Information security analyst jobs in Chapel Hill, NC

Established in 1991, Collabera is one of the fastest growing end-to-end information technology services and solutions companies globally. As a half a billion dollar IT company, Collabera's client-centric business model, commitment to service excellence and Global Delivery Model enables its global 2000 and leading mid-market clients to deliver successfully in an increasingly competitive marketplace. With over 8200 IT professionals globally, Collabera provides value-added onsite, offsite and offshore technology services and solutions to premier corporations. Over the past few years, Collabera has been awarded numerous accolades and Industry recognitions including. Collabera awarded Best Staffing Company to work for in 2012 by SIA. (hyperlink here) Collabera listed in GS 100 - recognized for excellence and maturity Collabera named among the Top 500 Diversity Owned Businesses Collabera listed in GS 100 & ranked among top 10 service providers Collabera was ranked: 32 in the Top 100 Large Businesses in the U.S 18 in Top 500 Diversity Owned Businesses in the U.S 3 in the Top 100 Diversity Owned Businesses in New Jersey 3 in the Top 100 Privately-held Businesses in New Jersey 66th on FinTech 100 35th among top private companies in New Jersey *********************************************** Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance. Job Description Work Location: Durham NC 27703 Job Title: Network Security Analyst Duration: 24 Months Roles & Responsibilities: • Primary job responsibility will be to perform Intrusion Detection Sensor Threat Analysis. • Support for any one of McAfee IDS, Sourcefire IDS, Cisco IDS, Tipping Point IDS, Enterasys IDS, Juniper IDP and Fortinet IDS strongly desired. • The Operations team supports 24x7 and an off shift work schedule may be required. Qualifications IDS/IPS "Network analyst jobs" ; "Network security" ; "firewall analyst"; "network security position"; "network engineer"; "security engineer" Additional Information Should you have any questions, please feel free to call: ************ Aditika Sithta

Surescripts serves the nation through simpler, trusted health intelligence sharing, in order to increase patient safety, lower costs and ensure quality care. We deliver insights at critical points of care for better decisions - from streamlining prior authorizations to delivering comprehensive medication histories to facilitating messages between providers. Job Summary: The Director Business Information Security Officer (BISO) reports to the VP, Chief Information Security Officer (CISO) and acts as the primary liaison between Surescripts business units and the Information Security team. The BISO is responsible for understanding the unique business needs and risks of the organization and aligning them with security strategies and initiatives. The BISO plays a critical role in ensuring new products are launched with information security requirements embedded that align with company and information security policies and standards. The BISO will aid in the development, implementation and awareness of information security policies, manage risk, and ensure compliance with regulatory requirements. The BISO plays a crucial role in fostering a culture of security awareness and ensures that security measures are integrated into business processes. The BISO will be responsible for day-to-day operations to support and augment the CISO's overall responsibilities. The BISO plays a key leadership role in supporting the business and external customers. The BISO ensures business decisions are not obstructed by cybersecurity but instead are made using sound security principles and supporting corporate security policies and plans. Responsibilities: * Serve as a trusted advisor to the business on information security matters. * Work closely with Information Security leadership overseeing Identity and Access Management, Fraud and Crisis Management, merger and acquisition activities and any new business initiatives. * Keep abreast of current activity within the IAM and Fraud and Crisis teams and partner with team members for success. * Foster strong, collaborative relationships with internal business partners and external entities to maintain a strong network. * Enforce and influence strong security culture set forth by the CISO, ensuring uniformity across business units and employees. * Advise organization on enterprise-wide process and technology security recommendations. * Proactively gather and share pertinent information to effectively lead/engage in daily information security operations. * Lead the development and execution of crisis management plans and procedures. * Collaborate with external health care technology vendors, pharmacy partners, law enforcement, governmental entities and / and IT teams to ensure secure e-prescribing processes are being followed. * Assist with creating the Information Security department budget, monitoring expenditures, and ensuring alignment with the overall department budget. * Review customer contracts for appropriate information security language and requirements in partnership with Commercial Legal and Procurement. * Hold security leadership and teams accountable to consistently learn and share advanced knowledge and practices that promote excellence with the information security teams. * Maintain an up-to-date level of knowledge relating to security threats, vulnerabilities, and mitigations set forth to reduce the corporate attack surface. * Lead security projects and ensure they are delivered on time and within budget. * Proactively identify and remove complexity and obstacles that hinder efficient security controls enterprise wide. * Stay abreast of new laws, regulations, and standards, and assess their impact to the business. * Perform security due diligence for mergers, acquisitions, divestitures, and any new business initiatives. * Serve as the CISO representative when the CISO is not available, including making decisions usually made by the CISO. Qualifications: Basic Requirements: * Bachelor's degree in business administration, information assurance, or related technical field * 10+ years of related, progressive experience in cybersecurity management with at least 8+ years in an operationally focused security practitioner role. * 5+ years' experience working with business leadership and with fiscal responsibilities. * 3+ years' experience working with product and/or data teams to ensure that security is woven into each product based on company policies and standards. * 3+ years of experience handling tough conversations with customers. * 3+ years of people management/leadership experience. * Strong written and verbal communication skills across all levels of the organization. * Driven to build a strong, cohesive team and positive enterprise-wide security culture. * Proven high integrity, trustworthiness and confidence, and ability to represent the company and security leadership with the highest level of professionalism. * Ability to effectively manage stress in a constantly changing environment. * Strategic vision and ability to successfully collaborate with and influence others. * Strong project management and organizational skills. * Proven experience with National Institute of Technology (NIST) standards or California Consumer Privacy Act (CCPA) or Health Information Portability and Accountability Act (HIPAA) or HITRUST or SOC2 * Demonstrated understanding and comprehension of a wide range of cybersecurity solutions. Preferred Qualifications: * Master's or other advanced degree (MBA, information assurance, computer science, etc.) * 8+ years of related security systems administration. * Relevant certification/s such as CISSP, CISM, CRISC, CISA, or similar. * Experience with agile methodology and ability to negotiate to get work prioritized. * Experience using AI for business improvements. * Experience in a similar role with large, complex organization/s. * Experience in the healthcare industry. Travel: Within the U.S. as needed for meetings etc. #LI-HYBRID Surescripts embraces flexibility through its Flexible Hybrid Work model for most positions. This model allows employees to work virtually while still utilizing our offices as collaboration centers. With alignment and agreement from your leadership, you can come and go from the office as needed. To be considered for employment, applicants must have a valid U.S. work authorization allowing work without restrictions with Surecripts in the U.S. At this time, we are unable to provide support or provide sponsorship for immigration benefits such as work visas. Additionally, we do not participate in academic training programs or work-study programs through an academic institution that require employer endorsement of F-1/CPT or F-1/STEM. What You're Like You're technical. Analytical. Imaginative. Maybe you're building your own crypto-mining rig-or not. Either way, your mind works to anticipate vulnerabilities and protect the company and its information against those vulnerabilities. You do the right thing because it's the right thing without seeking to point fingers or brag. And of course, you're always willing to keep learning. What We're Like We're a team of friendly folks who do serious work. Our best work is done by rising to the occasion under stress, but we keep each other cool under pressure. We're a tight team but we also look for ways to partner across the business. Our style is casual and laid back, but we shoulder our responsibility to protect patient data from sophisticated adversaries, which sometimes means delivering a difficult truth. What the Work is Like Our challenge is to protect our customers' data and our company. This requires anomaly analysis, risk reviews, pen testing of our controls, red-teaming and tabletops, policy and procedure work, documentation, and audits. We also engineer and maintain our security products and tools. It's not always a typical 9-to-5 gig, of course, but then again, you work in information security, so you already know that. Why Wait? Apply Now We're a midsize company. This means you're not just another employee ID number. Here, you can build real relationships and feel supported by truly awesome people with diverse backgrounds and talents in an innovative and collaborative work culture. We strive to create an environment where you can be yourself, share your ideas and work your way. We offer opportunities for employee development, as well as competitive compensation packages and extensive benefits. At Surescripts, base pay is one part of our Total Rewards Package (which may also include bonus, benefits etc.) and is determined within a range. The base pay range for this position is $199,900 - $244,300 per year. Your base pay may vary within or outside of this range depending on a number of factors, including (but not limited to) your qualifications, skills, experience, and location. Benefits include, but are not limited to, comprehensive healthcare (including infertility coverage), generous paid time off including paid childbirth and parental leave and mental health days, pet insurance, and 401(k) with company match and immediate vesting. To learn more, review the Keep You and Yours Healthy, Balancing Work and Life, and Where Talent Takes Shape links under the Better Benefits. Better Work. Better Life section of our careers site. Physical and Mental Requirements While performing duties of this job, an employee may be required to perform any, or all of the following: attend meetings in and out of the office, travel, communicate effectively (both orally and in writing), and be able to effectively use computers and other electronic and standard office equipment with, or without, a reasonable accommodation. Additionally, this job requires certain mental demands, including the ability to use judgement, withstand moderate amounts of stress and maintain attention to detail with, or without, a reasonable accommodation. Surescripts is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate on the basis of race, color, religion, age, national origin, ancestry, disability, medical condition, marital status, pregnancy, genetic information, gender, sexual orientation, parental status, gender identity, gender expression, veteran status, or any other status protected under federal, state, or local law.

