal security policies and practices. Enforce security policies and safeguards on all personnel having access to the IT System for which the ISSO has responsibility. Ensure users and system support personnel have the required authorization and need-to-know; have been indoctrinated; and are familiar with internal security practices before access to the IT System. Implement security controls based on IT System FIPS categorization. Document security control implementation in the system's Security Plan using the client's GRC tool. Document system's risk assessment per client directives and requirements. Review and monitoring system security and audit logs. Develop and maintain Plan of Actions and Milestones (POA&Ms) for IT systems. Update A&A documentation and artifacts on a regular basis (e.g. annually, after approved change). QUALIFICATIONS: A minimum of five (5) years of demonstrated experience in the Information Security or IT field. Demonstrates a proficiency with developing, maintaining and managing SA&A packages. Experience with developing and managing POA&M's. Strong problem solving and analysis skills, self-motivated, and able to work and communicate in a team environment. Strong understanding of federal cybersecurity frameworks (e.g., NIST RMF, FIPS-199, FISMA). Experience in developing and maintaining security documentation and plans. Possess experience conducting CPT's. Experience conducting audit log reviews. Technical experience with conducting vulnerability management, compliance scanning, and providing mitigation techniques. Excellent communication and coordination skills with technical and non-technical stakeholders. Ability to manage multiple systems and projects simultaneously in a dynamic environment. Excellent communication (written and verbal) skills. CERTIFICATION: A minimum of at least one (1) certification that meet DOD 8570 IAT Level II (e.g., Security+, GSEC, CASP) requirements or any equivalent or more advanced. CLEARANCE: Client Suitability and Public Trust LOCATION and HOURS: Location: Primary location is at Zermount HQ (Arlington, VA) and the Client Site (Washington, D.C.). Remote work is authorized. Onsite work at the primary location., may be occasionally required. Hours of Operation (Business Hours): 8:00 am ET - 5:30 pm ET

At The One 23 Group, our mission is to set the benchmark for excellence in government services. We empower our clients in the Department of Defense, intelligence community, and federal civilian sectors to excel with our advanced capabilities. Our dedication lies in fostering a people-first culture, underpinned by steadfast ethical principles. Embracing innovative technologies and process improvements, we are steadfast in our journey toward a future that is both bright and transformative. Our expertise spans consulting and analytics, digital workplace solutions, and cyber compliance. With our global footprint, we place a strong emphasis on nurturing our people and culture, which forms the core of our successful strategies in leadership and financial management. We pride ourselves on our extensive experience and effective approach, ensuring that we lead with both innovation and integrity. Responsibilities Contractor to provide cyber security management, oversight, and customer support for maintaining the continuity of DHS Management Information System compliance in accordance with DHS, National Institute of Standards and Technology (NIST), and other applicable Federal standards. This Position is 100% Remote. Applies specialized knowledge of sensitive system Cybersecurity requirements and Privacy Act requirements. Applies specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with NIST's Risk Management Framework and the Federal Risk and Authorization Management Program (FedRAMP). Applies specialized knowledge and experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, Federal Information Processing Standards (FIPS, and NIST guidelines. Applies knowledge of DHS Information Security Policy Directives and Handbooks is preferred. Applies knowledge and experience with standard IA concepts, practices, and procedures. Working independently to solve problems quickly and completely. Applies specialized experience with three (3) of the four (4) following criteria is required: Vulnerability scanning execution, assessment, and analysis. Operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN]). Information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies. Application security, database security, and network security. Possess ability to assess and weigh current and evolving security threats in an operational environment. Possess good oral and written communication skills. Team player who can collaborate with multiple stakeholders to arrive at the best solution. Qualifications Master's degree and 4 years of Cybersecurity & Federal Information Security Modernization Act (FISMA) experience, or a Bachelor's Degree and 5 years of Cybersecurity & FISMA experience or a total of 7 years of Cybersecurity & Federal Information Security Modernization Act (FISMA) experience Must be a US citizen with ability to obtain/maintain a Top Secret clearance Possesses one (1) of the following professional security certifications or can be obtained within six (6) months of hire: Certified Information System Security Professional (CISSP) CompTIA Advanced Security Practitioner (CASP) Certified Information Systems Auditor (CISA) Certified Ethical Hacker (CEH) Systems Security Certified Practitioner (SSCP) Certified Information Security Manager (CISM) GIAC Information Security Professional (GISP) GIAC Security Leadership (GSLC) We can recommend jobs specifically for you! Click here to get started.

