Information security analyst jobs in Bridgeton, MO - 93 jobs

The Information Assurance Principal Analyst/Program Lead will provide leadership, oversight, and operational management for the Joint Operation Planning and Execution System (JOPES) and the Transportation Visualizer (TransViz) Functional Management Support contract. This individual will act as the primary liaison between TeAM, government officials, and all contract stakeholders, ensuring the coordination, integration, and execution of all program activities in accordance with DoD and USTRANSCOM expectations. The Information Assurance Principal Analyst/Program Lead will be responsible for meeting all performance, schedule, and quality objectives as outlined in the contract's scope. Mission Objectives - The primary objective of this project is to support the operational effectiveness and mission readiness of the JOPES and TransViz platforms at Scott Air Force Base. As a critical contract team member, the Information Assurance Principal Analyst/Program Lead ensures seamless functional management, stakeholder coordination, and compliance with all contractual and security requirements while facilitating process improvements and the timely delivery of program services. This position supports USTRANSCOM and associated DoD agencies by optimizing system capabilities and user experience in support of national defense objectives. Position Responsibility Summary Serve as the principal point of contact (POC) for all programmatic, technical, and contractual matters, representing TeAM in communications with government officials and stakeholders. Serve as a Liaison for all meetings & events, coordinating & scheduling all course training for teams, and attending reviews of the program. Lead, supervise, and coordinate activities of the project team-overseeing System Administrators and the Database Administrator-to fulfill contract objectives. Ensure timely and accurate reporting of program performance, deliverables, metrics, and compliance with DoD security, safety, and operational requirements. Manage risks, mitigate issues, and implement corrective actions to maintain project schedule and instill quality control. Oversee and ensure workforce compliance with all mandatory security, safety, and DoD-mandated annual training, including but not limited to OPSEC, Antiterrorism Level I, CUI, and Emergency Operations. Develop and implement process improvements, leveraging industry best practices (e.g., ITIL) to enhance JOPES/TransViz functionality and user satisfaction. Foster a culture of open communication and collaboration across stakeholders, promoting continuous improvement in program delivery. Ensure all support activities are conducted on-site in compliance with established guidelines and within the designated geographic radius.

Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

Join our dynamic and thriving company as a Data Security Analyst in St. Louis, MO where you'll have the opportunity to make an impact and shape the future of our renowned brands. If you have a passion for fashion, eager to learn and have an eye for detail, this is the perfect role for you! As a member of our team, you'll be part of a company that values results, caring and learning. What You'll Be Doing Monitor security service performance and availability: Provide recommendations on security equipment, software, and services On-going investigation: Inspect information security alarms and events to determine vulnerability and impact Implement processes: Put forth structured risk assessment processes, conducting ongoing threat and vulnerability assessments, and evaluating controls and countermeasures to mitigate risk Participate in architecture reviews: Ensure adherence to information security architecture Develop processes: Create plans for preventing, detecting, identifying, analyzing and responding to information security incidents Design and deliver programs: Create education and training programs on information security and privacy matters The Timberline Group Phone: ************ PO Box 565, Sullivan, Mo 63080 ********************* ************************* "Delivering quality solutions through quality people"

WCBinc is pursuing an opportunity with the National Geospatial-Intelligence Agency (NGA) for Transport & Cybersecurity Services (TCS) contract. The functional capabilities are to provide the information technology (IT) infrastructure services required to deliver timely, relevant, and accurate GEOINT in support of national security. TCS will provide innovative design, engineering, procurement, implementation, operations, sustainment and disposal of transport and cybersecurity IT services on multiple networks and security domains, at multiple locations worldwide to support the NGA GEOINT mission. What You'll Get to Do: Provide cyber threat intelligence services for the collection, fusion, analysis, creation, and distribution of threat intelligence from government entities, commercial feeds, open sources, and other partners to obtain situational awareness of the threat environment. Cyber threat intelligence services shall develop and disseminate reports and tippers to internal and external stakeholders based on events, alerts, and incidents on the customer systems and networks. Provide advanced cybersecurity analytics (ACA) services which aggregates and analyzes products, data, and information to identify trends and patterns, anomalous activity, provide situational awareness of the customers networks, missions and threats, and provide operational recommendations, visualizations, tuning requests, and custom signature creation to the CSOC and other internal and external stakeholders. Implements and monitors security measures for communication systems, networks, and provide advice that systems and personnel adhere to established security standards and Governmental requirements for security on these systems. Designs and implements data network security measures; operates Network Intrusion Detection and Forensics; conducts performance analysis of Information Systems security incidents; develops Continuity of Operation (COOP)/Disaster Recovery (DR) plans and supports certification of Information Systems and Networks. Advanced Cybersecurity Analytics will provide advanced cybersecurity services on an expanded 12x5service support level during core hours and on-call support with two-hour response time during non-core hours. Cyber Threat Intel Services will provide advanced cybersecurity services on an expanded 12x5 service support level during core hours and on-call support with two-hour response time during non-core hours. Supervises operation of Electronic Key Management System, other information security duties, and Public Key Infrastructure. Develops new concepts and processes. Analyzes root causes and resolves issues. Supports more junior level technicians and specialists in their activities. Can perform all tasks of lower level technicians or specialists. Works individually, actively participates on integrated teams, and may also lead a task, project or team Requires guidance and direction from more expert level technicians, specialists, and managers only when dealing with new, uncertain situations. Provides guidance to lower level technicians and specialists.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