XDIN subsidiary of ALTEN Group, includes 500 employees dedicated to the automotive engineering development. ALTEN is a Leader in Engineering & Information Technology system, and operates in over 21 countries (Europe, North America, Asia, Africa and Middle East) with more than 28,000 employees of which 88% are engineers. At XDIN, we are always looking for world-class talent to lead our global teams through commitment and dedication to our OEM and Tier I clients. We believe in quality support from concept through production, and delivering the best customer experience while at the same time attaining a great place to work! XDIN Offers Competitive wages, BOE. Major health, dental insurance benefits and vision savings plan. 401k, and basic life. Supplemental benefits such as short-term disability, accident, cancer and life insurance. Paid company holidays and earned time off. We place a high value on thought leadership. We want every employee to develop all the skills required to become an engineering and technology thought leader; contributing to the knowledge assets of our team and our clients. From day one, every consultant is trained and mentored to elevate their careers. Responsibilities: Performs network and application technical vulnerability assessments using vulnerability assessment tools. Performs penetration testing activities to detect vulnerabilities and attack chains. Utilizes penetration testing skills to conduct analyses to gather deeper situational awareness and provide greater security insight of the environment. Lead the Security Awareness efforts, including facilitating presentations on topics of relevance, evaluating and implementing awareness training Assist in network security efforts including Data Loss Prevention, Intrusion Prevention and SIEM analysis Test security measures including OS patches, system hardening, and application configuration Monitor, review and troubleshoot alerts Review, interpret and adapt customer, regulatory and corporate security and compliance requirements into technical design options Apply knowledge of technical, analytical skills to ensure the confidentiality, integrity, and availability of all information systems assets and ensure compliance with company policies, procedures, contractual, and regulatory requirements. Produce security policies, standards, and guidelines Perform security research Produce security risk advisories based on newly identified threats and risk assessment Assist in performing IT audit, third party evaluations, and risk assessment activities Requirements: Bachelor's degree in Information Technology, Computer Science or a related discipline Approximately 3 years' work experience in Information Security in an enterprise network (Internships and Co-Ops can be included) A recognized information security certification or accreditation such as Security+, CISSP, or CEH is a plus. Fundamental understanding of penetration testing techniques and technologies Fundamental understanding of application development security concepts such as OWASP Top 10 Vulnerabilities Fundamental understanding of Active Directory administration and Windows authentication Fundamental understanding of security technologies such as SIEM, IDS/IPS, Web filters, two-factor authentication, web application firewalls Fundamental understanding of Malware detection, analysis, exploitation, containment, and eradication techniques experience Experience with systems analysis including, but not limited to: Gathering requirements from stakeholders, Constructing RFP/RFQs, devising and planning proof-of-concepts, defining use and test cases, driving critical security infrastructure projects, creating cogent status reports for senior management, strong technical understanding of vulnerabilities, and how attackers can exploit vulnerabilities to compromise systems. Excellent verbal, written, and presentation skills; in particular, demonstrated ability to effectively communicate technical and business issues and solutions to multiple organizational levels internally and externally as needed Knowledge of security frameworks and governance such as NIST, ISO27000 series, HIPAA, GDPR, PCIDSS Solid analytical and problem solving skills; ability to think strategically and turn ideas into actions Familiarity with Project Management concepts. Familiarity with scripting languages such as Python Ability to work with little supervision and consistently deliver results The Location: This opportunity is based in Greensboro, NC.

Procom is a leading provider of professional IT services and staffing to businesses and governments in Canada. With revenues over $500 million, the Branham Group has recognized Procom as the 3rd largest professional services firm in Canada and is now the largest “Canadian-Owned” IT staffing/consulting company. Procom's areas of staffing expertise include: • Application Development • Project Management • Quality Assurance • Business/Systems Analysis • Datawarehouse & Business Intelligence • Infrastructure & Network Services • Risk Management & Compliance • Business Continuity & Disaster Recovery • Security & Privacy Specialties• Contract Staffing (Staff Augmentation) • Permanent Placement (Staff Augmentation) • ICAP (Contractor Payroll) • Flextrack (Vendor Management System) Job Description Sr. Security Analyst On behalf of our client, Procom Services is searching for a Sr. Security Analyst for a contract opportunity in Durham, NC. Sr. Security Analyst Job Details Responsible for user account administration in a multi-platform environment and ensure that administration procedures are aligned with overall Information Security policies and standards. Assist in the development of access controls to safeguard customer systems against accidental or unauthorized modification, destruction or disclosure. Maintain user access to securable customer system resources (UNIX, OS390 Mainframe, iSeries, Windows / Active Directory, Outlook Exchange) performing tasks such as: creation / configuration of user logon Ids and updating access control lists, access provisioning and access removals and access terminations. Perform detailed analysis of access requests/processes and provide recommendations for improvement to senior team members and Information Security management. Educate information / resource owners in the implementation of necessary information security controls. Perform standard and non-standard processing of security authorization requests. Work with resource owners to determine appropriate security policies for securable customer resources. Provide on-call support for after-hours system access issues and troubleshoot system access problems and failures. Report suspected information security misuse to manager or director. Assist resource owners and IT staff in understanding and responding to security access exceptions. Sr. Security Analyst Mandatory Skills - Bachelor's degree in Computer Science. - 2 years of security administration experience, or related technical system administration experience. - In lieu of degree 5 years of security administration experience. - Familiarity with audit and risk-related methodologies; such as COBIT and HIPAA. - Systems administration experience within other aspects of IT - Demonstrated security administration experience on two or more platforms (UNIX, OS390 Mainframe, iSeries, Windows / Active Directory, Outlook Exchange) - Demonstrated experience working with a managed services organization. - Demonstrated experience working with a request ticketing system, such as Triole. - Strong analytical and problem-solving skills. - Ability to present and discuss technical information to users with varying technical expertise. - Proven ability to work under stress in emergencies. Flexibility to handle pressure from many directions simultaneously. - Must be detail-oriented with a high level of accuracy. - Excellent written and verbal communication skills. - Demonstrated ability to develop and maintain collaborative working relationships across multiple teams. - Strong customer focus and the ability to manage customer expectations. - Must have strong team-oriented interpersonal skills and the ability to effectively interface with a wide variety of people. - Demonstrated commitment to continuous process improvement. - CISSP, CISA, or other security / audit / field related certifications a plus Sr. Security Analyst Start Date ASAP Sr. Security Analyst Assignment Length 7+ months Additional Information All your information will be kept confidential according to EEO guidelines. Please send your resume in Word format only.

