Information security analyst jobs in Dothan, AL

Immediate need for a talented Information Security Analyst - Lead . This is a 09+ months contract opportunity with long-term potential and is located in Atlanta,GA(Hybrid). Please review the job description below and contact me ASAP if you are interested. Job ID:25-93807 Pay Range: $68 - $68.61/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Act as a liaison between cybersecurity metric owners, data engineers, and governance teams to ensure accurate and timely metric development. Facilitate metric working sessions to define metric name, definition, calculation, system of record, and critical data elements (CDEs). Support the documentation and validation of metric logic and data lineage. Coordinate and lead standing meetings to provide updates, manage timelines, and escalate blockers or data challenges. Review and validate data quality and completeness of metric inputs in coordination with data engineers. Support the development of root cause commentary and trend analysis for metrics that breach established thresholds. Partner with control and process owners to align metrics with applicable frameworks (e.g., NIST CSF, CIS, FFIEC). Prepare clear, concise executive-level summaries and presentations on metric performance and risk trends. Maintain oversight of multiple metrics in different stages of the build lifecycle, ensuring governance and consistency. Contribute to continuous improvement of the metrics program, including standardization, automation, and data quality enhancements. Key Requirements and Technology Experience: Key Skills;Metrics governance/Risk Metrics/Performance Metrics . Bachelor's degree or five years of related experience or an equivalent combination of education and experience In-depth knowledge of principles, practices, theories, and/or methodologies associated with the professional discipline (e.g., information technology, project management, finance, risk management, etc.) Understands foundational concepts of other related professional disciplines. Experience managing small projects Ability to interpret and explain complex information to a range of audiences and build consensus among different stakeholders. Ability to provide direction and mentor less experienced teammates Strong organizational skills with the ability to manage multiple priorities simultaneously. Excellent written and verbal communication skills, including experience drafting executive summaries. Proficiency in Microsoft Excel, PowerPoint, and collaboration tools (e.g., Teams, SharePoint). 5-7 years of experience in cybersecurity, risk management, technology project coordination, or data analytics. Familiarity with cybersecurity domains (e.g., vulnerability management, DLP, IAM, cloud security, incident management). Working knowledge of risk and performance metric design, including KRIs, KPIs, and operational indicators. Experience gathering and documenting business requirements and translating them into actionable data or metric logic. Basic understanding of SQL or ability to read data dictionaries and data mappings. Exposure to cyber control frameworks such as NIST CSF, ISO 27001, or CIS. Exposure to Agile or iterative project delivery methods. Cybersecurity/Risk management Vulnerability management Stakeholder engagement . Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration. Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

Sanford Rose JFSPartners is currently looking for a Cybersecurity GRC Analyst for a full-time opportunity in Orlando. The GRC Analyst supports the security compliance program, tracking completion and remediation of compliance activities, and documenting compliance program evidence. RESPONSIBILITIES: Works as a team member in the Cybersecurity Department focusing on IT Security compliance processes and initiatives, acting as the central point of contact and collaborating with other organization units within the company in these matters Supports security compliance program, ensuring the identification, tracking, prioritization, and remediation of all internal and external compliance requirements; also supports Internal Audit activities and remediation requirements. Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, frameworks such as requirements to comply with SOX (Sarbanes-Oxley) Coordinates the information security compliance efforts of all internal and outsourced functions that have one or more information security-related responsibilities, to ensure that organization-wide information security compliance efforts are consistent. Assists with the implementation of company-wide security awareness and education programs that are aligned with security policy, standards, regulatory requirements, and industry practices. Assists with vulnerability management reporting including patch management tracking and software code analysis reports. REQUIRED TECHNICAL SKILLS: 3+ years of experience in an IT role focusing on information security and IT compliance Knowledge of regulatory compliance regulations (PCI, SOX, PII) Familiarity with industry standard frameworks such as NIST and ISO Knowledge of information technology systems and processes, network infrastructure, data architecture, data processes and protocols Experience with GRC tools (Oracle, RSA Archer, MetricsStream, etc.) At Sanford Rose Associates - JFSPartners, we specialize in Finance & Accounting, Legal, and Information Technology recruitment, dedicated to helping professionals like you discover the perfect career opportunities. With a track record of assisting thousands of professionals nationwide, we are prepared to leverage our expertise on your behalf. Partnering with us means gaining access to serious candidates, minimizing hiring errors, and ensuring top-tier hires, all while navigating the hiring process with confidence. We understand the significance of finding the ideal role and aligning with an organization that shares your values.

Job Title: Junior GRC Analyst Openings: 1 Duration: 1 year +, potential to go perm Pay Rate: $40 Interview Process: 1 virtual, final onsite with team Minimum Qualifications & Experience Required Bachelor's degree in Information Security, Computer Science, Risk Management, or related field 1+ year experience in IT, cybersecurity, or healthcare Ability to assess and evaluate technical documentation (data flow and network architecture diagrams) and attestations /certifications (SOC 2, ISO) Familiarity with the HIPAA Security Rule, NIST CSF 2.0, and PCI-DSS Strong analytical, documentation, and problem-solving skills Excellent written and verbal communication skills for both technical and non-technical stakeholders Ability to manage multiple projects, collaborate across IT and business teams, and drive remediation efforts Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint) Nice To Have Qualifications & Experience Exposure to ServiceNow and Safe Security Exposure to Factor Analysis of Information Risk (FAIR) for quantitative risk analysis Basic understanding of first and third-party risk management concepts and practices Familiarity with AI security concepts and emerging frameworks (NIST AI RMF, OWASP COMPASS) Industry certifications such as CompTIA Security+, CRISC, or CISA Day-to-Day Responsibilities Conduct and document third-party risk assessments, reviewing security questionnaires, attestation/certification reports, BAAs, and technical diagrams Assist with risk quantification by gathering scenario inputs, impact drivers, and control maturity data. Support AI governance intake reviews and documentation for new use cases Track remediation and corrective actions related to findings, risks, and audit outcomes Assist in maintaining and updating risk registers and compliance documentation Assist in incident response documentation, root cause analysis, and identifying control improvements Support internal audits, e-discoveries, and evidence collection for regulatory and certification requirements Monitor and track remediation of identified risks and compliance gaps Help develop, document, and enforce security policies, standards, and procedures Collaborate with IT and business teams to ensure adherence to standards Prepare reports and dashboards for management on risk and compliance status Stay current on emerging regulations and security best practices