**Emerson, a global manufacturer of high-quality products, systems and services for commercial, industrial and consumer markets is seeking an IT Analyst for Corporate Enterprise Applications. The IT Analyst shares responsibility for gathering requirements, and support of business solutions for Emerson's Indirect Procurement Initiative** **In This Role, Your Responsibilities Will Be:** + Works collaboratively with Supply Chain and IT teams to implement and rollout P2P for Indirect Material and Services + Develop training material and application documentation as required. + Educating business users + Provide guidance in data preparation and migration + Provide support for configuration and application of multiple functional modules. + Provide operation support in Service Now incident system + Assist with program rollout activities, including business units and trading partners. + Proactively monitors processes and operations. + Serves as a team member within multi-functional supply chain programs as assigned. + Ensures project documentation is complete and maintained. + Works effectively in a global highly matrixes team environment. **Who You Are:** + You get the most out of limited resources. You anticipate future trends and implications accurately.You deliver clear, problem-focused communication. **For This Role, You Will Need:** + Bachelor's degree in Computer Science, Information Systems, Finance, Accounting or other related field. + Proficient in English + Familiar with project management in an IT environment + Detail-oriented with strong problem-solving skills. + Capable of performing detailed data analysis to identify opportunities and gain higher-level insight. + Ability to multi-task and work within diverse multi-disciplinary global project teams + Strong customer service orientation with strong written and verbal communication skills, including comfort with presenting to diverse technical and non-technical audiences at all levels of the organization. **Preferred Qualifications That Set You Apart:** + 3+ years of technical experience with Oracle + Experience in ERP modules P2P Finance + Experience in systems analysis, gathering user requirements and understanding and interpreting requirements specifications. **Our Culture & Commitment to You:** Our compensation philosophy is simple: we pay a competitive base salary, within the local market in which we operate, and reward performance during our annual merit review process. The salary range for this role is $80,000-100,000 annually, commensurate with the skills, talent, capabilities, and experience each candidate brings to a role. This position will be open for a minimum of 7 days from the day of posting. Applicants are encouraged to apply early to receive efficient consideration. In compliance with the Colorado Job Application Fairness Act, in any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. At Emerson, we prioritize a workplace where every employee is valued, respected, and empowered to grow. We foster an environment that encourages innovation, collaboration, and diverse perspectives-because we know that great ideas come from great teams. Our commitment to ongoing career development and growing an inclusive culture ensures you have the support to thrive. Whether through mentorship, training, or leadership opportunities, we invest in your success so you can make a lasting impact. We believe diverse teams, working together are key to driving growth and delivering business results. We recognize the importance of employee wellbeing. We prioritize providing flexible, competitive benefits plans to meet you and your family's physical, mental, financial, and social needs. We provide a variety of medical insurance plans, with dental and vision coverage, Employee Assistance Program, 401(k), tuition reimbursement, employee resource groups, recognition, and much more. Our culture offers flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave. \#LI-AK1 **WHY EMERSON** **Our Commitment to Our People** At Emerson, we are motivated by a spirit of collaboration that helps our diverse, multicultural teams across the world drive innovation that makes the world healthier, safer, smarter, and more sustainable. And we want you to join us in our bold aspiration. We have built an engaged community of inquisitive, dedicated people who thrive knowing they are welcomed, trusted, celebrated, and empowered to solve the world's most complex problems - for our customers, our communities, and the planet. You'll contribute to this vital work while further developing your skills through our award-winning employee development programs. We are a proud corporate citizen in every city where we operate and are committed to our people, our communities, and the world at large. We take this responsibility seriously and strive to make a positive impact through every endeavor. At Emerson, you'll see firsthand that our people are at the center of everything we do. So, let's go. Let's think differently. Learn, collaborate, and grow. Seek opportunity. Push boundaries. Be empowered to make things better. Speed up to break through. Let's go, together. **Work Authorization** Emerson will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas such as E, F-1(including those with OPT or CPT) , H-1, H-2, L-1, B, J or TN, or who need sponsorship for work authorization now or in the future, are not eligible for hire. **Equal Opportunity Employer** Emerson is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment. **Accessibility Assistance or Accommodation** If you have a disability and are having difficulty accessing or using this website to apply for a position, please contact: idisability.administrator@emerson.com . **ABOUT EMERSON** Emerson is a global leader in automation technology and software. Through our deep domain expertise and legacy of flawless execution, Emerson helps customers in critical industries like life sciences, energy, power and renewables, chemical and advanced factory automation operate more sustainably while improving productivity, energy security and reliability. With global operations and a comprehensive portfolio of software and technology, we are helping companies implement digital transformation to measurably improve their operations, conserve valuable resources and enhance their safety. We offer equitable opportunities, celebrate diversity, and embrace challenges with confidence that, together, we can make an impact across a broad spectrum of countries and industries. Whether you're an established professional looking for a career change, an undergraduate student exploring possibilities, or a recent graduate with an advanced degree, you'll find your chance to make a difference with Emerson. Join our team - let's go! **No calls or agencies please.** **Requisition ID** : 25029840 Emerson is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment.