Details: Stefanini Group is hiring! Stefanini is looking for a Cyber Defense Incident Responder, Senior (Level 3) in Greensboro, NC (Onsite) For quick apply, please reach out to Krisha Lago Call: ************** / Email: ************************* Work Location 7900 National Service Road Greensboro, NC 27409 Job Title: Cyber Defense Incident Responder, Senior (L3) Days are M-F, 2pm to 10pm Eastern time Training (During first month of the job): M-F, 10am to 6pm Eastern time As a Senior Cyber Defense Incident Responder within the Global Cybersecurity Operations Center (CSOC) you will play a crucial role as a key technical expert responsible for managing and responding to advanced cyber threats, conducting in-depth investigations, and supporting the overall security posture of The Company. This role combines hands-on technical expertise with mentoring responsibilities, ensuring effective threat detection, incident response, and continuous improvement of SOC capabilities. What you will do: Analyze and respond to complex security incidents and alerts generated by SOC tools (e.g., SIEM, EDR, IDS/IPS) Investigate and resolve escalated incidents from Level 1 and Level 2 analysts, ensuring swift containment and remediation Lead investigations into cybersecurity incidents, including malware infections, data breaches, and insider threats Perform digital forensics to collect, analyze, and preserve evidence for legal or compliance requirements Provide incident reports with detailed root cause analyses and actionable recommendations Use threat intelligence to identify patterns and indicators of compromise (IOCs) relevant to the organization Work closely with junior analysts to provide guidance, training, and mentorship, fostering a culture of growth and knowledge-sharing Collaborate with IT, cybersecurity, and business stakeholder teams to implement and improve security controls Support the continuous improvement of SOC processes, tools, and technologies to enhance efficiency and effectiveness. Identify gaps in detection and response capabilities and recommend improvements to SOC leadership. Details: In this role, you will bring: Bachelor's degree in Computer Science or a related 4-year technical degree Minimum 7 years of experience in supporting cyber defense operations in highly complex enterprise networks. Experience in SOC, SIRT, or CSIRT capacities One or more of the following certifications: GIAC Certified Intrusion Analyst, GCIH Certified Incident Handler, GCIA Certified Intrusion Analyst, CISSP Experience in enterprise cybersecurity environment investigating targeted intrusions through complex network segments Expert understanding of Advanced Persistent Threat (APT), Cybercrime, and Hacktivist tactics, techniques, and procedures (TTPs) Subject Matter Expert in cybersecurity principles, threat lifecycle management, incident management Comprehensive knowledge of various operating systems (Windows, OS X, Linux), network protocols, and application layer protocols Demonstratable experience in scripting languages (may include Powershell, Python, PERL, etc.) Understanding of the Cyber Kill Chain methodology, the NIST framework, the MITRE ATT&CK framework, and SANS Critical Security controls Working knowledge in modern cryptographic algorithms and systems Experience working with and tuning signatures, rules, signatures, and security technologies (IDS/IPS, SIEM, Sandboxing tools, EDR, email security platforms, user behavior analytics Network design knowledge including security architecture Strong analytical and technical skills in network defense operations including experience with incident handling (detection, analysis, triage) Conceptual understanding of cyber threat hunting Prior experience and ability analyzing cybersecurity events to determine true positives and false positives. Including cybersecurity alert triage, incident investigation, implementing countermeasures, and managing incident response Previous experience with SIEM platforms and log aggregation systems that perform collection, analysis, correlation, and alerting Ability to develop rules, filters, views, signatures, countermeasures, and other cyber defense platforms as well as the ability to support analysis and detection continual improvement Knowledge of new and emerging cybersecurity technologies Ability to create technical documents as well as stakeholder sitreps and briefing documents Preferred Qualifications: Deep Cybersecurity Operations Center experience in the following: intelligence driven detection, security principles, threat lifecycle management, incident management, digital forensics and investigations, network monitoring, endpoint monitoring, OT security principles CSOC Process Management experience, to include: process and procedure management, CSOC initiative management, continual operational improvement Preferred certifications: CISSP, GCIH, GCIA, Linux+, CCNA, CCNP Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to both business leaders/key stakeholders as well as technical teams and SMEs Demonstrated knowledge in cyber defense policies, procedures, and regulations Knowledge of cyber vulnerability management processes Knowledge of common user and system authentication and authorization mechanisms Listed salary ranges may vary based on experience, qualifications, and local market. Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied. We also speak with you about the process including interviews and job offers. About Stefanini Group The Stefanini Group is a global provider of offshore, onshore, and nearshore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence. We are a CMM Level 5 company. #LI-KL1 #LI-ONSITE

Ask IT Consulting Inc. visualizes itself as a leader in IT services and staffing in coming years. With strong dedication and commitment of our employees, we would surpass all our competitors establishing the wider channel of media marketing building a better connection with clients. Job Description Hi, This is Sumit with Ask ITC Inc. which is backed by a $500 million Microtek group company, provides an industry leading blend of technology, business consulting, and outsourcing services. Ask IT is a minority-owed enterprise; it has been founded on providing the highest quality possible and on the devotion to customer satisfaction. Position : Information Security (Guardium) Location : Raleigh NC Duration 12 + Months Short Description: The NCDOT IT Information Security Office (ISO) requires a senior information security professional, specializing in database vulnerability and threat management (VTM) utilizing and administrating IBM Guardium. Complete Description :* The NCDOT IT Information Security Office (ISO) requires a senior information security professional, specializing in database vulnerability and threat management (VTM) and monitoring for all NCDOT IT database systems. A majority of this resource's responsibilities will be vulnerability tool administration, setup and scheduling, vulnerability assessment and risk ranking for critical IT database systems. This resource should possess senior technical skillsets as well as senior soft skills as this resource will lead database VTM efforts and strategy for the agency. This resource should possess senior skillsets in preparing reports and presentations to senior management on the status, rate of improvement and overall efficacy of database VTM and monitoring efforts across an enterprise. This resource must have experience administrating, utilizing and designing implementations of IBM Guardium on mainframe DB2 and distributed systems. Thanks and Regards, Sumit Gupta Technical Recruiter | ASK IT Consulting Inc. Women Owned Minority Certified Enterprise Address: # 33 Peachtree Court Holtsville, NY 11742 Phone: *************** Ext- 4401 Fax: *************** E: sumit.guptaaskitc.com|W: **************