📍 Hybrid / Remote Options (No Sponsorship Available) 💼 Full-Time | Cloud Security | IAM | O365 About the Role We are seeking a highly skilled Senior Cloud Security Analyst to lead the evaluation, security posture management, and continuous improvement of our multi-cloud and O365 environments. This role acts as a cross-brand consultant-connecting teams, identifying security gaps, standing up cloud environments, and guiding technical staff on required security controls and the “why” behind them. You will assess digital and cloud security posture, outline required improvements, and partner with IT stakeholders to bring environments into compliance. This is a hands-on position focused on Azure, AWS, GCP, IAM governance, O365 security, and cloud access controls, along with managing and enhancing vulnerability management and key security indicators. You will work closely with senior network and security analysts in a small, highly collaborative team supporting both shoreside and distributed operational environments. What You'll Do Cloud Security & Posture Management Oversee, evaluate, and continuously strengthen cloud security posture across Azure, AWS, and GCP. Assess current security controls, identify gaps, and develop actionable projects to remediate risks. Provide clear security directives such as: “Your cloud environment requires A-D; you currently only have A,” and work with teams to stand up missing controls. IAM & Access Governance Support access and identity processes for O365, AD, Linux, and cloud-based platforms. Assist with IAM operations involving SailPoint and enterprise identity workflows. Evaluate access levels across environments and ensure appropriate permissions and segregation-of-duties. Security Operations & Monitoring Monitor brand security posture and provide input into SIEM integrations, identifying blind spots and validating configurations. Support vulnerability management initiatives, analyzing cloud findings (e.g., Orca, Qualys) and helping IT translate data into actionable remediation. Assist security operations with monitoring and triaging cloud security events. Reporting & Stakeholder Engagement Build dashboards and reporting for executives and business leaders communicating KRIs, risks, and security posture. Provide training, documentation, and consulting to IT team members on cloud configurations, security best practices, and new technologies. Architecture, Projects & Continuous Improvement Support cloud implementation and architectural reviews for upcoming solutions. Partner with PMO teams to build and prioritize the cybersecurity backlog. Recommend modern replacement technologies for legacy systems. Required Qualifications Bachelor's degree preferred (IT, Cybersecurity, Computer Science, or related). 5+ years of experience in cloud security and access management. Hands-on expertise with: Azure security and administration AWS security controls & tenant management Active Directory, O365 security, Linux/Windows access admin SailPoint IAM Orca Security (preferred) PowerShell and scripting (Python, etc. nice to have) Strong understanding of IAM principles (not an IAM engineer, but fluent in IAM governance). Experience with GDPR, PCI, NIST frameworks. Ability to connect dots across teams and act as a security consultant between groups. Strong analytical, communication, and stakeholder management skills. Preferred Certifications Microsoft 365 Messaging or Security Administrator CompTIA Cloud+ Cloud Security-related certs (Azure, AWS, or GCP) Top Skills Cloud Security (Azure, AWS, GCP) O365 Security AD & Access Management IAM Support (SailPoint) Scripting (PowerShell / Python) Security Posture Assessment Vulnerability Management (Orca, Qualys) SIEM Integration Review Risk & Compliance (NIST, PCI, GDPR) Team Structure You'll join a small, senior-level team consisting of: Senior Network Security Analyst Senior Security Analyst

Job Title: Technology - Security Analyst Senior Duration: Long term contract Experienced professional responsible for implementing, maintaining, monitoring, and troubleshooting enterprise-wide security systems. Supports 24/7 availability, mentors junior staff, and ensures compliance with security frameworks and policies. ✅ Core Responsibilities: Implement and manage enterprise security systems, including cloud-based (AWS/Azure). Perform security audits, risk analysis, and vulnerability assessments. Conduct log analysis via SIEM tools; respond to security incidents. Lead incident response, threat hunting, and forensic analysis. Maintain firewalls, encryption systems, and endpoint protections. Develop and enforce security policies, SOPs, and compliance protocols. Manage user access, logical security, and secure configurations. Collaborate cross-functionally on infrastructure and software security. Support regulatory compliance with standards (e.g., NIST, COBIT). Train and mentor team members; provide escalated issue resolution. Evaluate and onboard new security technologies. ✅ Technical Skills Required: Operating Systems: Windows (5+ years), Linux is a plus Cloud Platforms: AWS (EC2, IAM, Security), Azure (AD, Sentinel, Security Center) Security Tools: SIEM (e.g., Splunk), Firewalls, IDS/IPS, Endpoint Protection Scripting: PowerShell, Python, VBScript, Regex Frameworks & Compliance: NIST, COBIT, ISO 27001, ITIL Forensics & IR: Evidence gathering, threat profiling, penetration testing Documentation: RFPs, RFIs, policy writing, technical reporting Protocols: TCP/IP, DNS, HTTP/S, LDAP, SNMP, VPN, SSH ✅ Soft Skills & Abilities: Critical thinking and creative problem-solving Leadership in projects and incident response Effective communication (written and verbal) Mentoring and knowledge-sharing Ability to prioritize and work independently under pressure Collaboration across departments and vendors ✅ Educational Requirements: Preferred: Bachelor's degree in CS, InfoSec, or related Alternate: 8 years equivalent experience in system/security administration ✅ Experience Requirements: Minimum: 4 years in security/system admin in enterprise IT Mandatory: 5 years in Windows environment ✅ Required Certifications (any 2 or equivalent): Security & Compliance: GIAC GMON, GPCS, DoD 8570 certs Cloud & Microsoft: AWS: Cloud Practitioner, Solutions Architect, Security Specialty Azure: Fundamentals, Security Ops/Engineer, Solutions Architect MCSE Aviatrix Certified Engineer (ACE)