The Managed Service Security Analyst is responsible for monitoring, detecting, and responding to security incidents to protect client environments. This role involves the identification of vulnerabilities, analyzing security risks, responding to security operations service tickets, and implementing protective measures. The Security Analyst will also assist with security audits, incident response, compliance-related activities and projects, and ensuring that all security services meet established performance and security standards. PRINCIPAL DUTIES AND RESPONSIBILITIES: Client Support: Provide security-related support to clients, addressing concerns, incidents, and queries in a timely manner. Security Monitoring: Perform continuous security monitoring of client systems, networks, and applications for malicious activities or security breaches. Incident Response: Respond to security incidents, conduct investigations, containment, and remediation efforts to mitigate risks and protect client environments. Vulnerability Management: Identify, assess, and prioritize vulnerabilities in client systems, recommending and implementing mitigation strategies. Threat Intelligence: Utilize threat intelligence tools to identify potential risks and provide proactive defense recommendations. Compliance Support: Ensure client systems adhere to regulatory and compliance standards (e.g., PII, HIPAA, PCI-DSS) as required. Security Audits: Assist with internal and external security audits, including the preparation and maintenance of audit documentation. Documentation: Maintain detailed records of security incidents, operational tasks, and system configurations in accordance with best practices. KNOWLEDGE, SKILLS AND ABILITIES: Education: Bachelor's degree in information technology, Computer Science, a related field, or additional years of relevant job experience. Experience: Minimum of 1 year of experience in an IT security or service role, preferably in a managed services environment. Certifications: Relevant certifications such as CASP+, CISSP, CEH, CompTIA Security+, or equivalent are preferred. Skills: Strong understanding of security frameworks (e.g., NIST, ISO 27001). Experience with security information and event management (SIEM) tools. Excellent analytical and problem-solving abilities. Strong communication and interpersonal skills for client-facing interactions. Ability to manage multiple security incidents and tasks simultaneously.

Monitors the health of Touchette Regional Hospital and SIHF Healthcare's security threat posture and cybersecurity & network infrastructure. Develops a deep understanding of the threat landscape and ensures cybersecurity technology is monitored to detect threats. Works with the IS Security Officer and junior members of the team to ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with Touchette Regional Hospital and SIHF Healthcare IT and cybersecurity standards Develops, documents, maintains, and communicates Touchette Regional Hospital and SIHF Healthcare's governance models and compliance codes and standards. Develop, provide, and maintain necessary documentation for all network applications and network systems Assist with network security in a multi-hospital & multi-healthcare clinic environment Key responsibilities include: Monitors endpoint anti-virus & malware, content-filtering, data loss prevention solutions, multi factor authentication systems, device profiling systems, firewall rules, network ACLs, server configuration monitoring, network logging consolidation and event correlation systems. Analyze threat intelligence to anticipate and mitigate potential risks. Conduct root cause analysis of security incidents and recommend corrective actions. Conduct research on network products, services, protocols, and standards in support of network & security procurement and development efforts. Installs and maintains network & security operating systems; ensures that backup copies of all files are routinely made and securely stored at separate location; maintains system documentation. Develops vulnerability remediation documentation and assists in the remediation of vulnerabilities both on server and network systems both cloud and physical. Documents systems with vulnerability's that are not able to be remediated, develops an action plan to secure those devices and communicates this information to stakeholder's and the IS Security Officer. Develops the skills necessary to manage network security solutions. Develops expertise in scanning and monitoring networks or server systems for attacks, malicious software, intrusions, and threats. Develops an understanding of the organization's current threat posture and uses a variety of tools to understand emerging threat patterns and gauge potential impacts to day-to-day business processes. Develops attack and penetration technologies to reduce threat landscape while looking for creative ways to save money and time where possible. Works with the IS Security Officer to develop policies and training to ensure employees are following and understanding security policies and procedures. Provides cybersecurity and network support for operational systems and assists in business planning, maintenance, and troubleshooting. Executes risk management initiatives to assess risk and gather information/data for defining/updating policy/standards. Researches and interprets risks and impacts of new technology, emerging patterns and trends in the cybersecurity landscape and provides updates/reports to the IS Security Officer on a regular basis. Develops monitoring use cases, tests, and assesses the effectiveness of Digital controls. Develops expertise in working with Network Packet Analyzers, Next-Generation Antivirus, Endpoint Detection and Response, Cyber Threat Intelligence and Threat Hunting Tools. Engages and communicates effectively with internal personnel, external vendors, or contacts in day-to-day activities and fosters positive business relationships. Educates the various business units on the different IT or cybersecurity strategies, policies, processes, and procedures. Executes projects and programs for the Network and Security team as required. Prepares and works with the different stakeholders to develop business continuity, disaster recovery and incident response plans Develop methods or propose technologies to protect data at rest when required. Will be required to provide on-call support in rotating intervals and emergency support as needed. Ability to occasionally support routine or emergency network or security changes during normal business hours, after-hours, on weekends or during holidays is required. At the direction of your supervisor this may involve travel on-site to a pre-determined location to support these changes. Ability to participate in on-call rotation. Provides second-level technical support to users concerning network & security system operations. Performs all other duties as assigned. Qualifications Bachelor's degree preferred, preferably in computer science, cybersecurity, network engineering, engineering, mathematics, or equivalent work experience 5-6 years of experience in information security, cybersecurity, or a related IT role. Professional certifications preferred Cisco Certified CyberOps Professional (CCCP), Cisco Certified Network Professional - Security (CCNP Security), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Certified Enterprise Defender (GCED). In addition to the above qualifications, the successful candidate will demonstrate: Fundamental knowledge of networking & security concepts Understand the OSI model, well-known and reserved ports & network protocol specifications Understand encryption methods used in securing network traffic transiting unsecured networks Understand encryption methods to secure sensitive information stored digitally Hands-on technical troubleshooting capabilities (physical, virtual, logical) Ability to work independently under minimal supervision Familiarity with network monitoring tools Exceptional critical thinking and problem-solving ability Strong interpersonal skills to assist non-technical individuals with complex technical issues Ability to adapt and learn new skills rapidly in support of the IT organization across a variety of different operating systems, protocols, applications, or technologies. Enthusiasm Teamworking skills Attention to detail Physical Demands: Must be able to sit and/or stand for prolonged periods of time Must be able to wear personal protective equipment (PPE) (mask, gown, gloves) when required Must occasionally lift and/or move up to 50 pounds; 100 pounds with assistance.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Senior AI Security EngineerAs an Information Security Engineer specializing in AI Security and Data Science, you will be at the forefront of protecting our AI systems and the underlying data that powers them. Your role will combine deep technical expertise in security engineering with strong data science capabilities to analyze, interpret, and secure complex datasets used in AI models. You will design and implement advanced security measures to safeguard AI infrastructure and ensure the integrity, confidentiality, and availability of AI-driven solutions. Key Responsibilities: - Security Architecture Design: Architect and implement robust security frameworks for AI systems, including secure coding practices and design principles. -Data Analysis & Risk Modeling: Apply data science techniques to analyze AI system data, identify patterns, and assess potential security risks. Develop predictive models to anticipate vulnerabilities and threats. - Vulnerability Assessment: Implement and manage tooling for penetration testing on AI models and systems, leveraging statistical and data-driven approaches to prioritize remediation. - Secure AI Development: Collaborate with data scientists and software engineers to integrate security best practices into the AI development lifecycle, including secure model training, validation, and deployment. - Data Governance & Privacy: Ensure compliance with data protection standards (GDPR, NIST, ISO) and implement privacy-preserving techniques such as differential privacy and federated learning. - Research and Innovation: Stay abreast of advancements in AI security and data science, conduct research, and contribute to innovative security solutions. - Documentation and Reporting: Prepare detailed reports and dashboards using data visualization tools to communicate security posture and risk insights. - Advisory and Support: Provide guidance on secure data handling and AI security best practices to cross-functional teams. - Technical Training and Mentorship: Mentor team members on AI security principles and data science methodologies. - Experimentation and POCs: Design and execute experiments and proof-of-concepts to validate emerging threats and security solutions using data-driven approaches. Qualifications: Bachelor's or Master's degree in Computer Science, Information Security, Data Science, or related field. Relevant experience in information security with a strong focus on AI systems and data protection. Proficiency in data science tools and languages (Python, R, SQL) and experience with machine learning frameworks (TensorFlow, PyTorch). Strong understanding of statistical modeling, data visualization, and anomaly detection techniques. Expertise in designing and implementing security measures for AI systems, including encryption, access controls, and secure coding desired. Excellent analytical and problem-solving skills with ability to interpret complex datasets for security insights. Relevant certifications such as CISSP, CEH, OSCP, or data science certifications are highly desirable.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $115,000 - $184,000 USD