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

**City** Greensboro **Role Type** Permanent **WHO WE ARE** ITG Brands is the third-largest tobacco company in the USA with offerings of some of the most well-known cigarette, cigar, and e-vapor brands. As a member of the globally recognized Imperial Brands PLC family, we are a forward-thinking partner with operational integrity. ITG Brands is committed to putting consumers at the center of what we do, while creating an innovative workplace where inclusion, creativity, and bold thinking drive progress. This empowers us to bring our true selves to work, to collaborate more effectively through showing our passion and being confident to bring new ideas to the table. We are not afraid to seize opportunities and make things happen - both individually and collaboratively. We strive to exceed expectations by seeing things differently and doing things differently. This truly is a place where we all share a challenger mindset which drives our success. **What You Will Do** The **IT Financial Analyst** reports to the IT Finance Business Partner and is responsible for ensuring accurate financial tracking, reporting, and compliance for IT projects within the Global IT organization. This role focuses on managing IT spend, maintaining strong financial controls, and providing clear, timely communication to stakeholders. **What You Will Do** + **Financial Reporting & Forecasting:** Deliver timely, accurate reporting of IT project costs; analyze variances between actuals, forecasts, and budgets; provide insights on key drivers. + **Cost Management:** Ensure complete and accurate cost capture in SAP, including allocations, recharges, accruals, and PO support. + **Compliance & Controls:** Confirm CapEx/OpEx classification aligns with Group Accounting Policy; maintain internal controls and support audits. + **Stakeholder Collaboration:** Work closely with IT project managers, procurement, and finance teams to validate forecasts, ensure POs are in place, and apply correct accounting treatment for IT contracts, licenses, and vendor payments. + **Asset Management:** Support IT asset capitalization and depreciation forecasting; maintain and reconcile the IT Fixed Asset Register. + **Process Improvement:** Identify and implement opportunities to simplify and automate reporting and financial governance processes. + **Tools & Analysis:** Utilize SAP and other ERP systems; develop financial models and automated reporting solutions using Excel or similar tools. **What We're Looking For** + Strong accounting and financial analysis experience, ideally within IT or technology environments. + Hands-on experience with SAP and ERP systems. + Skilled in data analysis, financial modeling, and building automated reporting solutions. + Ability to work across multiple geographies and time zones, with strong communication and stakeholder management skills. + Detail-oriented, proactive, and comfortable driving process improvements. **Qualifications** - REQUIRED MINIMUM QUALIFICATIONS: The IT Finance Investment Analyst must have the following level of experience. + Qualification in Accounting, Finance, or a related field; CIMA, CPA or equivalent qualification. QBE will be considered + 2-5 years of relevant experience in accounting, financial analysis, or project finance, preferably with exposure to IT or capital investment environments. + Strong understanding of IFRS, especially related to asset capitalisation and treatment of software costs. + Experience working with SAP. + Proficient in Excel (e.g. Pivot tables, XLOOKUP etc) & knowledge of Power BI is an advantage. + Strong analytical mindset and attention to detail. + Excellent communication and collaboration skills. + Ability to work independently in a fast-paced, deadline-driven environment with multiple stakeholders across different geographic locations. - PREFERRED QUALIFICATIONS: It is preferable that the IT Finance Investment Analyst has the following: + Familiarity with IT project lifecycle and technology investment planning. + Experience working in a large corporate environment. **Work Environment and Physical Demand** **What We Offer** - Competitive benefits package that includes medical/dental/vision/life insurance/disability plans - Dollar for dollar 401k match up to 6% and 5% annual company contribution - 15 Company-paid holidays - Generous paid time off - Employee recognition and discount programs - Education assistance - Employee referral bonus program - Hybrid workplace - remote / in office - Summer hours - Casual dress policy Monday through Friday **Applicant Information** This describes the essential functions of the job at the time the was created, but it is not an exhaustive list of tasks, duties and responsibilities. In addition, the position may evolve or change over time and such changes may not be reflected in the job description until it is next updated. **ITG Brands and ITG Cigars provides equal employment opportunities.** All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you have a concern about discrimination in the application or hiring process or you need an accommodation based on religion, disability or pregnancy in the application or hiring process, please contact us at ******************************* . **SHARE THIS JOB** The posting for the position for which you are applying highlights key aspects of the position only. It is not a complete description of the position. All candidates must consent to an independent investigation of their background, references, past employment, education, criminal record, and drug screening. Results of such background checks will be reviewed on a case-by-case basis, giving consideration to the nature of the information reported and its relevance to the specific job being sought before a decision is made using this information. ITG Brands and ITG Cigars provides equal employment opportunities. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you have a concern about discrimination in the application or hiring process or you need an accommodation based on religion, disability or pregnancy in the application or hiring process, please contact us at ******************************* (Talen%74Acquisition%40%69t%67b%72ands.%63om) . We collect personal information from you in connection with your application for employment with ITG Brands or ITG Cigars. For more information, please see our Privacy Policy (****************************************** . If you are a job applicant from California, additional information can be found on our California Applicant Privacy Notice (******************************************************* . If you have questions, contact us atprivacy@itgbrands.com (priv%61%63y@i%74gb%72ands.co%6D) .

EmTacq specializes in EMployer Talent ACQuisitions, matching the most qualified candidates with the most competitive positions available. We pride ourselves on not just putting bodies in seats, rather matching professionals to their careers. We are headquartered in the Raleigh / Durham, NC area. However, as a recruiting agency we service companies and candidates across the United States. We are your best source for professional, value driven low cost recruitment services. Job Description The Lead Information Security Engineer will be responsible for designing and implementing a process to analyze the design of technology solutions for threats, attacks, and vulnerabilities that could affect the control environment. Must be a subject matter expert (SME) with strong collaboration skills to work with cross functional teams to ensure the design of technology solutions complies with information security policies, and regulatory obligations. The Lead Information Security Engineer must have the ability to identify, document, and recommend security safeguards and configurations in a highly complex environment with a demonstrated ability to recognize, and appropriately incorporate layered security safeguards within the network, application, and data layers from a defender's perspective. In this role you must be a positive professional, adaptable, pragmatic, and who is comfortable in delivering clear and concise information at both a technical and managerial level. Responsibilities: Design and implement a process to analyze the design of technology solutions for threats, attacks, and vulnerabilities that could affect the client's control environment. Review and approve security configuration checklists (e.g., hardening or lockdown guides) for technology platforms and solutions (e.g., operating systems, databases, firewalls, etc.) Provide security consulting services internally to the engineering organization by giving guidance and functioning as an information security SME. Must have the ability to identify, document, and recommend security safeguards and configurations in a highly complex environment with a demonstrated ability to recognize, and appropriately incorporate layered security safeguards within the network, application, and data layers from a defender's perspective. Qualifications Required Experience *5+ years of experience in one or more of the following information security domains: access management, cryptography, data loss prevention (DLP), emerging technologies (i.e., cloud, mobile, etc.), endpoint security, incident response, malware analysis and protection, network and perimeter security, or web and mobile application security. *5+ years of experience analyzing the design of technology solutions using common industry frameworks such as DREAD, SSE-CMM (ISO/IEC 21827), STRIDE, or other risk assessment models. *5+ years of working knowledge of various industry security standards and frameworks including: ISO 27001, ISF Standard of Good Practice (SoGP), NIST Special Publications, etc. *5+ years of working knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses. *Teamwork and communication skills, both written and verbal. Preferred Experience *Bachelor's degree in Computer Science, Information Systems, or related field. 8+ years of equivalent work experience required in lieu of degree is acceptable. *Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, CEH, or other relevant industry certification strongly preferred. Additional Information Equal Employment Opportunity Our client is proud to be an equal opportunity/affirmative action employer. We are committed to attracting, retaining and maximizing the performance of a diverse and inclusive workforce. It is their policy to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, creed, religion, national origin, alienage or citizenship status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information or any other basis protected by law.