Location: St Petersburg, FL | Southfield, MI | Memphis, TN - [This position follows a hybrid work model, requiring on-site presence approximately 10-12 days per month]. Please note: This role is not eligible for work visa sponsorship, now or in the future. Compensation: $110,000 - $140,000 base salary range. Job Summary We are seeking an experienced IT Security Engineer to join our Identity & Access Management Engineering team, with a focus on Identity Governance & Administration and Directory Services. In this role, you will help secure the enterprise by managing and optimizing critical platforms such as Microsoft Active Directory, Microsoft Entra ID, and Infoblox. As a Security Engineer, you will do more than maintain systems-you will help shape the future of IAM. You will contribute to strategic projects, implement advanced security solutions, and drive automation to improve operational efficiency. This position offers the opportunity to work on high-impact initiatives that reduce risk, enable business growth, and ensure compliance across a dynamic environment. If you thrive in a collaborative setting, enjoy solving complex problems, and want to make a measurable impact on enterprise security, this role provides an excellent opportunity to innovate, lead, and grow. Responsibilities Manage and maintain Active Directory, Entra ID, and DNS/DHCP/IPAM systems. Define and implement support procedures for AD, Entra ID, and DNS/DHCP/IPAM. Handle operational engineering tasks, including tickets, incidents, change requests, vulnerability remediation, and maintenance. Provide technical input on IAM technologies, policies, and compliance requirements. Participate in IAM-related projects and contribute to deliverables using established methodologies. Engage in enterprise disaster recovery exercises and participate in on-call rotations. Recommend and implement technical improvements to enhance security and efficiency. Collaborate with stakeholders to translate business requirements into technical solutions. Develop and maintain system documentation, including flowcharts, diagrams, and specifications. Document current and future state processes and assist in planning transitions. Required Technical Skillsets Minimum 5 years of experience with Active Directory, Entra ID, AWS, and DNS/DHCP/IPAM. Hands-on experience with IAM in hybrid and cloud environments. Strong experience with networking solutions such as DNS/DHCP/IPAM. Proven scripting and automation skills (e.g., PowerShell). Enterprise-level experience required; financial services experience preferred. Additional skills: event/log analysis, troubleshooting, system monitoring, and event analysis. Education Bachelor's degree in Computer and Information Science (required). High School diploma (required).

Essential Duties and Responsibilities: Working with security tools and API integration work including writing scripts and development of automation around detection and remediation activities. Given the growing nature of the organization, you will work closely with other internal and external groups and may also assist in other security activities as necessary in response to assessments and/or audits. Implementing and operating vulnerability management and security log collection and monitoring tools, analyzing data from those tools and providing recommendations for security improvements to existing processes and technology, and participating in and leading incident response efforts. Identification and remediation of OS and network security weaknesses and vulnerabilities Respond to internal and/or external reports, events, and incidents (e.g. scanning, hacking, phishing) Qualifications: Bachelor's in computer science (or equivalent) degrees Minimum of 5+ years of documented information security work experience At least 5+ years of system/network security experience, including threat modeling, threat assessments, risk identification techniques, penetration testing Detailed knowledge of network and Web related protocols (e.g., TCP/IP, IPSec, HTTP, SSL, routing protocols) Atalla HSM experience (knowledge of transaction encryption) and Imperva, SecureSphere, WAF, and DB experience. Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, MDM etc. Demonstrated experience with malware remediation. Experience in one or more technical forensic tools Experience with Splunk from systems deployment and endpoint configuration to log analysis and interpretation. Ability to identify signs of intrusion or infection on a variety of systems. Expertise in administration of enterprise OS's Ability to move seamlessly between a hacker / attacker mindset and a security engineer / defender mindset Hands on experience with Nmap, vulnerability scanners, ZAP, Kali, MetaSploit, Wireshark, Kismet, Aircrack-ng Penetration testing experience Application and database security experience, including code reviews Network and security engineering experience, including log and network traffic capture analysis IT security certifications (SANS GIAC, CISSP, CCNA Security, CCNP Security, RHCSA or RHCE, MCP or MCSE ) are a plus Experience with advanced malware technologies is a plus. MerchantE does not provide visa sponsorship for this position. Candidates must be legally authorized to work in the United States without current or future sponsorship.

