Information security analyst jobs in Fayetteville, AR

Akkodis is seeking an Information Security Engineer for a Contract with a client located in Overland Park, KS (Remote). Pay Range: $60/hr - $70/hr, The rate may be negotiable based on experience, education, geographic location, and other factors Must come from the Financial industry, has experience implementing SIEM, SASE/SSE, EDR/MDR, etc, has AWS or Azure as a cloud, CIS, NIST, ISO 27001, Okta or IAM, and SentinelOne experience is preferred. Job Description: We're looking for a proactive and technically curious Information Security Engineer to join our Technology & Information Security team. In this role, you'll work within an engineering-minded security organization that values modern architectures, hands-on problem solving, and high-impact technical contributions. You'll help safeguard a complex, highly regulated environment while collaborating with teams who move quickly, think strategically, and execute with precision. If you thrive in dynamic environments, enjoy building and refining security capabilities, and want to make a meaningful impact on an organization's security posture, you'll feel right at home here. What You'll Do: Engineer and operate modern security platforms. Implement, run, and optimize enterprise-level security tooling across detection, identity, cloud, endpoint, and governance technologies. Conduct deep-dive security assessments. Evaluate systems, configurations, and architecture through hands-on testing and analysis-delivering actionable insights that directly influence engineering and business decisions. Cloud Platform Focus: The client operates in a hybrid environment, primarily in Azure, with some AWS and on-prem infrastructure. Core Security Tooling: SentinelOne experience is preferred, but candidates with experience using other tools are strongly considered as long as they have solid, overarching experience across SIEM, EDR, and vulnerability management platforms. Strengthen core security operations. Support and mature processes such as: Malware response and remediation Vulnerability management and patch governance SIEM log analysis, correlation, and monitoring Incident documentation, reporting, and lifecycle management Improve systems by design-not by accident. Embed security into applications, infrastructure, and business initiatives from the outset, partnering with IT and engineering teams to identify risks and drive effective mitigations. Contribute through data, insights, and experimentation. Analyze trends, surface patterns, and help refine the firm's Information Security Program through continuous improvement and cross-functional engagement. What Makes This Role Unique: Technical leadership that “gets it.” You'll work under leaders with real engineering backgrounds who understand workflows, decision points, constraints, and trade-offs because they've been hands-on themselves. Security is built on innovation, not stagnation. Our program prioritizes modern architectures, continuous improvement, and thoughtful evaluation of emerging standards, frameworks, and controls. Access to state-of-the-art platforms. Gain experience with advanced detection systems, automated response tooling, identity and access platforms, cloud-native security solutions, and governance technologies used across the industry. High-rigor environment with real impact. Build and refine capabilities in a financial-services context where precision, repeatability, and operational discipline matter-and influence enterprise-level direction. Collaboration with top industry partners. Participate in vendor assessments, tooling evaluations, and integrations that shape an enterprise-grade security program. Opportunities for broad domain depth. Contribute to initiatives spanning detection engineering, identity architecture, cloud security, automation, governance, and more. What You Bring: Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or equivalent experience 3-5 years of hands-on experience in information security, IT operations, or adjacent engineering roles; experience in financial services is a plus. Familiarity with modern security tools, frameworks, and standards (SIEM, EDR, vulnerability scanners, CIS, NIST, ISO 27001). Familiarity with identity and access management (IAM) solutions, such as Okta, including integration with applications and security systems. Experience with automation, including scripting languages (e.g., Python, PowerShell, Bash) to streamline security processes, workflows, and response actions. Ability to operate with autonomy, accountability, and comfort in fast-moving environments. Exceptional communication and collaboration skills with the ability to influence across teams. Analytical mindset with a high bar for detail, documentation, and operational excellence. If you are interested in this role, then please click APPLY NOW . For other opportunities available at Akkodis , or any questions, please contact Anirudh Srivastava at ************ or ***********************************. Equal Opportunity Employer/Veterans/Disabled Benefit offerings include medical, dental, vision, term life insurance, short-term disability insurance, additional voluntary benefits, commuter benefits, and a 401K plan. Our program provides employees the flexibility to choose the type of coverage that meets their individual needs. Available paid leave may include Paid Sick Leave, where required by law; any other paid leave required by Federal, State, or local law; and Holiday pay upon meeting eligibility criteria. Disclaimer: These benefit offerings do not apply to client-recruited jobs and jobs that are direct hires to a client. To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit ******************************************