Locus is a nimble, experienced consulting team specializing in information security, cloud computing, networking, and infrastructure. We have extensive experience delivering technology solutions in the Network, Cloud, and Security arenas to some of the largest companies in the world. Candidates are treated like unique individuals, not a commodity, and our career experts are committed to understanding all aspects of a candidate's wants and needs in order to find the best possible fit. We are laser-focused on winning together and supporting both our internal team and clients alike for long-term shared success. We take a full-service approach with our process, understanding our clients and candidates needs to find the right fit from a skillset and a cultural perspective. People are at the cornerstone of what we do, and we'd love to hear from you. Locus is currently searching for an Information Security Engineer for our client. This is a full time perm exempt role. SUMMARY: Responsible for protecting the organization's computers, networks, and data against threats, such as security breaches, computer viruses, or attacks by cyber criminals. This position oversees the planning, development, coordination, implementation, and management of all Information Security functions and measures to regulate access and usage of Customer Information Systems in accordance with established company policies, standards and procedures. The Information Security Manager regularly interfaces with other department heads in matters pertaining to information security awareness and keeps abreast of changes in regulatory and compliance issues, which affect all phases of information security and Customer. This position is also responsible for administration of corporate Business Continuity Program. ESSENTIAL JOB FUNCTIONS: Develops Information Security (IS) architecture/designs, plans, controls, processes, standards, policies, and procedures to ensure alignment with IS standards and overall IS security strategy Develop, implement, and manage security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information Determines user requirements, plans projects, establishes priorities, and monitors progress Manages the evaluation and testing of hardware, firmware, and software for possible impact on systems security Maintains and monitors user access control for bank systems Coordinates with other managers to integrate IS project components with other projects including application delivery, network, server, and hosted solutions Manages and coordinates the enterprise Vendor Risk Management Program Manages and coordinates Corporate Business Continuity Program Communicate best practices and risks to Customer Perform a risk assessment of Customer's vulnerabilities in the cybersecurity landscape and develop Customer's risk appetite for Information Security Develop key risk indicators and dashboard metrics reporting to both the management team and the Board of Directors JOB REQUIREMENTS: Bachelor's Degree from an accredited university in the field of Audit, MIS, Computer Science or related field of study Prior Information Security experience at a Financial Services company Familiarity with Financial Services regulations Familiarity with Federal Financial Institution Examination Council (FFIEC) guidance Prior management experience Certified Secure Software Lifecycle Professional (CSSLP) and/or Certified Information Security Manager (CISM) certification KNOWLEDGE/SKILLS REQUIRED: Knowledge of financial services industry and all applicable regulations and industry standards Advanced ability to engineer security solutions Intermediate relationship management skills Intermediate knowledge of cybersecurity strategy management Advanced cybersecurity monitoring and reporting skills Advanced knowledge of security incident handling Advanced knowledge of security risk assessment methodologies Excellent customer service skills Strong verbal and written communication skills High level of attention to detail, with strong problem solving & organizational skills Ability to perform effectively in fast-paced environment PHYSICAL AND MENTAL QUALIFICATIONS: Standing, walking, bending and stooping required Must be able to sit at a desk for long periods of time and use a computer Must be able to occasionally move or lift up to 10 pounds May be asked to work supplemental hours periodically Limited travel required during and after business hours The above statements are intended to describe the general nature and level of work being performed by the incumbent assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and/or skills required of all personnel so classified. NOT A CONTRACT

Description Junior Security Analyst- 3rd Shift The Company: Varonis (Nasdaq: VRNS) is a leader in data security, fighting a different battle than conventional cybersecurity companies. Our cloud-native Data Security Platform continuously discovers and classifies critical data, removes exposures, and detects advanced threats with AI-powered automation. Thousands of organizations worldwide trust Varonis to defend their data wherever it lives - across SaaS, IaaS, and hybrid cloud environments. Customers use Varonis to automate a wide range of security outcomes, including data security posture management (DSPM), data classification, data access governance (DAG), data detection and response (DDR), data loss prevention (DLP), and insider risk management. Varonis protects data first, not last. Learn more at **************** The Role: We are seeking a driven MDDR Security Analyst to join the forefront of our data security mission- working 24x7 to monitor, triage, investigate, and escalate incidents where data is at risk and to ensure we meet operational SLAs. Data is the #1 target of attackers, and Varonis' Managed Data Detection and Response (MDDR) customers entrust our team with the security of their data. They will develop a deep understanding of the Varonis platform and related technologies. This role demands knowledge of security ecosystems (ex. SIEM, SOAR, ITSM, EDR, IPS/IDS, Active Directory, DNS, IAM/PAM, etc.) and enterprise security operations. The Location: We are considering candidates who are located within physical proximity to Raleigh, North Carolina. The Requirements: 1-3 years of experience in cybersecurity Degree or certification(s) in cybersecurity and/or proven ability to execute across cyber security operations disciplines, including monitoring, detection, investigation, and incident response. Proven success in contributing to a team-oriented environment. Strong analytical and creative problem-solving skills. Excellent communication skills (written and oral) and interpersonal skills (colleagues and customers). Attention to detail and the capability to deliver outcomes autonomously. Knowledge of common security technologies and tools including network-based (firewall and IDS), host-based (EDR and AV), data-based (DLP and DSPM), and identity-based (PAM and IAM), gained through experience or study. Knowledge of operational information security disciplines including alert monitoring, threat detection, incident response, security infrastructure management, and system and architecture hardening, gained through experience or study. Demonstrated ability to learn new skills and technologies swiftly. Proficiency in critical thinking and problem-solving for complex issues. The Responsibilities: Monitor and respond to detections within the Varonis platform. Conduct thorough triage of Varonis detections through critical analysis and investigative methodologies. Validate findings and coordinate investigative and response efforts with customers and internal teams. Document and communicate investigative findings effectively, including tracking in CRM and related systems. Assist in the development, documentation, analysis, testing, and modification of Varonis' threat detection systems, playbooks, and runbooks. Logistics: Shifted Schedule: Sunday to Wednesday, or Wednesday to Saturday. 12-hour shifts with one 1-hour break and two 30-minute breaks. Night shift (9pm to 9am EST). 6 weeks of dedicated new hire training. MDDR Security Analysts are expected to complete Sec+ and CySA+ training within their first year. Work visa sponsorship is not available. We invite you to check out our Instagram Page to gain further insight into the Varonis culture! @VaronisLife Varonis is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective-C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and Jquery mobile. Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us. We make sure that we deliver performance-driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change. Job Description Below is the skillset details. Pls provide profiles ASAP. You may also consider the ones you shared with me on the other thread for PPD to see if there is a match. IT Security professional with at least 10 years of professional experience. Must be at least engineer level with desire to move to or currently at architect skill level. Technical experience and fluency should be in the below areas: • Firewall/UTM/IDPS - Fortigate • client server communication and flow in protocols like FTP, e-mail, web, DNS, etc. • Endpoint Protection - Symantec/TrendMicro • Identity and Access Management and Monitoring - Okta/Azure SSO • Security of data at rest and in motion • Knowledge of implications to security in SaaS, IaaS • Vulnerably and Threat Management - Qualysguard • Security Information and Event Management (SIEM) - HP Arcsight • Mobile device security Good communication skills, collaborative spirit, solid analytical skills, adaptability and flexibility to step into other areas outside of core skill set. Candidate should be passionate about security. Additional Information Thanks and Regards, Ankur Bhatia

Company Description INENT Inc. focuses on understanding, addressing and resolving Talent Acquisition, Engagement and Management needs. The core team has over many years of experience in a variety of industries and management disciplines. We serve our clients with the highest level of service standards, never compromising our integrity and commitment to excellence. The products and services are targeted at niche markets in information technology, health care, Financial Services, government, education and other industries. INENT Services Includes: • Software Development The services offered cover Custom Software Development, Application Development, Web Application Development, Software Outsourcing, Website Design and Software Maintenance. Our goal is to deliver premium quality software development services and products while giving unmatched value to enterprises worldwide at an affordable cost. • Staffing Solutions: INENT, Inc. provides full implementation, upgrade, support and staff augmentation services Job DescriptionRole: Oracle Apps Techno-Functional IT Analyst Location: RTP, NC Duration: 6 months+ Pay Rate: CtC JD: • Candidate must have work as an IT Analyst. • Strong Systems/Solution Analyst with R12 Service Agreement and Install base experience. • Strong experience in SA/IB Integrations (Out of the Box) and should be able to map with Cisco custom processes. • Good in Impact Analysis and work with Cross functional, IT and Business teams. • Good understanding of Oracle CRM Architecture and data flow • Cisco Experience is preferred Qualifications Role: Oracle Apps Techno-Functional IT Analyst Location: RTP, NC Duration: 6 months+ Pay Rate: CtC JD: • Candidate must have work as an IT Analyst. • Strong Systems/Solution Analyst with R12 Service Agreement and Install base experience. • Strong experience in SA/IB Integrations (Out of the Box) and should be able to map with Cisco custom processes. • Good in Impact Analysis and work with Cross functional, IT and Business teams. • Good understanding of Oracle CRM Architecture and data flow • Cisco Experience is preferred Additional Information Thank you Bhanu Inent Inc (Innovative Enabling Technologies Inc ) Tel: ************ * 127 Fax No: ************ email: ************************ ****************