Prominent is looking for an Azure Cloud Security Architect for a contract to hire in Marietta/Alpharetta, Georgia. The successful Candidate will have senior level experience around design, build and deployment of technology initiatives to secure key government client's cloud environment. The selected candidate will be accountable for assisting in strategic planning and architecture and securing enterprise information by identifying network and application security requirements, implementing and testing security controls and procedures. Additionally, this role collaborates with other teams to embed security into the entire lifecycle, integrating DevSecOps principles and automation into the pipeline. No visa sponsorship is available for this opportunity! C2C or 1099 not available for this opportunity! Experience Required: 5+ years firsthand working with multiple Azure security tools and platforms such as Entra ID, Sentinel, Defender, Monitor, Key-Vault, or similar in other platforms. 5+ years managing security policies and initiatives in Azure. Identity Access and Management (IDAM) concepts, multifactor authentication, SSO/Federation Privileged Access Management (PAM) and Privileged Identity Management (PIM) key concepts Demonstrated ability to Define, Design, and configure the Azure security platforms, and function as an overall lead managing end to end security on the Azure GovCloud regions. Experience automating security baselines and policy enforcement in enterprise Azure environments. Experience automating “Policy-As-Code” using Terraform and ARM templates, with a focus on reusable module design, policy enforcement, and secure CI/CD integration. Demonstratable understanding of Information Security and Risk Management capabilities related to cloud computing across Windows and Linux, with demonstrated direct experience with the following domains: o Identity, Credential and Access Management (ICAM) o Authentication and Authorization including SSO and Identify Federation o Zero-Trust Model o Defense-In-Depth o Governance and Compliance o Securing Data o Securing the Operating System o Protecting the Network Layer o Continuous Diagnostics and Mitigation, Alerting, Audit Trail, and Incident Response o Cloud Core Platform: Compute, Storage, Networking Prior experience supporting federal, defense, or highly regulated commercial clients helpful along with the following skills: Familiarity with compliance frameworks such as FedRAMP, CMMC, FISMA and NIST 800-53. Certifications: CISSP, CCSP, Azure/AWS/Google Training and Certification Crowdstrike Falcon EDR for Azure Experience with secure baseline configurations (CIS Benchmarks, DISA STIGs) for Azure environments. Managing/maintaining FISMA compliance for a government information system in accordance with requirements from NIST. Demonstrated experience collaborating directly with external clients, business leadership, and auditors. Direct technical background, to include familiarity with servers, network devices, and security systems.

Clearance Required: Top Secret/SCI We are seeking an experienced Information Systems Security Officer (ISSO) to support classified environments and mission-critical programs and initiatives. This role provides day-to-day cybersecurity, accreditation, and compliance support for Collateral and SCI systems within secure areas. The ISSO will play a key role in maintaining the security posture of classified information systems, ensuring compliance with DoD, Intelligence Community directives, and the Risk Management Framework (RMF). Key Responsibilities Security & Policy Support Apply knowledge of security policies, ICDs, DoD manuals, JAFANs, and related guidance. Work effectively across a dynamic environment with DoD personnel, military/civilian stakeholders, and industry partners. Operate with minimal supervision while demonstrating initiative, independence, and strong problem-solving capabilities. RMF Responsibilities Review, prepare, update, and maintain RMF accreditation packages. Perform RMF self-inspections and support compliance reviews. Track changes affecting system accreditation and notify appropriate stakeholders. Identify vulnerabilities and recommend/implement mitigation strategies. Conduct security surveys and coordinate documentation for accreditation packages. Prepare and track RMF inspections, findings, and corrective action responses. Maintain RMF security documentation and system records. System Operations & Continuous Monitoring Ensure all authorized systems are operated, maintained, and disposed of in accordance with RMF and security policies. Assist with Cyber Test & Evaluation (CT&E) activities for government partners. Collect, review, and analyze security scans, audit logs, and system alerts. Perform vulnerability management and apply continuous monitoring processes for classified systems. Customer & Mission Support Support both internal and external customers as part of ISSO duties. Maintain strong communication and coordination with stakeholders regarding system security posture. Required Qualifications 5-9 years of related ISSO, cybersecurity, or information assurance experience. ACAS (Assured Compliance Assessment Solution) Splunk Background in Systems Administration. Strong understanding of RMF processes, documentation, and compliance requirements. Education Bachelor's degree or an additional 4 years of relevant experience in lieu of a degree. Certifications Must meet DoD 8570.01-M requirements Must posess/obtain IAT Level II certification within 6 months of hire (e.g., Security+ CE, CCNA Security, CySA+, etc.). Security Clearance Active Top Secret/SCI required.

*****NO C2C OR THIRD PARTY INQUIRIES***** Senior Security Engineer 3x Per Week Onsite Minimum if Hybrid Top skills/tools, etc. that are MUST haves: Recent Palo Alto experience Palo Alto SME Nice to haves: Prisma Access Job Summary You will provide guidance and technical support to clients deploying our security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success. Your thorough understanding of our product integrations contributes to the development of new principles and concepts - providing detailed analysis around what's working, what's not, and what could be better. You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You're creative, innovative, and you love a challenge - learning how integrations might work better around new products and technologies. Responsibilities Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating Platform Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall Test and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Some travel may be required, dependent on customer request You work with the customer's security & network teams to build confidence across the business units impacted by the change to Palo Alto Networks Experience High level of experience with Panorama and log collectors NGFW Global Protect BS in Computer Science, MIS, business, or equivalent education/training/experience Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching) Minimum of 3 years' experience leading security solutions in large environments) Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products You're experienced in internetworking, LAN, and WAN technologies You have a good understanding of Internet protocols and applications Possess the following industry certifications: CISSP, CCNA, CNSE, JNCIE-SEC You effectively handle multiple projects and work calmly in high pressure