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an Information Systems Security Officer in the United States.In this role, you will provide expert cybersecurity oversight and governance for mission-critical IT systems, ensuring compliance with federal frameworks and organizational policies. You will lead security risk management, continuous monitoring, and authorization processes while collaborating closely with system owners, engineering teams, auditors, and executive leadership. The position requires translating complex technical system details into actionable security requirements, overseeing vulnerability management, and guiding secure system design and modernization efforts. You will serve as a key security liaison, delivering insights and briefings to stakeholders and helping maintain a secure, compliant, and resilient IT environment. Strong analytical, communication, and federal cybersecurity expertise are essential.Accountabilities: Lead security compliance and governance activities aligned with federal standards such as NIST, FISMA, and organizational directives Manage and maintain system security documentation, including SSPs, SARs, POA&Ms, and risk assessments Oversee continuous monitoring, vulnerability remediation, and security control assessments to mitigate risks Provide guidance on secure system design, configuration changes, and integration efforts Support incident response activities, root cause analysis, and implementation of compensating controls Act as a security liaison to program leadership, system owners, and cybersecurity offices, preparing briefings and dashboards Collaborate with cross-functional teams to ensure security requirements are clearly understood and applied Requirements: 7+ years of experience as an ISSO or similar cybersecurity role supporting federal agencies Direct experience with VA environments, ATO processes, eMASS, Archer, CSAM, and applicable federal policies Strong understanding of NIST SP 800-53, RMF, FISMA, and federal cybersecurity governance Experience managing POA&Ms, vulnerability remediation, and continuous monitoring activities Ability to interpret technical system details and translate them into actionable security requirements Excellent communication skills, including executive-level reporting Ability to obtain and maintain a Public Trust clearance Preferred Experience: Support experience with federal healthcare or enterprise IT programs (e.g., VA OIT, EHRM, VHA, VBA, ICAM) Familiarity with cloud security platforms such as AWS, Azure, or VAEC Security certifications such as CISSP, CAP, or Security+ Experience with Zero Trust architectures, identity modernization, or large-scale federal IT transformations Benefits: Comprehensive medical, dental, and vision coverage Wellness programs to support employee health 401(k) retirement plan with company matching Short-term and long-term disability insurance Life insurance coverage Employee Assistance Program Education and professional training support Generous leave policy including federal holidays, PTO, and military leave Why Apply Through Jobgether?We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.We appreciate your interest and wish you the best! Why Apply Through Jobgether? Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time. #LI-CL1

[ABOUT ISTARI DIGITAL]Istari is a digital engineering software company enabling our customers to turn the physical world into the digital to accomplish their specific mission or business objectives. Istari was founded with the vision of making open, scalable digital engineering ecosystems a reality - where new technologies and systems are created digitally, free from the real-world constraints of costs and schedules. We are creating the world's best engineering model sharing platform, allowing our customers to simply and securely integrate their models across different engineering disciplines, organizations, and security levels. At Istari, we are passionate about our mission of creating the world's first open and scalable industrial metaverse. Whether our customers are designing prototypes, performing virtual testing, or training AI and autonomy for complex systems, we know that going digital will save them time, resources, and reduce their environmental impact. While we are a distributed team with most team-members working remotely, we place an emphasis on staying connected and collaborative, prioritizing in-person opportunities to build trust as a team. At Istari, we still believe that trust is best built in-person. To do this, we have an engineering headquarters in Cambridge, MA for focused technical development and several times per year we gather for an off-site that allows us to develop our professional skills and our team relationships. [VALUES]At Istari, we live by our values, which include: - Focus is rewarded. Finish is remembered. - Facts are friendly. Even when they are not fun.- Fellowship is fundamental. Make others successful. Equal Opportunity Istari is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. We are seeking a highly experienced and knowledgeable Information System Security Officer (ISSO) to join our Cybersecurity team. The ISSO will serve as a principal advisor on all matters, technical and otherwise, involving the cybersecurity of information systems under their purview. This role requires a deep understanding of cybersecurity principles, practices, and frameworks, as well as the ability to develop, implement, and evaluate information system security program policy consistent with Federal and Commercial regulatory requirements, both on premises and in cloud environments. The ISSO will work closely with various stakeholders across the organization to ensure the confidentiality, integrity, and availability of our information systems.Key Responsibilities Serve as the principal advisor on all matters involving the cybersecurity of assigned information systems. Develop, implement, and evaluate information system security program policy consistent with Federal and Commercial regulatory requirements, including JSIG, NIST 800-171, NIST 800-53, CMMC, and ITAR. Conduct risk assessments and identify vulnerabilities in information systems. Develop and implement security controls to mitigate identified risks. Monitor and evaluate the effectiveness of security controls. Develop and deliver cybersecurity awareness training to employees. Investigate security incidents and breaches. Maintain security documentation, including system security plans (SSPs), risk assessments, and incident reports. Stay up-to-date with the latest cybersecurity threats and vulnerabilities. Collaborate with the engineering and customer success teams to ensure secure implementation and configuration of systems. Required Qualifications Active Top Secret Security Clearance, with SCI eligibility. Minimum of 5 years of experience in a relevant field. Deep understanding of cybersecurity principles, practices, and frameworks, including JSIG, NIST 800-171, NIST 800-53, ITAR, ISO, and CMMC. Experience with risk assessments, vulnerability identification, and security control implementation. Experience with security incident investigation and response. Excellent communication and collaboration skills, with the ability to effectively communicate with both technical and non-technical audiences. Strong analytical and problem-solving skills. Relevant certifications (e.g., Sec+, CISSP, CISM). Must be a US citizen living within the United States. Preferred Qualifications Bachelor's degree in computer science, information systems, or a related field. Experience with SOC compliance and audits. BENEFITSWe offer highly competitive benefits, including: Health and Family- Medical/Dental/Vision- Employee Premiums are 100% Company Paid- Life Insurance- Flexible Work Hours - Unlimited Paid Time Off (PTO) with federal government holidays Financial- Competitive Compensation - 401k - Company Stock Options- Home Office Setup Budget Learning- Reimbursement for approved trainings and subscriptions- Conferences (travel, lodging, and fees) Note - some benefits are not available to interns or contractors. Thank you for your interest in Istari. Expect to hear back from us soon with next steps.