Exegy is a global leader in intelligent market data, advanced trading systems, and future-proof technology. Exegy serves as a trusted partner to the complete ecosystem of the buy-side, sell-side, exchanges, and financial services technology firms around the globe. Headquartered in St. Louis with regional offices in North America, the UK/Europe and Asia Pacific, Exegy has the global footprint to deliver world-class support and managed services to its customer base of elite financial market participants. Job Summary The Security Engineer - IAM & PAM is responsible for designing, implementing, and operating identity, authentication, authorization, and privileged access controls across the enterprise. This role focuses on reducing over-provisioned access, enforcing least privilege, and ensuring access is appropriately granted, reviewed, and revoked in alignment with business risk, regulatory requirements, and security best practices. This engineer partners with IT Operations, Security Architecture, GRC, HR, and Application Owners to ensure identity and access management supports both secure operations and business agility. Responsibilities Identity & Access Engineering Design, implement, and maintain IAM and PAM platforms supporting workforce, privileged, and service identities Enforce least-privilege access models, role-based access control (RBAC), and attribute-based access control (ABAC) where appropriate Implement strong authentication controls, including MFA, conditional access, and phishing-resistant authentication Privileged Access Management (PAM) Manage privileged identities for administrative, infrastructure, cloud, and application accounts Eliminate shared, standing, and unmanaged privileged accounts through vaulting, just-in-time (JIT) access, and session recording Ensure privileged access is time-bound, approved, logged, and auditable Access Governance & De-Provisioning Lead initiatives to identify and remediate over-provisioned access, orphaned accounts, and excessive entitlements Design and operate access review and certification processes in collaboration with GRC and business owners Integrate IAM with HR systems and ITSM to automate joiner, mover, and leaver workflows Risk Reduction & Continuous Improvement Partner with Risk and GRC teams to align IAM/PAM controls to ISO 27001, NIST, CIS Controls, and regulatory requirements Perform periodic access risk assessments and provide remediation recommendations Develop metrics that demonstrate risk reduction, such as decreased standing privileged access, faster de-provisioning, and reduced audit findings Incident Support & Monitoring Support security incident investigations related to identity misuse, credential compromise, or privilege escalation Ensure IAM and PAM logs integrate with SIEM and monitoring platforms for visibility and alerting Our Ideal Candidate Has Technical Experience 5+ years of experience in information security or identity engineering, with deep focus on IAM and/or PAM programs Hands-on experience designing, implementing, and operating enterprise IAM and PAM platforms (e.g., Azure AD / Entra ID, Okta, Ping, CyberArk, BeyondTrust, Delinea, HashiCorp Vault, or comparable solutions) Proven experience building and maintaining RBAC models, automating joiner-mover-leaver workflows, and leading entitlement cleanup initiatives Strong working knowledge of modern authentication and authorization protocols (SAML, OAuth, OIDC, LDAP, Kerberos) Experience integrating identity systems across cloud platforms, SaaS applications, on-prem infrastructure, and CI/CD pipelines Governance & Risk Enablement Demonstrated experience reducing access-related audit findings and closing identity control gaps Working knowledge of common security and compliance frameworks (e.g., ISO 27001 Annex A, NIST SP 800-53, CIS Controls), with emphasis on access control and identity safeguards Ability to translate security and compliance requirements into practical, scalable identity controls that support business operations Operating & Collaboration Approach Effective partner to IT, Security, HR, and business teams to align identity controls with real-world workflows Comfortable communicating access risk, least-privilege principles, and control decisions to both technical and non-technical stakeholders Organized and process-oriented, with the judgment to balance security rigor, operational efficiency, and user experience Experience That Enhances Impact Exposure to regulated environments such as SOX, PCI-DSS, HIPAA, or similar compliance frameworks Experience working with identity governance (IGA) platforms, access reviews, or access analytics Relevant security or identity certifications (e.g., CISSP, CISM, GIAC, or IAM/PAM vendor certifications) are beneficial but not required