Department: Offensive Security Operations Reports to: Offensive Security Operations Manager Employment Type: Full-Time We are seeking an experienced Application Security Engineer to lead our DevSecOps as a Service program. This role bridges the gap between security, development, and operations, helping client organizations integrate security best practices directly into their development lifecycles. You will be responsible for designing, implementing, and maintaining secure automation frameworks that support continuous integration and continuous delivery (CI/CD) pipelines. The ideal candidate will have strong technical experience in secure software development, automation, and infrastructure as code (IaC), as well as excellent communication skills to engage directly with both internal and client engineering teams. Key Responsibilities - Lead the DevSecOps as a Service initiative, guiding client development and operations teams in embedding security throughout the SDLC. - Architect, deploy, and maintain secure CI/CD pipelines leveraging tools such as GitHub Actions, GitLab CI, Jenkins, or Azure DevOps. - Integrate security scanning tools (SAST, DAST, SCA, container scanning, secret detection) into automated build and deployment workflows. - Develop and manage Infrastructure as Code (IaC) security standards using Terraform, Ansible, and related automation frameworks. - Conduct security reviews of application architectures, source code, and deployment configurations. - Define and enforce security baselines, policies, and best practices across client environments. - Partner with development and operations teams to identify and remediate vulnerabilities early in the pipeline. - Build automation to support continuous compliance, drift detection, and threat modeling integration. - Collaborate with the Offensive Security Operations Manager to align DevSecOps services with overall threat exposure management and testing strategies. - Provide mentorship, technical documentation, and training to client and internal teams on secure DevOps practices. Required Qualifications - Bachelor's degree in Computer Science, Cybersecurity, or a related technical field (or equivalent practical experience). - 5+ years of hands-on experience in Application Security, DevSecOps, or Secure Software Engineering. - Strong understanding of CI/CD pipelines, Git-based workflows, and secure deployment practices. - Proficiency in Terraform, Ansible, and related automation tools. - Experience integrating security tools (e.g., SonarQube, Checkov, Trivy, OWASP ZAP, Snyk, or similar) into DevOps pipelines. - Experience with threat modeling, penetration testing, or offensive security assessments. - Familiarity with containerization (Docker, Kubernetes) and securing cloud-native deployments. - Excellent understanding of software supply chain security, secret management, and identity and access controls. - Strong scripting skills in one or more languages (Python, Go, Bash, PowerShell). - Ability to work cross-functionally with development, operations, and security stakeholders. Preferred Qualifications - Certifications such as GIAC GWAPT, GCSA, GCPN, OSWE, or CSSLP. - Experience working with multi-tenant or client-facing DevSecOps programs. - Knowledge of cloud security best practices (AWS, Azure, or GCP). Soft Skills - Strong leadership and collaboration abilities. - Excellent written and verbal communication skills. - Proactive problem-solving and initiative-taking approach. - Comfortable working in fast-paced, client-facing environments.

Flybridge Staffing is currently searching for a Director of InfoSec/Cybersecurity for a client who develops and delivers innovative merchant payment processing and point of sale solutions to clients nationwide. This role will be centralized in our Boca Raton office, with remote work 90% of the time. ****NO SPONSORSHIP AVAILABLE**** US Citizen, and GC only please. We are currently seeking an InfoSec/Cybersecurity Director who will continue to mature the company's Cybersecurity and Information Security posture and strengthen the overall security controls throughout the enterprise. This role will enable the expansion of the company's ability to meet and exceed all financial services and payments industry security standards, such as PCI and SOC-1 compliance requirements, through the implementation of sound policies, procedures, and tools needed to secure our customers and the company's information. Responsibilities Initiate, develop, and maintain information security policies and procedures. Ensure security strategies are being followed to meet organizational security goals and industry standards such as PCI and SOC-1. Identify security risks, coordinate and/or perform assessment of security risks, facilitate risk and security incident responses, and validate security controls as needed. Document all the security policies and promote activities and procedures to create a general awareness about the significance of security within the company. Review the security plans that have been implemented on the systems throughout the entire network of the organization, thus acting as an information security consultant. Ensure that IT security best practices and configurations are included in network, desktop, server, wireless, VoIP, and mobile configurations. Configure, implement, monitor, and support security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures. This includes but is not limited to IDS/IPS, secure file transfer, DLP, encryption, firewall rule assessments, log management/correlation, secure password storage/retrieval, application whitelisting, vulnerability management, threat hunting, etc. Respond to security-related tickets escalated from various departments and work collaboratively across multiple teams to communicate and manage expectations during the resolution of the issue. Monitor, analyze, and respond to SIEM alerts from monitoring tools and third-party vendors. Perform regular inspections and tests (e.g., External and Internal PEN tests) to ensure the security of sensitive information. Assist in routine system and network management tasks as needed, including Change Management, System Updates and Patch Management; Backup and Recovery of server and desktop systems. Assists IT Department in assessing technological risks. Minimum Qualifications BA or BS degree and/or equivalent combination of education and experience. At least 10 years of experience in a medium or large-sized enterprise or service provider IT organization. Minimum of six (6) years' experience in IT security infrastructure, design, operations, and information assurance. Deep understanding and 5+ years of experience working with industry-leading security platforms (e.g. firewalls, IDP/IDS, anti-virus, threat intelligence, vulnerability management, etc.). Additional Requirements Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Information Systems Security Engineering Professional (ISSEP) or other certifications preferred. Hands on experience as an incident first responder or incident response manager. Hands on experience (build, administration, and maintenance) of Windows, Linux and virtualization technologies. Expert knowledge of patch and vulnerability management processes. Knowledge of cloud technologies with current experience and training. Knowledge of network protocols, utilities, and topics. Knowledge of vulnerability and threat management solutions. Knowledge of desktop and backup technologies. If your background aligns with the above details and you would like to learn more, please also submit your resume to jobs@flybridgestaffing.com or on our website, www.flybridgestaffing.com and one of our recruiters will be in touch with you ASAP. Follow us on LinkedIn to keep up with all our latest job openings and referral program.

Infosec Engineer - GRC Focus Hybrid - Atlanta, GA Contract - 6-month + extensions We're looking for a hands-on Information Security Engineer with deep GRC expertise to join a leading financial organization. This role combines technical security engineering with governance, risk, and compliance, supporting enterprise-wide compliance initiatives and automation programs. About the Role: You'll work across security and compliance domains, implementing and automating controls, integrating GRC platforms, and embedding compliance into enterprise systems. You'll support ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, and HIPAA programs while collaborating with security, IT, and business teams. Responsibilities: Lead implementation and automation of GRC platforms (RSA Archer, ServiceNow GRC, BitSight, ProcessUnity, Vanta) Develop and maintain integrations, scripts, and automation using Python, PowerShell, JavaScript, SQL, or other relevant tools Support SIEM monitoring, incident response, and technical controls aligned with compliance frameworks Embed risk and compliance controls into enterprise systems and IT processes Assist with audits, regulatory assessments, and reporting to demonstrate governance effectiveness Drive improvements in risk management processes through technology and automation Requirements: 5+ years' experience in information security engineering or technical GRC roles Hands-on experience with GRC platforms and automation (RSA Archer, ServiceNow, BitSight, etc.) Coding/scripting experience (Python, PowerShell, JavaScript, SQL) for integrations and automation Solid understanding of regulatory and compliance frameworks (ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, HIPAA) CISSP or equivalent security certification preferred Proven track record of embedding compliance into enterprise systems and leading automation initiatives If you're an experienced Infosec Engineer with a GRC background, this is a unique opportunity to combine hands-on engineering with compliance and risk leadership.