Watershed Security, is a Veteran Owned Small Business with over 20 years' Cybersecurity and Government Contracting experiencing. Watershed is looking for a Senior Information Systems Security Officer (ISSO) to support the Naval Surface Warfare Center (NSWC) in Philadelphia, PA. The successful candidates will have experience coordinating and enacting required security changes, with in various levels of an organization, ensuring compliance with published policies; conducting cybersecurity vulnerability and threat analysis; and support cyber incident-response by isolating potentially effected assets, initial investigation and data collection, through status updates/reporting. REQUIRED QUALIFICATIONS Bachelor's degree in computer science, information technology, communications systems management, or an equivalent science, technology, engineering & mathematics (STEM) degree from an accredited college or university. Must have at least one of the following active certifications: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, Years of Experience: 6 years practical experience in a cybersecurity or A&A related field. Collaborate with various levels of the organization to implement required security changes and ensure compliance with established security policies and standards. Conduct comprehensive cybersecurity vulnerability and threat assessments to identify and mitigate risks to information systems. Lead cyber-incident-response efforts, including isolating affected systems, conducting initial investigations, collecting relevant data, and providing status updates and reports to leadership. Provide guidance on best practices and recommend improvements to the organization's security posture. Perform risk assessments and develop mitigation strategies to protect sensitive data from internal and external threats. Support continuous monitoring of information systems and provide regular status reports on security compliance. Maintain up-to-date knowledge of emerging cybersecurity threats and industry best practices. Clearance Level: SECRET; US Citizen. Ability to possibly provide onsite support in Philadelphia, PA or Norfolk, VA. Some/all remote work may be an option, however the norm will be onsite support. This will be dependent upon customer needs and classification level of work being performed. Some travel may be required. Experience with the Navy RMF Process Guide (RPG), and Navy A&A tools such as ACAS, eMASS and eMASSter. Proficient with Microsoft Office Suite (Word, Excel, Teams, Project). Self Starter; detail oriented; able to brief senior level staff. DESIRED QUALIFICATIONS Experience supporting 10 or more Navy Packages (achieving and/or maintaining ATO) Experience with the NAVSEA RMF Business Rules Contingent upon award PAY RANGE Final salary is influenced by factors such as location, contract labor categories, experience, skills, education, and certifications. Watershed offers competitive compensation, medical and dental benefits, educational reimbursement, 401K plans with matching, 15 days of PTO to start and 11 paid holidays per year. The proposed salary range for this position is: $70,000.00 - $100,000.00 USD. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

At Crypto.com, our dedication to user security is led by our highly experienced Security Team. Comprising an international roster of seasoned cybersecurity experts, our team leads the company's Security, Privacy, and Security Compliance endeavors. The team includes holders of international patents for technologies integrated in our security architecture. Under the stewardship of a distinguished CISO recognized by the Forbes Technology Council and among the Global Top 100 CISOs, our team has consistently championed industry standards, acquiring certifications like ISO27001, ISO27701, ISO22301, PCI:DSS 3.2.1 (Level 1), NIST Tier 4, and SOC 2 Type II, in addition to the MPI License from Singapore MAS. Our Chief Information Security Officer reports directly to the CEO, underscoring the prioritization of security in our organization's hierarchy. Our Security Team not only places great emphasis on credentials and expertise but also deeply values hands-on experience, rapid cognition, and dynamic learning. The challenges in the world of crypto are ever-evolving, and as such, our team prides itself on quick adaptability and robust teamwork, ensuring that we stay ahead of potential threats and always safeguard our user base. About the Role As our Security Compliance Senior Analyst, you will be tasked with security compliance activities along with our journey. You are expected to take the initiative to assist us with several security compliance programs and certifications. You are required to address and review compliance gaps and give recommendations and support on remediation activities. You will also be trusted to provide technical advice to ensure that security compliance requirements are met throughout all business units. This role requires technical knowledge of network security, especially on-prem and cloud native architectures. A familiarity with US derivatives regulatory frameworks would be advantageous. Job Responsibilities: Assist in our security compliance programs, including ISO27001, ISO27701, PCI-DSS, SOC2 Type 2, and local regulations Participate in internal security and privacy assessments, internal and external audits, compliance certifications, and risk management Provide complete and accurate responses to internal and third-party enquiries on security compliance Perform security compliance assessment activities, including periodic technical, organizational, and third-party risk and control assessments, and managing remediation activities to completion Design and manage necessary control and framework required to comply with international standards and US local regulations Identify and drive process improvements for streamlining global security compliance operations Qualifications: 3-5 years of experience in information security, privacy, IT audit or IT risk management related roles. Prefer experience with one or more of the following: In-house security and privacy operations, conducting security control assessments, risk assessments or audits. Prefer experience with any of the following: ISO27001, ISO27701, SOC1, SOC2, PCI, SOX, COSO, cloud technologies, and data protection regulations and requirements. Ability to analyze and review US and Global privacy and information security compliance and provide guidance. Holders of security-related certifications/qualifications will be an advantage: CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, CIPP/E, or other relevant certifications Experience leading compliance initiatives and working with auditors and/or external regulators It's a plus if you: Have experience in information security and privacy management in virtual assets, fintech, online services, platform services, or global services. Have experience in establishing information security and privacy framework to meet US regulations, (CFTC, FINRA, SEC, and other US based regulators.) Are a strong commitment to personal learning and development Are detail minded with an analytical mindset Have good communication skills with an ability to explain complex technical issues to non-technical business users Have prior experience with project management Have an interest and understanding of Blockchain and AI technologies ***************** Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.Transformational and proactive working environment. Empower employees to find thoughtful and innovative solutions.Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet. Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us - our internal mobility program offers employees a new scope. Are you ready to kickstart your future with us? BenefitsCompetitive salary Attractive annual leave entitlement including: birthday, work anniversary 401(k) plan with employer match Eligible for company-sponsored group health, dental, vision, and life/disability insurance Work Flexibility Adoption. Flexi-work hour and hybrid or remote set-up Aspire career alternatives through us. Our internal mobility program can offer employees a diverse scope. Our Crypto.com benefits packages vary depending on region requirements, you can learn more from our talent acquisition team. About Crypto.com:Founded in 2016, Crypto.com serves more than 150 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, Crypto.com is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem. Learn more at ******************* Crypto.com is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. Crypto.com values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team. Personal data provided by applicants will be used for recruitment purposes only. Please note that only shortlisted candidates will be contacted.