The Security & Compliance Unit (S&C) within the Office of Information Technology (OIT) oversees the cybersecurity of the University's systems and data in a manner consistent with industry best practices and the University's IT compliance and IT risk management obligations. S&C develops and ensures compliance with cybersecurity policies/regulations/procedures, supports and oversees implementation of strategic information security initiatives, provides operational security services, and provides campus-wide vendor risk and license management. S&C is also the functional lead for the university's identity and access management program. S&C's overall responsibilities include the following: * Development/maintenance of the university's cybersecurity strategic plan and roadmap * Implementation of strategic cybersecurity initiatives * Operational security services * Coordination of IT resilience efforts and change management processes * Manage the University wide operational cybersecurity services * Establish, review, and enforce university-wide IT and cybersecurity policies, standards, and procedures, while also ensuring compliance with federal/state regulations and contractual obligations. * Campus-wide IT vendor risk and license management Wolfpack Perks and Benefits As a Pack member, you belong here, and can enjoy exclusive perks designed to enhance your personal and professional well-being. As you consider this opportunity, we encourage you to review our Employee Value Proposition and learn more about what makes NC State the best place to learn and work for everyone. What we offer: * Medical, Dental, and Vision * Flexible Spending Account * Retirement Programs * Disability Plans * Life Insurance * Accident Plan * Paid Time Off and Other Leave Programs * 12 Holidays Each Year * Tuition and Academic Assistance * And so much more! Attain Work-life balance with our Childcare benefits, Wellness & Recreation Membership, and Wellness Programs that aim to build a thriving wolfpack community. Disclaimer: Perks and Benefit eligibility is based on Part-Time or Full-Time Employment status. Eligibility and Employer Sponsored Plans can be found within each of the links offered. Essential Job Duties The Chief Information Security Officer (CISO) reports to the Vice Chancellor for Information Technology and Chief Information Officer (CIO) and leads the Security and Compliance Unit (S&C) in the Office of Information Technology (OIT). The CISO is a member of the OIT Leadership Cabinet and works closely with senior administration, academic leaders, and the campus community to optimize the security posture of the university. The CISO is responsible for developing, implementing and maintaining the university's comprehensive cybersecurity program that ensures the confidentiality, integrity, and availability of university data and technology resources. This program utilizes industry best practices and employs a range of policy, procedural, and technological controls to manage risk to NC State University's information assets. The CISO leads a cybersecurity program that harnesses collaborations and campus-wide resources, promotes effective cybersecurity governance, advises senior leadership on strategic cybersecurity direction and resource investments, and develops policies to effectively manage IT and cybersecurity risks. The CISO is responsible for managing the S&C portfolio within its operating budget of over $5 million as well as overseeing VRLM's maintenance and negotiation of licenses totaling over $12 million. List of Primary Responsibilities: Leadership, Training and Collaboration (40%) * Provide leadership and oversight of activities and services related to the S&C unit. The current structure is comprised of: * Cybersecurity Operations (Director and 9 staff including Security Operations Center): * Secure Computing * Data Protection * Intrusion Detection/Prevention * Logging, Monitoring, Alerting * Multi Factor Authentication Solutions * Network Security Monitoring * Password Vault Management * SIEM (Security Information & Event Management) Operations * Endpoint Security: Endpoint Detection and Response, Antivirus * SSL Certificate Management * Vulnerability Scanning and Pen Testing * Web Application Security Testing * General Security Consultation, Security Architecture and Review * Security Incident Response and Investigation * Digital Forensics * Security Incident & Response * Security Operations Center (Manager and 3 staff) * Information Security, Risk and Assurance (Director and 7 staff): * Security Consulting and Education * Data Management * IT Risk Management * Security Awareness and Training * Security Liaison Team Program Management * Identity and Access Management * Security Policy and Compliance * Access Reviews * Internal & External OIT Audit Coordination * Litigation Holds/eDiscovery and Records Retention * Research Data Security Consultation & Evaluation * Security Compliance Program Development, Management and Continuous Assessment * Security Policy, Regulations, Rules, and SOP Development * Vendor Risk & License Management (Associate Director & 2 staff) * License Asset Management * Analyzes campus needs, interests and directions, and then tailors the software licensing program to meet those needs * Lead enterprise license coordination * Collaborates with UNC-System Office on university system-wide software licenses * Manages OIT licensing maintenance reviews and renewals * Manage the software inventory management system * Manage the software distribution to stakeholders * License Risk Assessment * Click-wrap Agreement Risk Assessment * Non-Negotiable Hard Copy License Review * IT Purchase Compliance Management * Manage the review process to ensure that IT purchases comply with university, State and Federal regulations and/or guidelines. * Manage the SAS Grant Administration * Ensure ongoing collaboration with OIT units, colleges, administrative units and key constituents such as data stewards, data trustees, the Office of General Counsel, Internal Audit, and Emergency Management & Mission Continuity regarding overall cybersecurity requirements. * Provides regular updates to the VCIT/CIO and other University leaders regarding cybersecurity matters, including ongoing program reporting and incident reporting. * Serve as co-chair of the Research Controlled Unclassified Information (CUI) Security Compliance Committee and Guest/Affiliate Steering Team. * Serve on a number of committees as a member or in an advisory capacity (e.g., Strategic IT Committee (SITC), Campus IT Directors, Enterprise Risk Management Advisory Team, Data Steward Committee, Data Governance Council, etc.). * Serve on the UNC Information Security Council and establish collaboration and partnerships with the colleges/universities in the UNC system. * Facilitate NC State's annual self assessments with the UNC security framework and policy requirements * Be an active participant in the appropriate national organizations such as EDUCAUSE and be involved with collaboration and engagement in security initiatives. * Provide leadership to the Cybersecurity Awareness Team and ensure functionality of the Cybersecurity Liaisons program to assist with maintaining a secure university landscape and resulting project priorities. * Lead the development of the annual presentation to the University Board of Trustees regarding the university's security threat and risk landscape Strategic Practice and Policy (35%) * Provide executive responsibility and expert oversight for strategies, plans, policies, processes and operations that safeguard the security of technology systems and university information, regardless of format or medium (electronic, paper, etc.). * Lead the continuous enhancement of a 3-5 year university cybersecurity strategic plan and roadmap that addresses needed resources (people, processes, technology) for a secure university environment and is prioritized using a developed risk management process. * Engage with university leaders to communicate vision and drive information security programs and concepts into all business processes and programs. Partners with executive leadership in achieving successful delivery of the following functional areas of Security: Governance and Policy, IT Risk Management, Compliance Management, Identity and Access Management, Endpoint Security, Security Operations, Vulnerability Management, Security Training and Awareness, Application Security, Cybersecurity Assessments and Testing, Cybersecurity Analytics and Cybersecurity Portfolio Management. * Manage the university's information security governance processes and provide leadership to the Information Security Advisory Group Security Operations, Risk Management and Compliance (25%) * Collaborate with university leadership to develop and foster a culture supporting a high-level of cybersecurity and compliance in university activities, while ensuring actions are appropriately measured against university philosophies, attitudes, and its research and education missions. Provide leadership and guidance for the secure use of Artificial Intelligence (AI). * Work closely with the research community in exploring new and novel approaches to cybersecurity within networking, data management systems, software development, federation and identity management, and other research instruments and platforms. * Develop and maintain strategic external relationships and partnerships to support and improve cybersecurity and compliance. Other Responsibilities * Other duties as assigned. Qualifications Minimum Education and Experience * Requires a relevant post-baccalaureate degree with a minimum of three (3) years or greater of related professional experience, or a relevant undergraduate degree and a minimum of five (5) years or greater of relevant experience may be substituted for the advanced degree, or equivalent professional training in a closely related field and level of leadership. Other Required Qualifications Required Leadership Skills * Clear demonstration of balancing the business, technical, compliance and cultural risks to help make decisions that support the university mission and improve success. * Relevant experience in a senior cybersecurity information and technology leadership position (Chief Information Security Officer or Deputy Chief Information Security Officer or other key leadership experience in Cyber related leadership) managing and supporting a staff of professionals dedicated to cybersecurity, or the ability to address ways in which current experience is relevant. * Proven leadership, communication, presentation and problem solving skills. * Proven ability to enhance and/or implement an enterprise-wide information security education and awareness program. * Excellent written and verbal communication skills and high level of personal integrity * Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams. Required Technical Skills * Demonstrated experience in overseeing the establishment, implementation, and management of an established information security program. * In-depth knowledge of cybersecurity principles, information auditing principles, cybersecurity policy and compliance and IT risk management. * Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST Cybersecurity Framework and 800-series, CIS Controls, etc.. * Broad understanding of IT and cybersecurity related compliance obligations such as FERPA, GLBA, HIPAA, PCI, DFARS/CMMC and federal/state records retention requirements. * A broad understanding of all IT service functions, such as technical security, network engineering, application development, server administration, database administration, user account administration, identity and access management, endpoint device management and academic support. Preferred Qualifications * A minimum of eight (8) years of full-time experience in information security management and leadership * Experience in academia, with experience at a Research 1 university a plus * Possess the relationship skills, cultural awareness, and organizational prowess required to work effectively in a University setting * Professional Security Certification from at least one of the currently acceptable information security such as: * Certified Information Systems Security Professional (CISSP) * Systems Security Certified Practitioner (SSCP) * Certified Information Security Manager (CISM) Required License(s) or Certification(s) N/A Valid NC Driver's License required No Commercial Driver's License required No