Must reside in South Florida to be considered, this is on site in Miami Contract The Security Engineer plays a key role in strengthening the organization's security posture by supporting the design, implementation, and operation of modern security tools and infrastructure. This role focuses on monitoring security systems, performing threat analysis, responding to incidents, and enforcing security baselines and controls. The Security Engineer works closely with infrastructure, engineering, and compliance teams to reduce risk and ensure alignment with security best practices. Requirements 5+ years of experience in cybersecurity, security engineering, or related technical security roles Hands-on experience with security tools such as SIEM, EDR, vulnerability scanners, and log management platforms Strong understanding of security frameworks (NIST, CIS, ISO 27001) and best practices Experience with incident response, threat analysis, and remediation processes Knowledge of network security, endpoint security, and cloud security fundamentals Experience with scripting or automation (Python, PowerShell, Bash) Excellent analytical and problem-solving abilities Strong communication skills and ability to work cross-functionally with IT, engineering, and compliance teams Responsibilities Assist with the design and implementation of modern security tools and infrastructure to support enterprise hardening initiatives Monitor and manage security systems including SIEM, EDR, and vulnerability management platforms Perform threat analysis, investigate security events, and support incident response and remediation activities Implement, maintain, and audit security policies, controls, and configuration baselines Support risk assessments, compliance reporting, and security documentation efforts Collaborate with engineering and operations teams to identify and remediate security risks across the environment Contribute to continuous improvement initiatives in detection, response, and security automation

This position plays a central role in coordinating activities throughout the IT ecosystem - including Security, Business Platforms, and Data & Analytics. The Analyst applies flexible, agile-inspired project management methods to encourage collaboration, maintain visibility, and support the continuous delivery of technology initiatives. The role ensures that IT efforts remain synchronized across teams and aligned with organizational objectives. Beyond project execution, this role partners with stakeholders from multiple departments to clarify goals, prioritize work, and monitor measurable progress. By strengthening communication between technical teams and business units, the Analyst contributes to process improvement, change enablement, and the consistent delivery of value through IT initiatives that advance the company's strategic direction. Responsibilities Coordinate IT Life Cycle Activities: Manage cross-functional work across Security, Business Platforms, and Data & Analytics to support ongoing IT programs and ensure operational alignment. Implement Agile Practices: Apply streamlined project management techniques to enhance teamwork, transparency, and iterative progress across IT efforts. Align Stakeholders: Act as a liaison between technology and business groups, facilitate updates, and support adoption of new processes or tools that improve overall IT effectiveness. Qualifications Bachelor's degree in Information Technology, Computer Science, or a related discipline. At least five years of experience delivering or coordinating IT projects using Agile or blended methodologies. Working knowledge of core IT areas such as cybersecurity, software development, and risk management. Proficiency with Agile project or portfolio management platforms (e.g., Smartsheet, Monday.com). Strong facilitation, communication, and organizational skills, with experience engaging both business and technical audiences.

Job Posting Title: Cloud Security Engineer - SRE Job Profile: Technical Project Management - Advisor II We are seeking a skilled and motivated Cloud Security Engineer - SRE to join our dynamic team. The ideal candidate will possess a strong technical background in systems administration, cloud computing, and infrastructure as code, with a particular focus on solution engineering/site reliability. This role will involve collaborating with cross-functional teams to enhance our security posture and streamline processes through automation. Technical Skills • Programming and Scripting: Strong proficiency in languages like Python, Go, Bash, or Ruby. SREs often need to write automation scripts and build tooling. • Systems Administration: Deep understanding of operating systems (Linux/Unix), file systems, processes, and system configurations. • Infrastructure as Code (IaC): Experience with IaC tools like Terraform, Ansible, or Chef to manage infrastructure. • Cloud Computing: Knowledge of cloud platforms such as AWS, Azure, or Google Cloud Platform, including services like EC2, S3, Kubernetes, and serverless functions. • Containers and Orchestration: Expertise in containerization (Docker) and container orchestration (Kubernetes, OpenShift). • Networking: Understanding of networking concepts, including DNS, firewalls, load balancing, and VPNs. • Monitoring and Observability: Experience with monitoring and observability tools like Prometheus, Grafana, Datadog, or New Relic. Ability to set up and maintain monitoring dashboards, alerts, and logs. • Continuous Integration/Continuous Deployment (CI/CD): Familiarity with CI/CD tools like Jenkins, GitLab CI, GitHub Actions, or CircleCI. • A strong understanding of HashiCorp Vault and Terraform will make you stand out. 2. Problem-Solving and Troubleshooting • Incident Management: Ability to manage and respond to incidents, perform root cause analysis, and implement post-mortem reviews. • Automation: Focus on automating repetitive tasks to improve efficiency and reduce human error. • Performance Tuning: Skills in identifying and resolving performance bottlenecks in systems and applications. 3. Collaboration and Communication • Teamwork: Ability to work closely with cross-functional teams, including software engineers, product managers, and DevOps teams. • Documentation: Skill in creating clear and comprehensive documentation for systems, processes, and incident reports. • Communication: Effective communication skills for interacting with stakeholders and explaining technical concepts to non-technical audiences. 4. Reliability and Scalability • Service-Level Objectives (SLOs) and Service-Level Agreements (SLAs): Understanding of setting, monitoring, and maintaining SLOs and SLAs for system reliability. • Scalability: Knowledge of best practices for designing and scaling systems to handle increased loads and demands. • Redundancy and Resilience: Experience in designing systems with redundancy and fault tolerance to minimize downtime. 5. Security and Compliance • Security Best Practices: Understanding of security principles, such as access control, data encryption, and secure coding practices. • Compliance: Familiarity with compliance standards like GDPR, HIPAA, or PCI-DSS, depending on the industry. Minimum Job Qualifications: • Bachelor degree in business or equivalent work experience • 10 years of previous program leadership and/or relevant consulting experience • Knowledge of and demonstrated experience in program management framework, knowledge groups & life cycle • 5+ years' experience in driving large scale data center consolidation efforts • Minimum 5 years' experience with matrix management of cross-functional processes and teams • Proficient with Project Management tools