Immediate need for a talented Senior Cloud Security Engineer . This is a 04 months contract opportunity with long-term potential and is located in Elkhorn,NE(Remote). Please review the job description below and contact me ASAP if you are interested. Job ID:25-94911 Pay Range: $90 - $91.19/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Deploy and configure container scanning tools to ensure secure containerized environments. Analyze vulnerabilities identified through SAST, DAST, SCA, and container scans, prioritizing remediation based on risk. Develop and maintain custom scripts to automate security processes and enhance scanning capabilities. Consult with development teams to provide secure coding guidance and assist with remediation strategies. Onboard applications into DAST scanning workflows, ensuring proper configuration and coverage. Configure and troubleshoot DAST scans, resolving issues related to application accessibility and scan accuracy. Review and validate SAST and SCA findings, confirming or rejecting false positives and “mitigated by design” claims from development teams. Document findings, create actionable reports, and communicate technical details effectively to stakeholders. Key Requirements and Technology Experience: Key Skills; Strong experience with application security tools: DAST (e.g., Burp Suite, OWASP ZAP), SAST (e.g., Checkmarx, Veracode), and SCA (e.g., Black Duck, Snyk). Hands-on experience with container security and deployment of scanning tools (e.g., Wiz, Prisma, Aqua Security). Proficiency in scripting languages (Python, Bash, or PowerShell) for automation and tool integration. Deep understanding of secure software development lifecycle (SDLC) and common vulnerabilities (OWASP Top 10). Strong experience with application security tools: DAST (e.g., Burp Suite, OWASP ZAP), SAST (e.g., Checkmarx, Veracode), and SCA (e.g., Black Duck, Snyk). Hands-on experience with container security and deployment of scanning tools (e.g., Wiz, Prisma, Aqua Security). Proficiency in scripting languages (Python, Bash, or PowerShell) for automation and tool integration. Deep understanding of secure software development lifecycle (SDLC) and common vulnerabilities (OWASP Top 10). Ability to troubleshoot complex scanning issues and optimize configurations for accuracy and performance. Strong analytical skills for vulnerability triage and risk prioritization. Excellent communication skills for consulting with development teams and explaining technical findings. Experience integrating security tools into CI/CD pipelines. Familiarity with cloud-native security (AWS, Azure, GCP) and container orchestration (Kubernetes). Knowledge of API security testing and microservices architecture. Exposure to DevSecOps practices and security automation frameworks. Relevant certifications such as OSWE, GWAPT, or CSSLP. Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration. Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