Apex Systems is seeking a Data Analyst to join a Workforce Analytics team for one of our clients. This role is ideal for someone passionate about data and supporting strategic initiatives focused on optimizing a dynamic workforce and improving the employee experience. You will play a key role in executing, designing, and improving workforce reports that drive organizational decisions. The Workforce Analytics team is responsible for bringing insight to help improve operations, fuel innovation, and execute organizational goals. We do this by focusing on three key areas: * Quality of source data * Integration and accessibility to information * Providing tools to assist in identifying connections and correlations that will provide insight into our current and future workforce Responsibilities * Assist with the design, development, and execution of dashboards, scorecards, presentations, communications, and reporting that drive decisions for organizational initiatives, resources, and programs. * Proactively monitor, analyze, and troubleshoot workforce data to identify and resolve issues ensuring objectives are met. * Gather reporting requirements and deliver the best analytical solution to help solve business needs. * Maintain full understanding of performance tools, systems, and enhancements that automate and streamline workforce data. * Design, develop, enhance, evaluate, and implement both scheduled reporting and ad-hoc reporting requests. * Maintain data integrity and ongoing quality control of systems, tools, and delivered reports through testing and validation. * Assist with presentations, explanations, and discussions of the results of analysis concisely and effectively to support decision-making. * Understand HRIS systems administration and reporting. * Partner with leadership to identify, implement, and ensure compliance on audits and reporting. * Assist with projects that support workforce initiatives. Required Skills * Commitment to incorporating security into all decisions and daily job responsibilities. * 2 or more years of related experience. * 1 or more years of experience reporting and analyzing workforce data in a professional environment using research and database software. * Experience with Talent Management systems (HRIS, performance management, talent acquisition, learning & development, vendor management). * Intermediate to advanced skill level in Microsoft Excel (VLOOKUPs, pivots, formulas). * Advanced level understanding of MS Office Suite. * Strong research, critical thinking, and problem-solving skills. * Excellent organizational and time management skills. * Ability to effectively communicate data results to stakeholders. * Ability to work independently or within a team, as needed. * Demonstrated ability to make sound and well-informed decisions regarding a broad range of factors. * Strong customer service orientation. * Ability to maintain confidentiality at all times. Preferred * Bachelor's degree in Human Resources, Computer Information Systems, Management Information Systems, or related field. * Intermediate skill level in Microsoft SharePoint (lists, views, and access security for data collection). Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click here for more details. Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. Employee Type: Contract Remote: Yes Location: St. Louis, MO, US Job Type: Date Posted: December 12, 2025 Pay Range: $35 - $45 per hour Similar Jobs * Business Analyst * SOC Analyst * Business Analyst * Telecommunications Analyst * Business Analyst