We are a fast-paced business with ambitious growth plans; so if you are dedicated, enthusiastic and always seeking ways to improve, you'll enjoy a career with us! Ontic is a leading global aerospace OEM trusted by the world's aviation leaders. Ontic's Creedmoor, NC, site is home to a number of specialist companies within the Ontic Group, including Firstmark, Twin Commander, and Metro Merlin. With over 1,300 employees across four time zones and seven sites, we have more than doubled in size since 2019 and are continuing to grow at pace. Our team is looking for an IT Governance Analyst to join them. You will report to the IT Security & Governance Manager and will have an onsite work structure in Creedmoor, NC. To be considered for the IT Governance Analyst opening, here's what you'll need to bring with you: Strong understanding of governance frameworks and their implementation Experience in risk management and compliance In-depth experience with Microsoft 365 suite of tools Strong understanding of cybersecurity principles, general knowledge of cybersecurity technologies, and industry-recognised certifications Good understanding of ITAR rules and regulations Ability to make recommendations to remediate complex security threats General knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved Ability to be comfortable working on multiple, complex issues and projects within defined timelines Demonstrated understanding of compliance regulations and Information Security control frameworks and standards (i.e., NIST, UK GDPR, FedRAMP, CMMC, ISO 27001, PCI, SOX, HIPPA) Knowledge of physical cabling for network communications and control system Input/Output Ability to introduce and explain highly technical topics to non-technical audiences As an IT Governance Analyst, you will: Assist in the development and implementation of several IT and Cybersecurity frameworks across the enterprise Ensure compliance with all relevant security regulations and standards Monitor and report on adherence to governmental standards and security frameworks Identify risks from non-compliance and recommend mitigation strategies to manage those risks Implement mitigation strategies as directed Work closely with stakeholders to ensure a unified approach to standard adherence Assist and support in any audits of the company's adherence to various security standards; Specifically, ISO27001, Cybersecurity Maturity Model Certification (CMMC), NIST SP 800-171, NIST SP 800-171A, NIST SP 800-172, Sarbanes Oxley (SOX), and others. Knowledge of EASA would also be useful. Influence the development of policies and procedures to ensure they contribute to the maintenance of various regulatory standards Liaise with the Compliance department to ensure success across company boundaries Stay current and up to date with frameworks including ISO27001, CMMC, NIST, SOX, and others Successfully communicate identified risks to various stakeholders in a manner that they can most easily understand Support the daily maintenance activities and response where necessary Our Benefits: Comprehensive medical insurance Competitive PTO, holiday pay, and sick leave Company 401K plan with up to 4% matched contribution Annual bonus program (varies by level and discretionary based on company and individual performance) Flexible working arrangements Paid volunteering opportunities Access to mental health champions across our sites Commitment to development Employee referral program Salary Range: $105,000- $115,000/year, based on experience #LI-Onsite EOE/Minority/Female/Sexual Orientation/Gender Identity/Disability/Veteran Compensation Pay Range $105,000- $115,000/year, based on experience Please click here to review Ontic's California Consumer Privacy Act policy. Ontic Engineering and Manufacturing Inc. is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law. This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person ” as defined by 22. C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, asylee, or refugee.

We are a fast-paced business with ambitious growth plans; so if you are dedicated, enthusiastic and always seeking ways to improve, you'll enjoy a career with us! Ontic is a leading global aerospace OEM trusted by the world's aviation leaders. Ontic's Creedmoor, NC, site is home to a number of specialist companies within the Ontic Group, including Firstmark, Twin Commander, and Metro Merlin. With over 1,300 employees across four time zones and seven sites, we have more than doubled in size since 2019 and are continuing to grow at pace. Our team is looking for an IT Governance Analyst to join them. You will report to the IT Security & Governance Manager and will have an onsite work structure in Creedmoor, NC. To be considered for the IT Governance Analyst opening, here's what you'll need to bring with you: * Strong understanding of governance frameworks and their implementation * Experience in risk management and compliance * In-depth experience with Microsoft 365 suite of tools * Strong understanding of cybersecurity principles, general knowledge of cybersecurity technologies, and industry-recognised certifications * Good understanding of ITAR rules and regulations * Ability to make recommendations to remediate complex security threats * General knowledge of cybersecurity vulnerability assessments, penetration tests, and the tools/techniques involved * Ability to be comfortable working on multiple, complex issues and projects within defined timelines * Demonstrated understanding of compliance regulations and Information Security control frameworks and standards (i.e., NIST, UK GDPR, FedRAMP, CMMC, ISO 27001, PCI, SOX, HIPPA) * Knowledge of physical cabling for network communications and control system Input/Output * Ability to introduce and explain highly technical topics to non-technical audiences As an IT Governance Analyst, you will: * Assist in the development and implementation of several IT and Cybersecurity frameworks across the enterprise * Ensure compliance with all relevant security regulations and standards * Monitor and report on adherence to governmental standards and security frameworks * Identify risks from non-compliance and recommend mitigation strategies to manage those risks * Implement mitigation strategies as directed * Work closely with stakeholders to ensure a unified approach to standard adherence * Assist and support in any audits of the company's adherence to various security standards; Specifically, ISO27001, Cybersecurity Maturity Model Certification (CMMC), NIST SP 800-171, NIST SP 800-171A, NIST SP 800-172, Sarbanes Oxley (SOX), and others. Knowledge of EASA would also be useful. * Influence the development of policies and procedures to ensure they contribute to the maintenance of various regulatory standards * Liaise with the Compliance department to ensure success across company boundaries * Stay current and up to date with frameworks including ISO27001, CMMC, NIST, SOX, and others * Successfully communicate identified risks to various stakeholders in a manner that they can most easily understand * Support the daily maintenance activities and response where necessary Our Benefits: * Comprehensive medical insurance * Competitive PTO, holiday pay, and sick leave * Company 401K plan with up to 4% matched contribution * Annual bonus program (varies by level and discretionary based on company and individual performance) * Flexible working arrangements * Paid volunteering opportunities * Access to mental health champions across our sites * Commitment to development * Employee referral program Salary Range: $105,000- $115,000/year, based on experience #LI-Onsite EOE/Minority/Female/Sexual Orientation/Gender Identity/Disability/Veteran Compensation Pay Range $105,000- $115,000/year, based on experience Please click here to review Ontic's California Consumer Privacy Act policy. Ontic Engineering and Manufacturing Inc. is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law. This position must meet export control compliance requirements. To meet export control compliance requirements, a "U.S. Person " as defined by 22. C.F.R. §120.15 is required. "U.S. Person" includes U.S. Citizen, lawful permanent resident, asylee, or refugee.