The CSOC Operations Engineer III position is a technical leader responsible for the tactical execution of incident response, threat detection and continuous improvement of solutions which defend and protect our computer systems, information, and networks from intentional or unintentional access, modification, or destruction. This position is responsible for technical leadership in the design, planning, documenting and support of projects and cyber security solutions for the company. This position needs to intently focus on prioritization and always seek the improvement of processes and tools, providing recommendations to engineering and architecture teams. A successful CSOC Operations Engineer III will have a multidisciplinary background beyond cyber security, with advanced knowledge in fields such as client and server systems, networking, and application development. This position will also be responsible for ensuring systems and processes follow regulatory requirements, such as PCI-DSS, HIPAA and SOX. This position is responsible for the mentorship of other IT staff and performs third level support for incidents and issues. Major functions for this position Cyber Security Incident Response - 15% of total job Lead Cyber Security Incident Response as an incident owner, direct incident response activities, provide real-time decision making and communicate with the incident commander. Function as a threat hunter, working proactively to seek out weaknesses and stealthy attackers, conducting penetration tests and reviewing vulnerability assessments. Continuously develop and improve security technologies, focusing on the development of automation and orchestration capabilities as it relates to incident response. Coordinate documentation of activities during an incident and provide status updates to the incident commander during the life cycle of the incident. Participate in post-mortem collections and after-action reviews to identify and remediate gaps in processes and technologies. Participate in regular table-top sessions with the CSIRT and E-CSIRT teams to evaluate readiness, address changes in company, external cyber security threats and impact. Participate in after action reviews to identify and remediate gaps in process or technologies. Cyber Security Infrastructure Operations - 60% of total job Serve as an escalation point for all cyber security infrastructure operational issues during business hours and on-call for junior members of the team. Provide third tier support and subject matter expertise for all cyber security technologies and solutions. Work with the CSOC Principal and Manager to provide the team with tactical direction of operational technology capabilities focused on continuous improvement. Guide Security Engineering with necessary support as needed during IT projects with Cyber Security needs. Ensure project transitions meet CSOC operational standards for needed functionality, prevention, monitoring, detection, and response. Cyber Security Threat Operations - 15% of total job Perform third tier analysis of exploits such as malware, network intrusions, and unauthorized use to help determine attack-surface, patient zero, and possible pivot-points for escalation. Provide technical leadership to the team and guidance in investigating escalated notable/suspicious events and the latest investigation techniques, containment and mitigation methods, evidence handling standards, threat intelligence, playbook development and case documentation best practices. Participate in the Cyber Security Risk Scoring process to include scoring risks, providing remediation or compensating control guidance and risk remediation/mitigation validation. Stay current on monitoring, detection, prevention, analysis, and investigation techniques/tools and adversary techniques, to implement recommendations for improving cyber security event processes, procedures and tooling. Participate in regular technical table-top sessions with the cyber security teams to evaluate readiness, address changes in company, external cyber security threats and impact. Participate in after action reviews to identify and remediate gaps in process or technologies. Technical Leadership - 10% of total job Provide leadership and mentoring to IT staff in the following manner. Coordinate or lead necessary training to develop staff. Ensure that appropriate technology is implemented in the appropriate manner. Provide timely and effective communication of changes to processes and technologies. Maintain technical competence and relevance on existing and emerging cyber security, infrastructure, and automation technologies. Conceive, define, develop, and deploy tools/processes which help automate our cyber security technologies to produce higher business value. Help develop cyber security awareness content and provide education on security policies and practices both internal and external to the group. Routinely evaluate documentation provided by Security Engineering staff to ensure complete coverage of required diagrams, support articles, and other necessary documentation. Position Specifications: The required specifications (education, experience, and skills) are those that the employee must have to hold the position. Applicants applying for this position must possess the required specifications in order to be considered for the job. The desired specifications are those that are not required for the employee to hold the position, but the employee should try to obtain the desired education, experience, and/or skills to be effective and successful in the position. Required education: Bachelors in relevant field or the equivalent combination of education and experience. Desired education: Bachelor's degree in Cyber Security or a degree in a technology related field. Multiple industry certifications in Security, Systems Administration, and/or Networking, such as CISSP, GDSA, CCNP Security, or PCNSE. Required experience: Minimum of 8 years of progressive experience with cyber security technology design, administration or incident response in large, complex environments, particularly in multi-region retail. Advanced expertise in cryptography, network defense, endpoint protection, forensics, data protection, and incident response. Advanced understanding of data center technologies and concepts including services, security, infrastructure design, disaster recovery practices. Advanced level troubleshooting of IT systems. In depth knowledge of compliance standards such as HIPAA, PCI, and SOX. Experience mentoring, training, and developing other IT staff. Desired experience: Advanced experience in all aspects of cyber security technologies and knowledge in supporting and building large, complex cyber security environments. Experience planning and implementing a technical backlog to drive continuous improvement of technology and practices. Required skills: Advanced knowledge of multiple cyber security technologies, including next generation firewalls, IDS/IPS, network access control, email and web security, digital forensics, endpoint detection and response, vulnerability scanning and analysis, data protection, credential vaulting, certificate management, Multi-Factor, access brokering, SIEM, public cloud compliance and Cybersecurity automation and orchestration technologies. Advanced experience in planning and tracking the execution of large and complex projects or other efforts. Experience in scripting or software development. The ability to communicate effectively to both business and IT staff in a professional manner. Desired skills: Working experience with Active Directory and Microsoft and/or Linux OS, networking, identity and access management, wireless networking and security, penetration testing, incident response, and application security methodologies. Understanding of encryption systems and methodology. Advanced experience in software development or secure coding techniques. This position will require shift work that could include weekends and nights as dictated by support needs. On call 24/7. Must have knowledge of many areas and be able to switch between them rapidly. Must be able to work under pressure and provide guidance to Information Technology and business users during a crisis. This position will require ability to maintain absolute confidentiality of information or events due to the sensitivity of their natures.