At Kelly Services, we work with the best. Our clients include 99 of the Fortune 100TM companies, and more than 70,000 hiring managers rely on Kelly annually to access the best talent to drive their business forward. If you only make one career connection today, connect with Kelly. Job Description MUST have IT Audit experience MUST have CISA (Certified Information Systems Auditor Certification) SOX Audit and compliance experience on systems / infrastructure is preferred Open to candidate that is willing to relocate to St. Louis, MO US Citizen, Green Card holder, EAD OPT only Senior IT Audit Analyst The successful candidate, will have the opportunity to work with our client whom is a reputable global provider in integrated pharmacy benefit management, cost management as well as patient-care services worldwide. 6 months contract with possibility of renewal and/or contract to hire. Position is based in St. Louis, MO. General Summary: The Senior IT Audit Analyst will be responsible of: · Carrying out audit of IT infrastructure and systems within the organization. · Perform risk assessments for sensitive internal and external systems · Ensures that the security of information systems assets is in compliance with company policies, SAS70, Sarbanes Oxley, Payment Card Industry, HIPAA, NIHB and DIACAP · Ensures that user community understands and adheres to necessary procedures to maintain security Qualifications: · Bachelor's Degree in computer related field desired · Minimum 5 years' experience in IT audit experience, preferable in IT Systems. · Must be a Certified Information Security Auditor (CISA) · Familiarity with external regulations, e.g., DIACAP, HIPAA, Sarbanes-Oxley · Strong understanding of information security principles · Excellent organizational skills and ability to communicate with internal/external entities and executives a must Additional Information Why Kelly? As a Kelly Services candidate you will have access to numerous perks, including: Exposure to a variety of career opportunities as a result of our expansive network of client companies Career guides, information and tools to help you successfully position yourself throughout every stage of your career Access to more than 3,000 online training courses through our Kelly Learning Center Group-rate insurance options available immediately upon hire* Weekly pay and service bonus plans

The position is in the Strategy, Planning and Execution (SPE) team, in the Information Risk Management (IRM) department. IRM is responsible for managing the Information Security risk for the organization. The SPE team leads the creation of the multi-year strategy and IRM roadmaps, and manages the execution of the plans. SPE also defines the corporate security standards, performs risk assessments, and measures organizational security performance. ESSENTIAL FUNCTIONS •Perform application and system risk assessments and security audits of internal and external facilities against established standards •Provides consultative advice to information security customers that enables them to make informed risk management decisions •Contribute in establishing policies and procedures necessary to ensure the security of information system assets, and to protect them from intentional or inadvertent access, disclosure, or destruction •Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., Sarbanes Oxley, HIPAA •Weigh business needs against security concerns and articulate issues and options to management •Maintains appropriate security documentation for applications and systems •Ensures that user community understands and adheres to necessary procedures to maintain security •Communicates risk assessment findings to information security “customers,” or business partners •Active participation in strategic initiatives in accordance to the IRM roadmap Qualifications QUALIFICATIONS •At least 5 years of IT experience with a Bachelor's Degree in computer related field or equivalent •At least 3 years of experience in Information Security •PC skills including knowledge of Microsoft Office •Excellent organizational skills and ability to communicate with internal/external entities and executives a must •Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities •Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve •Certification in information security (CISSP, CISM, GIAC, or equivalent) preferred Additional Information All your information will be kept confidential according to EEO guidelines.

Significance is a woman-owned consulting firm serving the federal government. We are known for building trusted relationships within our teams and with our clients and hiring the highest-level experts who implement innovative solutions. We also like to have fun! Our focus on culture has contributed to Significance being named a Washington Business Journal Best Place to Work each of the last seven years. We are seeking an IT Audit Analyst to join our program in support of USTRANSCOM at Scott AFB. Work will be performed on a hybrid basis with onsite work expected 3 days per week. In this role you will: • Conduct reviews of a designated critical feeder and core accounting systems for compliance with applicable standards, ensuring compliance with: o DoD Instruction 8510.01 o NIST 800-53 RMF o FMFIA o Federal Information System Controls Audit Manual (FISCAM)• Support with the execution of test plans to evaluate design and operating effectiveness of IT controls. As findings are addressed, the Contractor shall assist in the development of a CAP.• Provide support in reviewing and mapping the Statement on Standards for Attestation Engagements 18 reports, reviewing and testing Complimentary User Entity Controls (CUEC), and providing the test results. • Support the development of CAPs and support remediation testing for CAPs that have been implemented by the programs. The results of the CUEC reviews are reported in the timeframe and format provided by OSD.• Support with FISCAM training as requested to program managers.Required Skills/Experience Interim Secret security clearance with ability to get a fully active secret security clearance 0-3 years experience in a related position, preferably supporting DoD agencies Bachelor's Degree (Information Systems, Accounting or relevant field) Must be currently located in the St. Louis metro area and able to report to Scott AFB at least 5 days/week Desired Skills Experience (can include internships) with IT audit or internal audit in the Federal Government At Significance, your base pay is one part of your total compensation package and is determined within a range. Our pay ranges are based on the local cost of labor benchmarks for each specific role, level, and geographic location. We carefully consider a wide range of factors when determining compensation, including but not limited to experience; job-related skill sets; relevant education or training; and other business and organizational needs. The salary range listed is for the level at which this job has been scoped. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for a comprehensive and generous benefits package. We are an E-Verify Employer********************************************** Contents/E-Verify_Participation_Poster.pdf**************************************************************************************