Job DescriptionSenior Systems Engineer SAP Security & GRC, immediate start. I am working with a Pharmaceutical client with an urgent requirement for a Senior Systems Engineer to own and drive their SAP Security & GRC roadmap across S/4HANA and adjacent platforms (Ariba, MDG, BTP). What you'll do: Define and maintain SAP security guidelines, SoD frameworks, and compliance controls (SOX, GxP, ITGC) Lead SAP GRC 12.x (ARM, ARA, BRM, EAM, access certifications) implementations, role design, and CHARM workflows Support upgrades, Greenfield implementations, and security enhancements Serve as primary contact for audits, KPI reporting, and continuous improvement initiatives Explore AI/ML solutions for predictive access analytics and compliance automation The ideal consultant will have: 78 years of SAP Security & GRC experience, including S/4HANA and Fiori-role design Hands-on experience with SAP GRC 12.x modules and CHARM processes Deep knowledge of access-management principles, SoD analysis, SOX/GxP compliance, and ITGCs Experience across SAP applications: Ariba, MDG, GTS, BTP, ATTP Excellent troubleshooting, communication, and stakeholder collaboration skills Work remote temporarily due to COVID-19.

Primary Responsibilities: Execute and support the Risk Management Framework (RMF) lifecycle including system categorization, control selection, implementation, assessment, and authorization. Develop, maintain, and validate System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans (CPs), and related compliance documentation. Conduct and lead vulnerability assessments, leveraging tools such as Nessus, ACAS, and Fortify to identify and prioritize remediation efforts. Perform continuous monitoring of security controls and produce metrics, dashboards, and evidence in support of ATO renewals and sustainment. Analyze and respond to security incidents, working with SOC personnel and SIEM tools to evaluate logs, investigate events, and contain potential threats. Conduct internal audits and risk assessments to validate the effectiveness of implemented controls and identify compliance gaps. Provide security guidance to engineering and development teams, ensuring adherence to cybersecurity standards in a DevSecOps environment. Stay informed of evolving threats, vulnerabilities, and regulatory changes to proactively enhance security postures. Coordinate with Security Control Assessors (SCAs), ISSOs, system owners, and federal stakeholders on audit readiness and policy compliance. Draft and enforce cybersecurity policies, SOPs, and standards that support mission-critical systems across hybrid environments. All other duties as assigned by management. Qualifications Bachelor's or Associate's degree in Computer Science, Math, Information Technology, Engineering, or related field. Five (5) years of directly relevant experience may substitute for two (2) years of formal education. Minimum of five (5) years of experience in experience with vulnerability scanning tools and security assessment methodologies. Minimum of five (5) years of experience with network security, firewall management, intrusion detection/prevention systems (IDS/IPS). Minimum of (5) years of experience with Security Information and Event Management (SIEM). Minimum of five (5) years of experience in the risk management framework. Basic knowledge of the following: Active Directory, UNIX, RHEL, Windows, Relational Databases. Previous support of federal government enterprise systems or DHS/DOD programs is strongly preferred. Must have an active DoD Secret Clearance.

The Information Security Specialist/Analyst III reports to the Manager, Security Operations. Under indirect supervision, the Information Security Specialist/Analyst III provides a variety of operational, compliance, and consultative functions. This position designs, implements, manages, and monitors technical, administrative, and physical controls to protect the confidentiality, integrity, and availability of the organization's information assets. This role may be required to provide rotating 24x7 on-call support. Entity Medical University Hospital Authority (MUHA) Worker Type Employee Worker Sub-Type Regular Cost Center CC005101 SYS - IS Tidelands Integration Pay Rate Type Salary Pay Grade Health-29 Scheduled Weekly Hours 40 Work Shift We are seeking a highly skilled and experienced Senior Information Security Analyst to join our team. This role is critical in safeguarding our complex healthcare IT environment and ensuring compliance with industry standards. Key Responsibilities: 45% - Network Security Monitoring and Incident Response: Serve as a lead escalation point for security incidents, overseeing detection, investigation, containment, and remediation within a CrowdStrike EDR environment across a healthcare infrastructure. Experience with Microsoft Defender for Endpoint EDR is also desired. Analyze findings from security monitoring systems, including Intrusion Detection/Prevention Systems (ID/PS) and Security Information Event Management (SIEM) consoles, to identify and respond to potential security incidents and data breaches. Perform cyber security incident handling, tracking and reporting. Utilize professional judgment and institutional knowledge to assess risk levels, conduct forensic investigations, isolate malware, identify attack vectors, provide guidance on remediation planning, and prioritize remediation efforts. Respond to relevant service requests received from end users (e.g. for investigation of security events). Collaborate with internal Security Operations Center (SOC) teams and external Managed Security Service Providers (MSSPs) to contain and remediate security incidents. 20% - Security Technology management: Configure, manage, and optimize SIEM platforms (Crowdstrike and/or Microsoft Sentinel) to enhance threat detection and response capabilities. Lead and manage large scale security-related projects, including tool implementations, upgrades, and process improvements. 10% - Vulnerability Management: Conduct vulnerability assessments to identify security risks and report findings to system owners. Manage workflows to ensure that protected assets are properly assessed in a timely manner. 15% - Threat Analysis Continuously evaluate and update analytics to counter evolving Threat Actor tactics, techniques, and procedures (TTPs). Perform risk assessments and translate business requirements into effective security controls. Maintain comprehensive documentation and present findings to stakeholders in a clear and actionable manner. 