Infrastructure Security Engineer Compensation: $40-50 /hour, depending on experience Inceed has partnered with a great company to help find a skilled Infrastructure Security Engineer to join their team! Join a dynamic team in a company that values culture and work-life balance. As an Infrastructure Engineer, you will play a crucial role in designing and maintaining a secure hybrid infrastructure. This is an exciting opportunity for someone who thrives in a technical environment and is passionate about security compliance. Enjoy working in a supportive and collaborative setting where your skills and expertise will make a significant impact. Key Responsibilities & Duties: Design and manage Azure environments and Azure Virtual Desktop. Ensure compliance with security frameworks like CMMC and NIST. Administer Windows Server and Active Directory. Implement and monitor network security. Translate compliance requirements into technical controls. Collaborate with high-level executives and cross-functional teams. Required Qualifications & Experience: Bachelor's degree in IT or 10 years of IT experience. Proven experience with cloud and on-premises environments. Strong understanding of CMMC or NIST frameworks. Excellent written and verbal communication skills. Strong analytical and troubleshooting skills. Nice to Have Skills & Experience: Experience with Hyper-V and VMware. Knowledge of PowerShell scripting and automation. Familiarity with vulnerability management and incident response. Perks & Benefits: 3 different medical health insurance plans, dental, and vision insurance Voluntary and Long-term disability insurance Paid time off, 401k, and holiday pay Weekly direct deposit or pay card deposit If you are interested in learning more about the Infrastructure Security Engineer opportunity, please submit your resume for consideration. Our client is unable to provide sponsorship at this time. We are Inceed, a staffing direct placement firm who believes in the possibility of something better. Our mission is simple: We're here to help every person, whether client, candidate, or employee, find and secure what's better for them. Inceed is an equal opportunity employer. Inceed prohibits discrimination and harassment of any type and affords equal employment opportunities to employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity, or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law. #IND

We are seeking a Security Engineer II to support threat and vulnerability management across on-premises and cloud environments. This role focuses on identifying security risks, assessing vulnerabilities, ensuring secure configurations, and driving remediation efforts to improve overall security posture. Key Responsibilities: Identify, assess, and remediate vulnerabilities across on-prem and cloud environments (AWS/Azure/GCP) Monitor and analyze threat intelligence using frameworks such as MITRE ATT&CK, OWASP, and CVSS Utilize vulnerability and cloud security tools (Tenable, Qualys, Rapid7, Prisma Cloud, Defender for Cloud, Wiz) Perform secure configuration audits using CIS Benchmarks, NIST, and STIGs Collaborate with IT, Cloud, and DevOps teams to implement remediation Automate security processes using scripting (Python, PowerShell, Bash) Track remediation progress and communicate risks to technical and non-technical stakeholders Required Skills & Experience: 4+ years of experience in Cybersecurity or IT with exposure to vulnerability or cloud security Hands-on experience with vulnerability management tools Strong understanding of security controls, risk management, and compliance Experience with scripting/automation and API integrations Familiarity with SIEM, logging, monitoring, and ticketing systems