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

WCBinc is looking for a Cyber Security Operations Specialist II to operate and manage all aspects of Information Systems, data availability, integrity, authentication, confidentiality, and non-repudiation. This role will develop and execute security policies, plans, and procedures and ensure security measures of the network. What You'll Get to Do: Provide cyber threat intelligence services for the collection, fusion, analysis, creation, and distribution of threat intelligence from government entities, commercial feeds, open sources, and other partners to obtain situational awareness of the threat environment. Provide cyber threat intelligence services on an expanded 12x5 service support level during core hours and on-call support with two-hour response time during non-core hours. Cyber threat intelligence services shall develop and disseminate reports and tippers to internal and external stakeholders based on events, alerts, and incidents on customer systems and networks. Implements and monitors security measures for communication systems, networks, and provide advice that systems and personnel adhere to established security standards and Governmental requirements for security on these systems. Designs and implements data network security measures; operates Network Intrusion Detection and Forensics; conducts performance analysis of Information Systems security incidents; develops Continuity of Operation (COOP)/Disaster Recovery (DR) plans and supports certification of Information Systems and Networks. Supervises operation of Electronic Key Management System, other information security duties, and Public Key Infrastructure. Receive tickets from other Cybersecurity Operations Services sub-services and conduct detailed analysis to validate any event/alert/incident Categorize, prioritize, investigate, and assess cybersecurity events/alerts/incidents to identify the extent and scope of the event/alert/incident and what impact there is on the operation or systems Update and forward tickets to other Cybersecurity Operations Services to customer as needed Collect, aggregate, and analyze artifacts and evidence from all available tools, knowledge sources, and data artifacts to determine and document the who, what, when, where, why and how of an intrusion, its extent, how to limit damage, and how to recover Submit custom signatures and tuning requests as needed to Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services Assists the C-IRT by assessing ongoing incident activity to predict adversary responses and locations of compromise Documents tickets and analysis to a level of detail sufficient to reconstruct the analyst's analysis, to include but not limited to the steps taken, timelines, and data required to justify the analyst's assessment Provide custom metrics reports including incident category types, tools used, number of indicators, time opened at each step, trending statistics, service availability, system utilization, etc. Provide input to the daily CSOC Significant Activity, Operations, and the weekly CSOC Status Report Advanced Cybersecurity Analytics, coordinate with Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services to develop or tune rules/signatures/scripts

Security analysts are responsible for analyzing system and application security and making recommendations that optimize the protection of our computer systems and information resources. Security analysts develop, test, implement and maintain security policies and programs. They are responsible for staying current on security best practices and identifying security procedures to support business objectives and regulatory compliance. Responsibilities: The Information Security Office (ISO) Regulatory Compliance team is seeking a Security Analyst 2 to actively contribute to our organization's compliance efforts. This role calls for someone who can work closely with various business units, conduct thorough assessments, and assist in crafting effective remediation plans. Key Responsibilities: As a Security Analyst 2 on the Regulatory Compliance Team, you will: Coordinate audits with external assessors (QSA) and internal stakeholders to streamline assessment process related to collecting evidences Lead the validation of PCI requirements testing results and drive compliance gap remediation efforts Create and maintain documentation to support PCI program Conduct comprehensive internal compliance assessments, identify compliance gaps, and actively participate in developing remediation plans. Collaborate closely with different business units to ensure alignment with relevant regulations and standards. Support automation efforts across the compliance function. Regularly review policies and procedures to ensure ongoing compliance with regulatory requirements. Effectively manage and prioritize multiple projects related to regulatory compliance. Stay vigilant in monitoring and tracking regulatory changes, providing teams with guidance on updating policies and procedures as needed. Be a source of guidance and support for fellow members of the compliance team. Qualifications: Required: Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future Must be committed to incorporating security into all decisions and daily job responsibilities 3+ years with leading, planning and execution of PCI assessments which includes review of control design with a focus on payment card compliance and security. Demonstrate the ability to work both independently with a strong sense of ownership and collaboratively within a team to achieve departmental and project objectives. Ability to maintain a high degree of confidentiality. Detail-oriented with strong project management skills, including project planning, directing project activities, and leading project teams. Proficient in documentation, communication skills, and a proven ability to deliver formal and informal presentations to a diverse audience. Ability to organize and prioritize multiple complex assignments and tasks for self and team members, ensuring deadlines are met. Excellent problem-solving and analytical skills, with the ability to define problems, collect data, establish facts, and draw valid conclusions. Demonstrated leadership, collaboration, and relationship management skills, representing goals within the team and outside the department. Ability to be flexible and adaptable to changing requirements and responsibilities while delivering high-quality results. Commitment to incorporating security into all decisions and daily job responsibilities. Proficiency with Microsoft Office applications, including Outlook, Word, PowerPoint, and Excel. Preferred: Bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Management Information Systems, or extensive security-related experience, or an equivalent combination of education and experience. Functional knowledge of productivity, documentation, and collaboration tools such as SharePoint, Jira, Confluence, and Jive. The Timberline Group Phone: ************ PO Box 385, Lebanon, MO 65536 ********************* ************************* "Delivering quality solutions through quality people"