10% - Security Awareness: Create and deliver security awareness training for technical and non-technical audiences. Additional Job Description Required Education/Skills/Work Experience: A Bachelor's degree in information security, information assurance, computer science, or a related field with 5 years of IT security experience; or 10 years of hands-on experience in information security or related IT experience required, at least 6 of which must be directly related IT security experience; or a Master's degree in information security, information assurance, computer science, or a related field, and 3 years of IT security experience required. Advanced knowledge of information security principles, risk management, and regulatory compliance (HIPAA, FERPA, NIST, etc.). Strong analytical and problem-solving skills with the ability to make decisions under pressure. Hands-on experience with Crowdstrike EDR, SIEM, IDS/IPS, vulnerability management, and threat intelligence tools. Familiarity with cloud security (Azure, AWS) and identity management solutions. Advanced Understanding on the administration and securing of various operating systems and enterprise applications with advanced security best practices. Excellent written and verbal communication skills, with the ability to translate technical findings into business-relevant language. Mentor junior analysts and contribute to the development of security standards, procedures, and playbooks. Highly Desired Certifications: CISSP, CISM, GIAC, or equivalent. Physical Requirements Mobility & Posture Standing: Continuous Sitting: Continuous Walking: Continuous Climbing stairs: Infrequent Working indoors: Continuous Working outdoors (temperature extremes): Infrequent Working from elevated areas: Frequent Working in confined/cramped spaces: Frequent Kneeling: Infrequent Bending at the waist: Continuous Twisting at the waist: Frequent Squatting: Frequent Manual Dexterity & Strength Pinching operations: Frequent Gross motor use (fingers/hands): Continuous Firm grasping (fingers/hands): Continuous Fine manipulation (fingers/hands): Continuous Reaching overhead: Frequent Reaching in all directions: Continuous Repetitive motion (hands/wrists/elbows/shoulders): Continuous Full use of both legs: Continuous Balance & coordination (lower extremities): Frequent Lifting & Force Requirements Lift/carry 50 lbs. unassisted: Infrequent Lift/lower 50 lbs. from floor to 36”: Infrequent Lift up to 25 lbs. overhead: Infrequent Exert up to 50 lbs. of force: Frequent Examples: Transfer 100 lb. non-ambulatory patient = 50 lbs. force Push 400 lb. patient in wheelchair on carpet = 20 lbs. force Push patient stretcher one-handed = 25 lbs. force Vision & Sensory Maintain corrected vision 20/40 (one or both eyes): Continuous Recognize objects (near/far): Continuous Color discrimination: Continuous Depth perception: Continuous Peripheral vision: Continuous Hearing acuity (with correction): Continuous Tactile sensory function: Continuous Gross motor with fine motor coordination: Continuous Selected Positions: Olfactory (smell) function: Continuous Respirator use qualification: Continuous Work Environment & Conditions Effective stress management: Continuous Rotating shifts: Frequent Overtime as required: Frequent Latex-safe environment: Continuous If you like working with energetic enthusiastic individuals, you will enjoy your career with us! The Medical University of South Carolina is an Equal Opportunity Employer. MUSC does not discriminate on the basis of race, color, religion or belief, age, sex, national origin, gender identity, sexual orientation, disability, protected veteran status, family or parental status, or any other status protected by state laws and/or federal regulations. All qualified applicants are encouraged to apply and will receive consideration for employment based upon applicable qualifications, merit and business need. Medical University of South Carolina participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here: ***************************************

IDEALFORCE has a CONTRACT position available immediately for a IT Security Specialist(ITSS2) to join our customer in Columbus, OH. This is an ONSITE position and require in person interview. Please find below additional details about this job. Job Description Security Consultant to help IT Augment the security staff until OIT can take over all Security related needs for the agency. This position will function as a highly skilled Security Consultant with specific responsibilities that include: -Monitor network and information system activity. -Respond to alerts (analyze, interpret, investigate, resolve) based on monitoring activity, for security (malware, malicious actor), and other purposes (malicious activity, misuse, etc.) Uses creativity and innovation to automate and streamline processes and procedures. -Understands customer support, likes to work with people and can ensure that the customer is satisfied. -Manage, update, modify alerts, adjust/fine tune event correlation rules, etc. (e.g. filter false positives, increase accuracy/relevance/effectiveness), create new rules based on threat changes/evolving risk, etc. -Understanding of basic Networking principles, including network troubleshooting for connectivity issues, DHCP, DNS, use of tools like PING, NSLOOKUP and NETSTAT -Perform specialized security functions (e.g. forensics for incident response). -Perform event correlation, analysis of malicious activity indicators, and appropriate response, based on review and access to multiple security tools and services. -Provide routine security and general support (tickets, ad-hoc requests, etc.) to all DPS departments/users, IT groups/resources, external (other state agencies, public), etc. SPECIAL NOTE: Client is running a 24/7 operation. Consultant may need to come in during incident or emergency situations. During the interview process with the ODPS staff, the resource consultant must demonstrate competence/experience in their specific area(s) of project assignment. The resource's experience must also be documented for review and verification. Offered resources not showing technical or functional competence/experience will be sufficient reason to reject the Offeror's proposal. It is the responsibility of the Offeror to pre-screen their candidates to ensure compliance. Resource will have a background check conducted by ODPS. Qualifications -1-2 Years SIEM (Q-Radar preferred) -8 years customer service experience -8 Years Troubleshooting experience -8+ years knowledge of Networking to including PING, NETSTAT, DHCP, DNS, and NSLOOKUP. -8 years' experience with Active Directory. -4 Years experience with Web and Email Filtering and Security (Ironport) -5+ Years experience with Imperva (DAM/WAF) -1 years of Vulnerability scanning experience (Qualys) -3 years A/V suite experience McAfee -3 years IPS (IBM) -Contributes to continuous process improvements to increase the efficiency of section. -Excellent communication skills both written and oral. -Strong communication/ leadership skills. -Strong influence, collaboration and negotiation experience. -Ability to collaborate with supporting resources across business and/or functional lines. -Have excellent oral and written skills/possess strong meeting and work session facilitation skills. -Have the ability to work independently and as part of a team, the ability to manage time and resources to meet assigned deadlines. -Have strong understanding of prioritization stemming from the elicitation of system and/or user requirements. -Have excellent organizational skills, proven analytical, planning, problem solving, and decision-making skills. -Must be knowledgeable in the English language/speak clearly and understandably use the English language. Desired Skills -Q-Radar -Ironport Web and Email Security -Imperva -Certifications in Microsoft -Powershell 3.0 scripting background. -Qualys -McAfee Enterprise solutions -IPS -Splunk -Other security related tools. -ITIL Knowledge and ITSM Tools. Additional Information Additional Information : - "All your information will be kept confidential according to EEO guidelines". - All candidates who are authorized to work in US are encouraged to apply. - Candidates must clear the Background check prior to commencing the assignment. THIRD PARTY CANDIDATES: Email your candidate/s resume to joseph dot shelton at idealforce.com along with the following details: Rate, Current location and Availability. Disclaimer : The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.