Oversees and coordinates all information security staff and activities to ensure the firm's overall information assets are adequately protected. Oversees the planning, coordinating and implementing of information security programs in order to maintain information integrity and protect against all cybersecurity threats. Interacts with other individuals in the firm in a problem-solving and team-building manner. Oversees, develops and maintains the Firm's ISO 27001 Program, and operation objectives. Manages the development and cost effective solutions to maintain the integrity of system information while allowing business operations to continue in the event of any type of business interruption. Assists in audits of the Information Security program as needed at the request of management. Uses leadership skills to train, motivate and direct assigned staff. Provides technical expertise in the selection, testing, implementation and deployment of information security systems. Provides technical guidance and direction in information security monitoring, assessment, auditing and testing. Defines, develops and implements the firm's Information Protection Program security policy. Works with the Director of Information Security and Risk Management to develop methods of improving department workflow, customer satisfaction and employee efficiency. Assists in determining department work procedures, plans, assigns and directs work as necessary. Monitors employee workflow and makes adjustments as necessary to ensure customers' needs are addressed in a timely and efficient manner. Monitors and audits analyst(s) work product, reviews and communicate results with employee and provides advice. Coordinates training of staff to ensure work meets/exceeds performance expectations within a reasonable time frame. Oversees department projects, ensuring that procedures are followed and objectives are accomplished according to schedule. Responsible for conducting, coordinating, testing, implementing, deploying, and operational maintenance of all information security systems, applications, appliances and devices throughout the firm. Responsible for assessing, recommending, developing, implementing and maintaining the firm's information security infrastructure and security standards. Lead for security risk assessments and penetration studies of networks. Recommends solutions for security vulnerabilities and takes corrective measures and/or applies security patches when appropriate. Installs, monitors, maintains and upgrades virus detection applications/tools to ensure computer codes, viruses, and worms are blocked or eradicated when detected. Analyzes problematic security log entries from security servers and routers, provides technical solutions to issues and security breaches. Is on call to respond to security incidents or disaster recovery and business continuity operations. Maintains advanced knowledge of the firm's Information Security posture, goals and objectives. Supervises the Information Security Engineers. Is responsible for the overall direction, coordination, and evaluation of designated employees in this category. Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding, coaching, and disciplining employees; addressing complaints and resolving problems.

The Cyber Security Operations Analyst is primarily responsible for monitoring the front lines of the company's cyber defense program, helping to protect critical systems and data from potential threats, responding to reported security violations, analyzing internet access, connectivity and threats (virus protection, spam, etc.) DUTIES AND RESPONSIBILITIES The following represents the majority of the duties performed by the position but is not meant to be all-inclusive nor prevent other duties from being assigned when necessary. 1. Complies with DOT and OSHA health, safety and environmental requirements and follows safety philosophy and procedures developed by the Company including: applicable environmental, health and safety rules, procedures, and accepted safe work practices, the use of appropriate personal protective equipment and safety systems, and the reporting of workplace hazards and injury or illness arising from workplace activities; observes the workplace to identify conditions or behaviors that should be corrected and takes appropriate action. 2. Monitors Security Information and Event Management (SIEM) alerts, firewall logs, intrusion detection systems, and network activity for suspicious behavior including public and private threat intelligence sources for emerging risks; analyzes internet access, connectivity logs, and alerts related to virus protection, spam, and suspicious behavior including user account activity providing reports on potential anomalies. 3. Conducts daily security log reviews and assists in identifying potential threats; summarizes and shares relevant alerts with the cybersecurity team. 4. Monitors incoming security tickets and alerts; documents and triages security incidents, escalating to senior analysts as needed; assists with evidence collection and incident tracking. 5. Performs scheduled vulnerability scans, analyzes findings, and maintains remediation tracking logs; assists with patch management processes including deployment, tracking, and reporting. 6. Assists with internal and external audits by collecting necessary documentation and evidence. 7. Maintains regulatory compliance documentation as required by TSA, DOT, O SHA, etc.; creates and updates procedural documents, runbooks, security playbooks, and knowledge base articles. 8. Documents all incidents, assessments, and routine checks to support audit readiness and knowledge transfer; manages project tracking logs. 9. Assists with the configuration and maintenance of endpoint protection, firewall settings, and other cybersecurity tools under guidance. 10. Reviews vendor solutions and compiles initial summaries for team consideration; maintains security-related inventories, software licenses, and access lists. 11. Assists with development and dissemination of basic cybersecurity awareness content for end users; tracks completion of required security training and assists with scheduling refresher sessions. 12. Participates in a scheduled on-call rotation for after-hours and weekend security support. REQUIREMENTS * Associate's degree or the equivalent in experience in Cyber Security, Information Technology or related field and a minimum of two (2) years of prior experience in cybersecurity, IT support, or SOC environment. Internship or hands-on training in networking, firewalls, or security systems preferred. Certification such as CompTIA Security+, CASP+, or CEH (preferred or in progress). Knowledge, Skills and Abilities * Ability to actively engage in safe behavior and understand and follow the principles and methods related to pipeline and workplace safety as established by the Company. * Knowledge of emergency and safety procedures, policies procedures, equipment operating parameters, and all applicable DOT, EPA, FERC, DHS, and OSHA requirements. * Knowledge of Active Directory, Exchange, SharePoint, CISCO routing and switching configuration. * Knowledge of firewall and network security and IDS (intrusion detection systems), and network management tools. * Knowledge of TSA security requirements and regulations. * Knowledge of identity management processes and procedures. * Skill in project management. * Ability to manage, track and analyze information. * Ability to effectively work and cooperate with supervisors, co-workers, and vendors. * Ability to follow corporate policies and the directions of supervisors. * Ability to refrain from causing or contributing to the disruption of the workplace.