Established in 1991, Collabera is one of the fastest growing end-to-end information technology services and solutions companies globally. As a half a billion dollar IT company, Collabera's client-centric business model, commitment to service excellence and Global Delivery Model enables its global 2000 and leading mid-market clients to deliver successfully in an increasingly competitive marketplace. With over 8200 IT professionals globally, Collabera provides value-added onsite, offsite and offshore technology services and solutions to premier corporations. Over the past few years, Collabera has been awarded numerous accolades and Industry recognitions including. Collabera awarded Best Staffing Company to work for in 2012 by SIA. (hyperlink here) Collabera listed in GS 100 - recognized for excellence and maturity Collabera named among the Top 500 Diversity Owned Businesses Collabera listed in GS 100 & ranked among top 10 service providers Collabera was ranked: 32 in the Top 100 Large Businesses in the U.S 18 in Top 500 Diversity Owned Businesses in the U.S 3 in the Top 100 Diversity Owned Businesses in New Jersey 3 in the Top 100 Privately-held Businesses in New Jersey 66th on FinTech 100 35th among top private companies in New Jersey *********************************************** Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance. Job Description Work Location: Durham NC 27703 Job Title: Network Security Analyst Duration: 24 Months Roles & Responsibilities: • Primary job responsibility will be to perform Intrusion Detection Sensor Threat Analysis. • Support for any one of McAfee IDS, Sourcefire IDS, Cisco IDS, Tipping Point IDS, Enterasys IDS, Juniper IDP and Fortinet IDS strongly desired. • The Operations team supports 24x7 and an off shift work schedule may be required. Qualifications IDS/IPS "Network analyst jobs" ; "Network security" ; "firewall analyst"; "network security position"; "network engineer"; "security engineer" Additional Information Should you have any questions, please feel free to call: ************ Aditika Sithta

Procom is a leading provider of professional IT services and staffing to businesses and governments in Canada. With revenues over $500 million, the Branham Group has recognized Procom as the 3rd largest professional services firm in Canada and is now the largest “Canadian-Owned” IT staffing/consulting company. Procom's areas of staffing expertise include: • Application Development • Project Management • Quality Assurance • Business/Systems Analysis • Datawarehouse & Business Intelligence • Infrastructure & Network Services • Risk Management & Compliance • Business Continuity & Disaster Recovery • Security & Privacy Specialties• Contract Staffing (Staff Augmentation) • Permanent Placement (Staff Augmentation) • ICAP (Contractor Payroll) • Flextrack (Vendor Management System) Job Description Sr. Security Analyst On behalf of our client, Procom Services is searching for a Sr. Security Analyst for a contract opportunity in Durham, NC. Sr. Security Analyst Job Details Responsible for user account administration in a multi-platform environment and ensure that administration procedures are aligned with overall Information Security policies and standards. Assist in the development of access controls to safeguard customer systems against accidental or unauthorized modification, destruction or disclosure. Maintain user access to securable customer system resources (UNIX, OS390 Mainframe, iSeries, Windows / Active Directory, Outlook Exchange) performing tasks such as: creation / configuration of user logon Ids and updating access control lists, access provisioning and access removals and access terminations. Perform detailed analysis of access requests/processes and provide recommendations for improvement to senior team members and Information Security management. Educate information / resource owners in the implementation of necessary information security controls. Perform standard and non-standard processing of security authorization requests. Work with resource owners to determine appropriate security policies for securable customer resources. Provide on-call support for after-hours system access issues and troubleshoot system access problems and failures. Report suspected information security misuse to manager or director. Assist resource owners and IT staff in understanding and responding to security access exceptions. Sr. Security Analyst Mandatory Skills - Bachelor's degree in Computer Science. - 2 years of security administration experience, or related technical system administration experience. - In lieu of degree 5 years of security administration experience. - Familiarity with audit and risk-related methodologies; such as COBIT and HIPAA. - Systems administration experience within other aspects of IT - Demonstrated security administration experience on two or more platforms (UNIX, OS390 Mainframe, iSeries, Windows / Active Directory, Outlook Exchange) - Demonstrated experience working with a managed services organization. - Demonstrated experience working with a request ticketing system, such as Triole. - Strong analytical and problem-solving skills. - Ability to present and discuss technical information to users with varying technical expertise. - Proven ability to work under stress in emergencies. Flexibility to handle pressure from many directions simultaneously. - Must be detail-oriented with a high level of accuracy. - Excellent written and verbal communication skills. - Demonstrated ability to develop and maintain collaborative working relationships across multiple teams. - Strong customer focus and the ability to manage customer expectations. - Must have strong team-oriented interpersonal skills and the ability to effectively interface with a wide variety of people. - Demonstrated commitment to continuous process improvement. - CISSP, CISA, or other security / audit / field related certifications a plus Sr. Security Analyst Start Date ASAP Sr. Security Analyst Assignment Length 7+ months Additional Information All your information will be kept confidential according to EEO guidelines. Please send your resume in Word format only.

Details: Stefanini Group is hiring! Stefanini is looking for a Cyber Defense Incident Responder (L1) in Greensboro, NC (Onsite) For quick apply, please reach out to Madelaine 'Madie' Yu Call: ************ / Email: ************************** Work Location 7900 National Service Road Greensboro, NC 27409 Job Title: Cyber Defense Incident Responder (L1) Days are M-F 2pm to 10pm Eastern time Transport is at the core of modern society. Imagine using your expertise to shape sustainable transport and infrastructure solutions for the future? If you seek to make a difference on a global scale, working with next-gen technologies and the sharpest collaborative teams, then we could be a perfect match. What you will do: Complete Cyber Monitoring and Incident Response Operations Playbook/Checklist activities including, but not limited to: log review, vulnerability management activities, management report scheduling and running, alert analysis, filter modifications and escalation follow up activity status Monitor CSOC alert queue and investigate detections for suspicious events Develop, tune and maintain tools to automate analysis capabilities for network-based, host-based and log-based security event analysis. Create signatures, rulesets, and content analysis definitions from various intelligence sources for a variety of detection capabilities Organize and maintain documentation of detection capabilities, alert definition, policy configurations, and tool rulesets Maintain adherence to Cybersecurity Operations Center standards, policies and procedures Remain up-to-date on the latest security information in order to validate the security analysis and identification capabilities of the security operations technologies Participate in efforts to analyze and define security filters and rules for a variety of security parameters Details: In this role, you will bring: Bachelor's degree in cybersecurity or a related 4-year degree, or 3-6 years of relevant IT experience, or 2-4 years of IT Security experience A good team player with a passion for cyber defense Intrusion Detection, Network Traffic Analysis, Log Analysis, Rule/Signature/Content Development, programming or scripting required Ability to analyze logs, alerts, network traffic and other data sources to validate security events Ability to create signatures and detection content in IDS, SEIM and log analysis platforms Ability to consume, comprehend and utilize and create indicators of compromise Perform daily analysis of detection reports and alerts Maintain tools, scripts and applications for detection and automation capabilities Identify opportunities for capability and efficiency improvements Exhibit understanding of tools, tactics, and procedures of malicious actors and advanced persistent threats Listed salary ranges may vary based on experience, qualifications, and local market. Also, some positions may include bonuses or other incentives. Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied. We also speak with you about the process including interviews and job offers. About Stefanini Group The Stefanini Group is a global provider of offshore, onshore, and nearshore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence. We are a CMM Level 5 company. #LI-MY1#LI-ONSITE