Why PlayStation? PlayStation isn't just the Best Place to Play - it's also the Best Place to Work. Today, we're recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation 5, PlayStation 4, PlayStation VR, PlayStation Plus, acclaimed PlayStation software titles from PlayStation Studios, and more. PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Group Corporation. Sony Interactive Entertainment LLC seeks a Staff Information Security Analyst in San Mateo, CA to define strategic GRC (Governance, Risk and Compliance) input in global initiatives, including Artificial Intelligence (AI) and Machine Learning (ML) adoption, cloud security, and enterprise wide policies, ensuring resilience while balancing business and regulatory needs. Requires a Master's degree in Cybersecurity, Information Security, or related field or equivalent, and four (4) years of experience conducting risk assessments on critical information systems to maintain and manage risk registers; facilitating the Security Risk Assessment methodology, policy, strategy and process; writing security assessment reports following security breaches and detailing the associated impact; monitoring and reviewing IT Security controls to identify operational effectiveness; mapping security controls to policies, standards, procedures and processes to ensure compliance with security measures; managing security remediation efforts and tracking status of security deficiencies; translating security risk mitigation plans into actionable items to mitigate risk in coordination with technical and business teams; developing and implementing policy frameworks for emerging technologies, including AI/ML and cloud security, with governance and legal stakeholders; applying industry standards including NIST, ISO 27001, and PCI DSS in support of organizational security objectives; supporting the evaluation of third-party vendor security through documentation review and risk assessment; contributing to the enhancement of vendor onboarding and compliance workflows; and, in executing duties, utilizing Archer GRC, ServiceNow, Splunk, JIRA, Confluence, SharePoint, Palo Alto Prisma Cloud and AWS. Telecommuting and/or working from home may be permissible pursuant to company policies. Sony is an EOE. Salary range: $185,639.00 - $261,000.00/year Equal Opportunity Statement: Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category. We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond. PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.

The Information Security Specialist/Analyst III reports to the Manager, Security Operations. Under indirect supervision, the Information Security Specialist/Analyst III provides a variety of operational, compliance, and consultative functions. This position designs, implements, manages, and monitors technical, administrative, and physical controls to protect the confidentiality, integrity, and availability of the organization's information assets. This role may be required to provide rotating 24x7 on-call support. Entity Medical University Hospital Authority (MUHA) Worker Type Employee Worker Sub-Type Regular Cost Center CC005101 SYS - IS Tidelands Integration Pay Rate Type Salary Pay Grade Health-29 Scheduled Weekly Hours 40 Work Shift We are seeking a highly skilled and experienced Senior Information Security Analyst to join our team. This role is critical in safeguarding our complex healthcare IT environment and ensuring compliance with industry standards. Key Responsibilities: 45% - Network Security Monitoring and Incident Response: * Serve as a lead escalation point for security incidents, overseeing detection, investigation, containment, and remediation within a CrowdStrike EDR environment across a healthcare infrastructure. Experience with Microsoft Defender for Endpoint EDR is also desired. * Analyze findings from security monitoring systems, including Intrusion Detection/Prevention Systems (ID/PS) and Security Information Event Management (SIEM) consoles, to identify and respond to potential security incidents and data breaches. * Perform cyber security incident handling, tracking and reporting. * Utilize professional judgment and institutional knowledge to assess risk levels, conduct forensic investigations, isolate malware, identify attack vectors, provide guidance on remediation planning, and prioritize remediation efforts. * Respond to relevant service requests received from end users (e.g. for investigation of security events). * Collaborate with internal Security Operations Center (SOC) teams and external Managed Security Service Providers (MSSPs) to contain and remediate security incidents. 20% - Security Technology management: * Configure, manage, and optimize SIEM platforms (Crowdstrike and/or Microsoft Sentinel) to enhance threat detection and response capabilities. * Lead and manage large scale security-related projects, including tool implementations, upgrades, and process improvements. 10% - Vulnerability Management: * Conduct vulnerability assessments to identify security risks and report findings to system owners. * Manage workflows to ensure that protected assets are properly assessed in a timely manner. 15% - Threat Analysis * Continuously evaluate and update analytics to counter evolving Threat Actor tactics, techniques, and procedures (TTPs). * Perform risk assessments and translate business requirements into effective security controls. * Maintain comprehensive documentation and present findings to stakeholders in a clear and actionable manner. 