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

IAM Information Security Specialist Duration: 12 Months Overview of the Role: Our Client is currently seeking an Identity Access Management (IAM) Information Security Specialist that will have a strong emphasis on Cloud based IAM services. As a member of the team, your work will focus on IDaaS (Identity as a service) work using SaaS (Software as a Service) tools. As an IAM Information Security Specialist you will work with critical and sensitive information daily, and you will be relied upon to maintain critical security safeguards. Key Responsibilities: Develop and maintain comprehensive information security posture including rules, controls, and security safeguards. General activities such as Develop and maintain the information security posture (rules, controls, security safeguards, etc.) to protect information assets, and conducts reviews. Engineering activities such as facilitating and configuring application integrations, creation of IAM objects (users, groups, servicer accounts, API tokens, etc.), working incidents, following change management processes, and creating documentation. Required Skills & Qualifications: At least three years of related access control experience with a general understanding of provisioning within IDaaS and IAM systems preferred. Associate or Bachelors degree from an accredited college or university with specialization in an information technology field or equivalent combination of experience, education, and/or certification preferred. Intermediate understanding of computer applications such as Microsoft Office, internet navigation and email programs. Strong interpersonal, analytical and customer service skills and communication skills. Good business and organizational skills including the ability to prioritize, work within a team setting and manage work. Perks of Working with AP Recruiters & Associates: Competitive compensation (depending on experience) Comprehensive career development and professional growth opportunities Dedicated recruiter support throughout your contract journey Access to exclusive opportunities with Fortune 500 clients Flexible work arrangements and professional development resources About the Client: Our client is a leading energy company recognized as one of the largest electric utilities in the United States. They are committed to delivering clean, affordable, and reliable energy while driving innovation in sustainable power generation. The organization operates across multiple states, serving millions of customers and maintaining a strong focus on environmental stewardship, technological advancement, and community development. Their commitment to digital transformation and cybersecurity excellence makes this an exciting opportunity for security professionals.

**Job Opportunity is actually with a company called Western Farmers Electric Cooperative (WFEC)** Under the general supervision of the Supervisor, IT Infrastructure, the Cyber Threat Analyst performs monitoring and analysis of cyber threats to assist in the defense of WFEC cyber systems and operations. The incumbent will curate and triage intelligence from multiple cyber intelligence sources and will inform the security operations with timely and relevant TTPs, IOCs, and context. The incumbent will generate reports for upper management based on data, information, and intelligence. The incumbent must understand the MITRE ATT&CK framework and be able to integrate the framework in the reporting. The Cyber Threat Analyst will develop and document threat hunt activities based on intelligence, scenarios, and observations. The incumbent develops, maintains, and supports systems that provide collection capabilities and telemetry information to the organization. In addition, the incumbent performs troubleshooting, installation, and maintenance on equipment and software systems related to NERC CIP. The incumbent performs change management and configuration activities, security controls testing, system baseline activities, vulnerability testing and analysis, and network traffic analysis to ensure system reliability and security. The incumbent participates in in-house, regulatory, and industry teams, including working groups, committees, incident response teams, and business continuity teams as required. Also, the incumbent participates in exercises that test policies, procedures, and skills which are required by business and critical operations. The incumbent responds to anomalous events that will require analysis and will have to synthesize and correlate complex events to ensure operational security.