Security Engineer - EZ Mainframe Security Tooling Team (W2 Only) Client: Banking Contract Type: W2 Only Duration: Long-term contract with extensions based on performance About the Client Morgan Stanley is a global leader in financial services, offering investment banking, securities, investment management, and wealth management solutions. With a strong culture of integrity, excellence, and collaboration, the firm provides a world-class platform for professionals to grow, innovate, and succeed. About the Team Enterprise Technology & Services (ETS) delivers shared technology services supporting 3,000+ production applications across the firm. The Enterprise Z Security Team engineers and manages mainframe authentication and authorization systems critical to enterprise security. We are seeking a Senior Security Engineer to join the Tooling & Project Team, responsible for engineering solutions around TopSecret (TSS) security products and mainframe platform integrations. Responsibilities Provide engineering support for MS Enterprise Z Mainframe Security products: CA/Broadcom-TSS CA/Broadcom Compliance Manager IBM RACF & IBM ZSecure TSS Admin Express Design and support enterprise mainframe initiatives including: Encryption, authentication, authorization Kerberos, Digital Certificates, Pass Tickets, entitlement provisioning Collaborate with cross-functional infrastructure teams (CICS, Systems Programming, DB2, MQ, etc.) Coordinate and validate software/OS upgrades and patches Integrate new feature sets from security product releases Develop automation tools, utilities, scripts, and reporting solutions Troubleshoot issues and work with vendors for resolution Participate in on-call rotation for production support Review and assess technical feasibility for security proposals Required Qualifications Bachelor's degree + 5+ years of mainframe experience Hands-on experience with Mainframe security software internals (Broadcom/CA-TSS) Proficiency in C, JCL, REXX, mainframe batch programming Experience with UNIX/USS, z/OS utilities (ISPF, TSO, SDSF, JES) Knowledge of DB technologies (DB2, Sybase, SQL) Strong analytical and troubleshooting skills Ability to work independently with minimal supervision Excellent communication skills (verbal + written) Strong organizational, planning, and multitasking abilities Proficiency in MS Office (Excel, PowerPoint, Word, Access) Team-oriented mindset Preferred Qualifications Experience with PKI, Digital Certificates, Kerberos, SSL/SSH Scripting knowledge: PERL, Shell Scripting, OpenSSL Systems Programming background (SMP, SYS1 datasets, assembler) Mainframe networking knowledge Experience with middleware (MQ Series, etc.)