10% - Security Awareness: * Create and deliver security awareness training for technical and non-technical audiences. Additional Job Description Required Education/Skills/Work Experience: * A Bachelor's degree in information security, information assurance, computer science, or a related field with 5 years of IT security experience; or 10 years of hands-on experience in information security or related IT experience required, at least 6 of which must be directly related IT security experience; or a Master's degree in information security, information assurance, computer science, or a related field, and 3 years of IT security experience required. * Advanced knowledge of information security principles, risk management, and regulatory compliance (HIPAA, FERPA, NIST, etc.). * Strong analytical and problem-solving skills with the ability to make decisions under pressure. * Hands-on experience with Crowdstrike EDR, SIEM, IDS/IPS, vulnerability management, and threat intelligence tools. * Familiarity with cloud security (Azure, AWS) and identity management solutions. * Advanced Understanding on the administration and securing of various operating systems and enterprise applications with advanced security best practices. * Excellent written and verbal communication skills, with the ability to translate technical findings into business-relevant language. * Mentor junior analysts and contribute to the development of security standards, procedures, and playbooks. Highly Desired Certifications: * CISSP, CISM, GIAC, or equivalent. Physical Requirements * Mobility & Posture * Standing: Continuous * Sitting: Continuous * Walking: Continuous * Climbing stairs: Infrequent * Working indoors: Continuous * Working outdoors (temperature extremes): Infrequent * Working from elevated areas: Frequent * Working in confined/cramped spaces: Frequent * Kneeling: Infrequent * Bending at the waist: Continuous * Twisting at the waist: Frequent * Squatting: Frequent * Manual Dexterity & Strength * Pinching operations: Frequent * Gross motor use (fingers/hands): Continuous * Firm grasping (fingers/hands): Continuous * Fine manipulation (fingers/hands): Continuous * Reaching overhead: Frequent * Reaching in all directions: Continuous * Repetitive motion (hands/wrists/elbows/shoulders): Continuous * Full use of both legs: Continuous * Balance & coordination (lower extremities): Frequent * Lifting & Force Requirements * Lift/carry 50 lbs. unassisted: Infrequent * Lift/lower 50 lbs. from floor to 36": Infrequent * Lift up to 25 lbs. overhead: Infrequent * Exert up to 50 lbs. of force: Frequent * Examples: * Transfer 100 lb. non-ambulatory patient = 50 lbs. force * Push 400 lb. patient in wheelchair on carpet = 20 lbs. force * Push patient stretcher one-handed = 25 lbs. force * Vision & Sensory * Maintain corrected vision 20/40 (one or both eyes): Continuous * Recognize objects (near/far): Continuous * Color discrimination: Continuous * Depth perception: Continuous * Peripheral vision: Continuous * Hearing acuity (with correction): Continuous * Tactile sensory function: Continuous * Gross motor with fine motor coordination: Continuous * Selected Positions: * Olfactory (smell) function: Continuous * Respirator use qualification: Continuous * Work Environment & Conditions * Effective stress management: Continuous * Rotating shifts: Frequent * Overtime as required: Frequent * Latex-safe environment: Continuous If you like working with energetic enthusiastic individuals, you will enjoy your career with us! The Medical University of South Carolina is an Equal Opportunity Employer. MUSC does not discriminate on the basis of race, color, religion or belief, age, sex, national origin, gender identity, sexual orientation, disability, protected veteran status, family or parental status, or any other status protected by state laws and/or federal regulations. All qualified applicants are encouraged to apply and will receive consideration for employment based upon applicable qualifications, merit and business need. Medical University of South Carolina participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here: ***************************************

Title: Information Security SME/Developer with .NET development Duration : 5 Months contract (High possibility of Extension) Interview Type: Both iLinc Web Cam and In Person Interview Skills Required Experience working in Microsoft Identity Integration Server (MIIS) 2003 Required 2 Years Experience with Identity Lifecycle Manager (ILM) 2007 Required 2 Years Experience with Forefront Identity Manager (FIM) 2010 including design and implementation Required 2 Years Experience and strong development skills in the MS Metadirectory Services Namespace in C# Required 2 Years .NET development experience Required 5 Years Thanks Naimesh Solanki Sr. Technical Recruiter Phone: ************ x 6578 Qualifications Experience working in Microsoft Identity Integration Server (MIIS) 2003 Required 2 Years Experience with Identity Lifecycle Manager (ILM) 2007 Required 2 Years Experience with Forefront Identity Manager (FIM) 2010 including design and implementation Required 2 Years Experience and strong development skills in the MS Metadirectory Services Namespace in C# Required 2 Years Additional Information All your information will be kept confidential according to EEO guidelines.