**Our Purpose** _Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._ **Title and Summary** Senior AI Security Engineer As an Information Security Engineer specializing in AI Security and Data Science, you will be at the forefront of protecting our AI systems and the underlying data that powers them. Your role will combine deep technical expertise in security engineering with strong data science capabilities to analyze, interpret, and secure complex datasets used in AI models. You will design and implement advanced security measures to safeguard AI infrastructure and ensure the integrity, confidentiality, and availability of AI-driven solutions. Key Responsibilities: - Security Architecture Design: Architect and implement robust security frameworks for AI systems, including secure coding practices and design principles. -Data Analysis & Risk Modeling: Apply data science techniques to analyze AI system data, identify patterns, and assess potential security risks. Develop predictive models to anticipate vulnerabilities and threats. - Vulnerability Assessment: Implement and manage tooling for penetration testing on AI models and systems, leveraging statistical and data-driven approaches to prioritize remediation. - Secure AI Development: Collaborate with data scientists and software engineers to integrate security best practices into the AI development lifecycle, including secure model training, validation, and deployment. - Data Governance & Privacy: Ensure compliance with data protection standards (GDPR, NIST, ISO) and implement privacy-preserving techniques such as differential privacy and federated learning. - Research and Innovation: Stay abreast of advancements in AI security and data science, conduct research, and contribute to innovative security solutions. - Documentation and Reporting: Prepare detailed reports and dashboards using data visualization tools to communicate security posture and risk insights. - Advisory and Support: Provide guidance on secure data handling and AI security best practices to cross-functional teams. - Technical Training and Mentorship: Mentor team members on AI security principles and data science methodologies. - Experimentation and POCs: Design and execute experiments and proof-of-concepts to validate emerging threats and security solutions using data-driven approaches. Qualifications: Bachelor's or Master's degree in Computer Science, Information Security, Data Science, or related field. Relevant experience in information security with a strong focus on AI systems and data protection. Proficiency in data science tools and languages (Python, R, SQL) and experience with machine learning frameworks (TensorFlow, PyTorch). Strong understanding of statistical modeling, data visualization, and anomaly detection techniques. Expertise in designing and implementing security measures for AI systems, including encryption, access controls, and secure coding desired. Excellent analytical and problem-solving skills with ability to interpret complex datasets for security insights. Relevant certifications such as CISSP, CEH, OSCP, or data science certifications are highly desirable. Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. **Corporate Security Responsibility** All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: + Abide by Mastercard's security policies and practices; + Ensure the confidentiality and integrity of the information being accessed; + Report any suspected information security violation or breach, and + Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. **Pay Ranges** O'Fallon, Missouri: $115,000 - $184,000 USD

Exegy is a global leader in intelligent market data, advanced trading systems, and future-proof technology. Exegy serves as a trusted partner to the complete ecosystem of the buy-side, sell-side, exchanges, and financial services technology firms around the globe. Headquartered in St. Louis with regional offices in North America, the UK/Europe and Asia Pacific, Exegy has the global footprint to deliver world-class support and managed services to its customer base of elite financial market participants. Job Summary We are seeking a hands-on Security Engineer - ASR to own and mature our vulnerability management program with a clear mandate to reduce real organizational risk and shrink our attack surface. This role goes beyond scanning and reporting-success is measured by fewer exploitable weaknesses, faster remediation, and sustained risk reduction over time. The ideal candidate is analytical, persistent, and pragmatic, with the ability to translate vulnerability data into clear, risk-based prioritized actions that engineering and /or IT teams can execute. Responsibilities Risk-Driven Vulnerability Management Own the end-to-end vulnerability lifecycle: discovery, prioritization, remediation tracking, and validation Maintain accurate asset and exposure visibility across endpoints, servers, cloud workloads, SaaS, and internet-facing systems Perform regular vulnerability scanning and ad-hoc assessments Prioritize remediation based on real-world risk, considering: Exploitability and threat intelligence Asset criticality and business impact Exposure (internet-facing, privileged systems, sensitive data) Reduce vulnerability noise by deduplicating findings and focusing teams on what matters most Track remediation progress and validate fixes Attack Surface Reduction Identify and eliminate: Unmanaged or unknown assets Legacy systems with chronic vulnerabilities Misconfigurations that expand attack surface Partner with IT and Engineering to: Improve patching cadence Enforce secure configuration baselines Reduce recurring vulnerability patterns Recommend compensating controls where remediation is not immediately feasible Threat Awareness & Continuous Improvement Conduct targeted threat analysis and light threat hunting to identify exploitation attempts and abnormal authentication or privilege activity Feed threat intelligence and observed attacker behavior back into vulnerability prioritization Improve detection, hardening, and prevention based on findings Collaboration & Communication Work closely with IT, Engineering, and Infrastructure teams to drive remediation outcomes Translate technical vulnerabilities into clear, actionable risk statements Provide leadership with concise, outcome-focused metrics and trend reporting Contribute to security standards, procedures, and operational improvements Success Metrics Reduction in critical and high-risk vulnerabilities over time Mean time to remediate (MTTR) Percentage of assets with known ownership and patch coverage Reduction in repeat or systemic vulnerabilities Demonstrated attack surface reduction (fewer exposed services, unused assets, misconfigurations) Our Ideal Candidate Has: Technical Experience 3+ years of hands-on experience in security engineering, vulnerability management, or a closely related discipline Strong working knowledge of common vulnerability classes, exploitation techniques, and attacker methodologies Solid foundation in operating systems, networking concepts, and cloud fundamentals Experience using vulnerability scanning, detection, and security monitoring tools to identify and assess risk Demonstrated ability to prioritize remediation efforts based on business and technical risk rather than raw finding volume Risk & Threat Awareness Familiarity with how vulnerabilities map real-world attack techniques and threat models Working knowledge of widely adopted security frameworks and control sets (e.g., MITRE ATT&CK, NIST CSF, ISO 27001, CIS Controls) Ability to contextualize vulnerability findings within broader security, operational, and compliance considerations Execution & Communication Approach Capable of clearly documenting vulnerability findings, risk rationale, and remediation guidance Effective in working with engineering, infrastructure, and IT teams to drive timely remediation Comfortable translating technical findings into actionable work items and recommendations Experience That Enhances Impact Experience operating in lean or resource-constrained environments where prioritization and pragmatism are critical Exposure to integrating vulnerability findings into ticketing, backlog management, or ITSM workflows Relevant security certifications (e.g., Security+, CEH, CISSP) or equivalent practical experience are beneficial but are not required