Based in Hollywood, FL, Sintavia, LLC designs and additively manufactures critical components for the Aerospace, Defense, & Space industry. We are seeking a career-minded individual for the position of IT Operations Analyst, preferably someone who is looking for long-term growth and potential. In addition to the below, candidates must possess strong customer service skills, an eye for detail, and the ability to multi-task at a quick pace. Being a team player is a must! SUMMARY: Specializes by platform or application and is responsible for performing all operational processes and procedures, ensuring that all IT services and infrastructure meet operational goals. DUTIES AND RESPONSIBILITIES: Analyze and provide solution to low complexity and routine computer issues Work together with vendors to aid repairs of hardware, i.e., printers, laptops, and desktops Responsible for the definition, design, implementation, and maintenance of support infrastructure for application solutions Oversee the Incident, Problem, and Change management processes Identify incident trends; recommend and implement improvements to reduce volume Prepare SOP (Standard Operating Procedures) for the daily maintenance of applications and underlying systems Keep Operations team up to date with new implementations and technologies Establish clear communication channels for feedback from customers, peers, and cross functional teams Identify new solutions for improved processes, as well as develop cost/benefit analysis for business solutions Make certain that technology solutions adhere to quality standards Collaborate with the project teams to review or inspect work to guarantee their quality Assist in other tasks as required QUALIFICATIONS: Bachelor's degree (B.A.) from four-year college or university; or two years related experience and/or training; or equivalent combination of education and experience. Demonstrated ability to balance department efficiency and service excellence. Strong written, verbal, and interpersonal communications skills including ability to listen attentively and to communicate information clearly and effectively. Demonstrated interpersonal, collaborative, and relationship-building skills; ability to interact positively with teammates at various levels across the company and customers. Demonstrated ability to work well with cross-functional groups. Self-motivated, able to multi-task, and detail oriented. Strong organizational, analytical, problem-solving and decision-making skills. Able to maintain a professional demeanor and a polished professional appearance. Background checks will be completed on all candidates considered for hire. REQUIREMENTS: Working knowledge of systems architectural concepts and methodologies; infrastructure platforms and their application; business processes, process analysis/management, and IT requirements and IT managed services It is also important that they can manage Critical Incident and Change Management SLA's with Service Provider, and can also manage and implement process improvements in NOC/SOC (network/security operation center) Working knowledge of networking; can write Technical Specs and provide Level1 application Support (Client/Server) Must have the required technical skills to identify system problems, as well as seek out ways to improve processes Must be able to learn procedures quickly and be a team player Easily adapt to new organizations / technical environments Ability to handle and prioritize multiple tasks Project management on small to medium projects Must be able to perform a variety of routine tasks and demonstrate a good working knowledge of equipment, procedures and working with common hand tools PHYSICAL DEMANDS AND WORK ENVIRONMENT: Frequently required to sit, walk, stand, bend, stoop, kneel or crawl Continually utilize visual acuity to operate equipment, read technical information, and/or use a keyboard Frequently required to lift/push/carry items up to 50 pounds Work on Specialized equipment WHY SINTAVIA: We offer a comprehensive compensation and benefits package and the tools you will need to be successful, including: Medical, dental, and vision plans after 30 days Paid PTO and holiday Paid life and long-term disability insurance 401(K) retirement plan and matching program We provide a safe, fun, exciting and collaborative workplace, where growth and advancement opportunities abound. Sintavia is an equal opportunity employer and a drug free workplace. The above is intended to describe the general content of and requirements for the performance of this job. It is not to be construed as an exhaustive statement of duties, responsibilities or physical requirements. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Who We Are: From Georgia. For Georgia. Since 1914 Yancey Bros. Co. has proudly served as the authorized Caterpillar equipment dealer for Georgia, providing our customers with the highest quality sales, parts and service. From Caterpillar heavy and compact construction equipment to on-highway trucks, we remain committed to learning more about our customers, offering equipment and support to keep up with their changing needs. This all starts with our greatest asset…our employees. What You Will Be Doing: As a member of IT, you will work closely with the teams of business liaisons, business analysts, and other IT staff as needed for requirements gathering, understanding business priorities, and executing given tasks. This role is pivotal in bridging the gap between business needs and technology solutions, ensuring sales and service processes are optimized and aligned with best practices, and supporting the company's Microsoft Dynamics 365 implementation journey. The individual must work effectively with others and have a team-first attitude. Primary Responsibilities: Collaborate with stakeholders across sales and service teams, procurement, operations, and IT to elicit, analyze, and document business requirements. Map current processes, identify gaps, and recommend improvements leveraging Dynamics 365 capabilities. Translate business requirements into functional specifications. Work closely with technical teams to design, configure, and test Dynamics 365 solutions that meet business objectives. Participate in the end-to-end implementation lifecycle of sales and service projects, including system configuration, data migration, user acceptance testing, and go-live activities. Develop user documentation and deliver training sessions to ensure smooth adoption of new processes and systems. Act as a liaison between business users and IT, facilitating clear communication and managing expectations throughout the project lifecycle. Monitor post-implementation performance, gather feedback, and propose enhancements to maximize the value of Dynamics 365 investments in the sales and service space. Experience with other Dynamics 365 and Azure-related platforms and products, such as Power BI and PowerApps. Additional Responsibilities: Participate in required safety program, and work in a safe manner. Additional duties as assigned by manager. Who We Are Looking For: To be successful in this position you must be highly organized, have proven experience as a Functional Analyst or Business Analyst, and a strong understanding of finance practices and processes. You should be familiar with Dynamics 365 Finance, Supply Chain, and/or Customer Engagement modules, and hands-on involvement in implementation is heavily preferred. The ability to both take direction and work with minimal supervision is required for this position as well. Education/Experience: Bachelor's degree in Business Administration, Information Systems, or a related field Required Qualifications/Skills: Must be highly organized with the ability to set priorities and be a team player with a team-first attitude Proven experience as a Functional Analyst or Business Analyst in sales and service, customer-centric areas or ERP projects Strong understanding of sales and service practices and processes Familiarity or experience with Dynamics 365 Finance and/or Customer Engagement modules is preferred Hands-on involvement in full-cycle Microsoft Dynamics 365 implementation (particularly Customer Engagement, Customer Insights, Supply Chain, Finance, or related modules) is also preferred Familiarity with Microsoft Dynamics 365 platform Proficiency in process mapping, requirements documentation, and solution design Experience with data analysis and reporting tools is a plus Proven abilities to take initiative and be innovative Proactive in learning and highly self-motivated Demonstrates commitment to customer satisfaction and ability to work in a collaborative team environment Excellent organizational and project management abilities Exceptional interpersonal, verbal, and written communication skills along with strong analytical skills required Must be able to comprehend, speak and write the English language Values: At Yancey Bros. Co, we are always looking to add people to our team who share our core values: Safety: We value the lives and health of our team and customers above all else. Integrity: We are ethical and trustworthy, demonstrate respect for others, and communicate truthfully and promptly. Teamwork: We work as one across our organization for the benefit of our customers. Excellence: We strive to be the best, continuously improving our customers' experience and the solutions we provide. Sense of Urgency: We respond quickly to customer needs and hold ourselves accountable for results. Ideal candidates will demonstrate the following values: Acting in a safe manner Exhibiting honesty and integrity Acting in a fair and ethical manner Team mentality Delivering quality results Embraces change / improvement Exhibiting superior customer service skills Exhibiting pride and ownership Working with a sense of urgency Exhibiting a winning attitude What We Offer: Yancey Bros Co offers a full benefits package that includes aggressive compensation levels, technician tool allowances, full medical, vision and dental coverage, employee wellness programs, paid vacations and more. Competitive Pay Structure Competitive Pay Individual Bonus Opportunities Available Technician Tool Allowance 401k Plan Strong Company Match Employee Profit Sharing Financial Wellness Coaching Employee Wellness Program Medical, Vision, Dental Insurance Prescription Drug Coverage Flexible Spending Accounts Short & Long Term Disability Group Life Insurance Personal Time Off Paid Holidays Paid Sick Leave Career Development Tuition Reimbursement Ongoing Training Advancement Opportunities