United Community is seeking an experienced Information Security Controls Analyst to serve as a subject matter expert in evaluating and strengthening our cybersecurity and technology controls. This role plays a critical part in assessing risk exposure, recommending control improvements, and ensuring alignment with regulatory standards and business risk tolerance. You'll collaborate with enterprise risk, compliance, and legal teams to provide visibility into our risk posture and drive meaningful change across the organization. What You'll Do Review and document the adequacy of security and technology controls across business and IT environments. Evaluate control posture through interviews, documentation reviews, and workflow analysis. Recommend and support implementation of risk reduction strategies via policies, procedures, and technical controls. Partner with risk management and security leadership to align controls with organizational risk tolerance. Identify control strengths and weaknesses related to privacy, security, resiliency, and compliance. Document and advocate for control improvements that balance risk with operational efficiency. Support control development across testing, QA, and production environments. Present control effectiveness reports to senior risk leadership. Stay current on regulatory requirements, internal policies, and industry best practices. Requirements For Success Experience: 3+ years in cybersecurity or IT practitioner roles. 2+ years in IT risk or controls analysis. Practical experience with risk management and IT control frameworks. Education: Bachelor's degree preferred in Information Assurance, Computer Science, Engineering, or a related technical field. Required Skills: Strong understanding of risk frameworks (CRI, COSO, RMF, COBIT, NIST). Familiarity with regulatory standards (PCI, FFIEC, SOX, HIPAA, GDPR, CCPA, GLBA). Experience with CIS CSC, ISO 2700, or NIST CSF. Excellent written and verbal communication across all organizational levels. Strong organizational skills and ability to meet SLAs. Sound judgment and decision-making in complex scenarios. High integrity, trustworthiness, and adaptability. Preferred Skills: Certifications such as CISSP, CISA, CRISC, or CISM. Technical experience with enterprise networks, applications, and directory services. Familiarity with enterprise GRC platforms. Conditions of Employment Must be able to pass a criminal background & credit check This is a full-time, non-remote position FLSA Status: Exempt We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state, or local protected class. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Pay Range USD $49,972.00 - USD $76,958.00 /Yr.

Join a team dedicated to making a real difference in the lives of our community. Our Mission at Friendship Village of Dublin is “To care for, engage, and inspire our community to reimagine and maximize quality of life at every age” . At Friendship Village our Values Drive us to RISE to any Occasion Values: Respect Integrity and Innovation Stewardship Excellence We are seeking a Information Security & Systems Analyst to contribute to our mission by: The Entry to Mid-Level System Analyst performs security, compliance and administration of systems and is responsible for the design, installation and management, configuration and reliable operation of security/compliance mechanisms, systems and policies that protect the computer network and information systems against cyber events. Participate in research and development to continuously improve and keep up with the IT business needs of the organization. Actively resolve problems and issues with computer and server systems to limit work disruptions within the company. Essential Duties: Design, install and manage security mechanisms that protect the computer network and information systems against threats including but not limited to hackers, breaches, viruses and spyware. Educate and provide awareness to users regarding security policies and procedures as well as threats. Develop and maintain security policies and guidelines around information classification, system integrity, incident response and user access. Monitor, audit and review systems for and identify violations or attempted violations of security procedures, processes and access. Plan and implement appropriate measures to safeguard data from accidental or unauthorized modification, destruction or disclosure. Respond to incidents, investigate potential incidents and recommend enhancements to close potential security gaps and serve as a backup to other members of the Technology department. Responsible for post breach/data loss activities including but not limited preservation of evidence, review of data to determine scope and support of legal and other processes. Participate in supporting efforts, making sure all networks, systems, applications, servers, technology tools and related equipment problems are resolved in a timely manner with limited disruptions. Monitor performance and maintain systems according to requirements. Ensure security through access controls, backups and firewalls. Recommend when to upgrade systems with new releases and models. Timely completion of IT Projects. All other duties as assigned. Information Security & Systems Analyst Responsibilities: Safeguard and help prevent cyber-attacks: Implement industry best practices for cyber security. Be up to date about the latest security trends and newest security technology. Assist other technical support staff in identifying and implementing appropriate security safeguards, including patch applications and anti-malware strategies. Operate, administer and monitor network and host-based intrusion detection/prevention systems. Ensure ongoing compliance with industry standards for information security: Participating in risk assessments to identify potential security threats Conducting employee training on security policies and responsibilities Auditing IT systems to ensure compliance with regulations. Reporting security breaches to management for prompt resolution. Collaborating with vendors to ensure proper data handling security measures. Monitoring compliance with state and federal data privacy and security regulations. Developing policies and procedures for maintaining data security. Monitor and report on devices and networks including: Maintain, configure, secure and provide reliable operation of computers systems, network servers, and virtualization. Network switch and firewall health Internet traffic and usage metrics Design and install network devices and systems (including maintaining current software versions on all network equipment) Demonstrates ability to independently troubleshoot and diagnose network, telephone, Internet, Wi-Fi, network. Assists with work order requests: Helps the IT Team meet service levels of quality and responsiveness: Satisfaction goal of 90% 2-business-day response time (resolution time dependent on issue SLA) Creates, updates and closes tickets in incident management system. Qualifications: • Bachelor's degree in computer science, programming, or a related field or equivalent industry experience. • 2-4 Years of Security or Systems Analyst experience REQUIRED NON TECHNICAL QUALIFICATIONS • Must have the ability to work under pressure, without constant direction and to react in a positive and spontaneous manner to the needs of residents, staff, visitors, and vendors. • Must be able to independently handle multiple simultaneous tasks, following specific instructions carefully and general instructions completely. • Excellent communication skills • Resourcefulness and problem-solving aptitude • Self-starter mentality willing to make constant improvements in the technical support process. • Takes pride and ownership of the support role. • Excellent customer service and communication skills • Ability to assess resident and staff complaints and resolve disputes in a friendly professional manner. REQUIRED TECHNICAL QULAIFICATION • Strong understanding of cybersecurity tools, concepts and best practices. • Knowledge of information security frameworks (e.g.,HIPAA, NIST) and relevant regulations. • Knowledge of Windows Operating Systems - Desktop (10 and 11) and Server (2016+) • Windows desktop device configuration, management, and operation. • IOS Device configuration, management, and operation. • Networking Concepts and basic troubleshooting (DNS, DHCP, IP Addressing). • Switching and Routing Concepts (basic troubleshooting and configuration). • Meraki Network and Camera Equipment • VOIP/PBX • Demonstrated working in a helpdesk ticketing environment.