Kanshe Infotech is Consulting Firm Which Provides World online training. Online Training (Remote Training + Real-time exp) available. Our training is more than just hours of lecture, we believe in student engagement, motivation and knowledge sharing as tools for success and we do it with great dedication and precision. We offer online training that clearly stands out of the group, sign up for a demo session. Job Description Our Training Features: · You will receive top quality instruction that Kanshe Infotech is famous for Online IT training. · Trainees will receive immediate response to any training related queries, either technical or otherwise. We advise our trainees not to wait till the next class to seek answers to any technical issue. · Training sessions are conducted by real-time instructor with real-time examples. · Every training session is recorded and posted to the batch after each weekend class. · We are offering online training on Cyber Security. . Provide OPT Stem Ext.: Guidance and support for applying for the 24-month OPT STEM extension Help with OPT Employment letter: Help with drafting and obtaining OPT employment letters that meet USCIS requirements. · We provide training in technology of your choice. · Good online training virtual class room environment. · Highly qualified and experienced trainers. · Professional environment. · Special interview training · Training for skill enhancement. · Study material and Lab material provided. · E-Verified company. If you are interested or if you know anyone looking for a change, please feel free to call or email me for details or questions. I look forward to seeing resumes from you or your known and highly recommended candidates. Thanks Additional Information All your information will be kept confidential according to EEO guidelines.

Join our dynamic and thriving company as a Data Security Analyst in St. Louis, MO where you'll have the opportunity to make an impact and shape the future of our renowned brands. If you have a passion for fashion, eager to learn and have an eye for detail, this is the perfect role for you! As a member of our team, you'll be part of a company that values results, caring and learning. What You'll Be Doing Monitor security service performance and availability: Provide recommendations on security equipment, software, and services On-going investigation: Inspect information security alarms and events to determine vulnerability and impact Implement processes: Put forth structured risk assessment processes, conducting ongoing threat and vulnerability assessments, and evaluating controls and countermeasures to mitigate risk Participate in architecture reviews: Ensure adherence to information security architecture Develop processes: Create plans for preventing, detecting, identifying, analyzing and responding to information security incidents Design and deliver programs: Create education and training programs on information security and privacy matters The Timberline Group Phone: ************ PO Box 565, Sullivan, Mo 63080 ********************* ************************* "Delivering quality solutions through quality people"

The Security Risk and Compliance Analyst is a member of the information security team and works closely with the other members of the team, the business, and other IT staff to develop and manage security for one or more IT functional area (e.g., data, systems, network, and physical) across the enterprise. The candidate will be able to effectively understand standard risk methodologies and the implementation of security controls in an enterprise environment. Key Result Areas: Work as part of a team to maintain security and integrity of corporate data and IT systems through activities including: Develop and maintain enterprise security policies and procedures Assist in the coordination and completion of information security risk assessments and documentation Work with information security management to develop strategies and plans to enforce security requirements and address identified risks Report to management concerning residual risk, vulnerabilities, and other security exposures including misuse of information assets and noncompliance Work with IT department and members of the information security team to identify, select and implement technical controls Provide direct support to the business and IT staff for security related Maintain an awareness of security and control issues in emerging technologies Perform other duties as assigned Knowledge, skills, and experience required: Bachelor's degree in Computer Science, Information Systems, or other equivalent degree or experience Preferred Certifications (CISSP, CISA, CRISC, CRM, GSEC, etc.) Strong analytical and problem-solving skills to enable effective security incident and problem resolution Proven ability to work under stress with the flexibility to handle multiple high-pressure tasks simultaneously Ability to work well under minimal supervision Strong team-oriented skills with the ability to interface effectively with a broad range of people and roles, including vendors and enterprise personnel Strong written and verbal communication skills and attention to detail for board level committee and regulatory reporting Strong customer/client focus with the ability to manage expectations appropriately General understanding of risk management Knowledge of security methodology frameworks and regulatory requirements such as NIST, CIS, HIPAA, PCI, and FFIEC Microsoft Excel, Word, and Visio skillset for the creation, tracking and reporting of security metrics (e. graphs, formatting, basic formulas) Preferred Qualifications: Understanding of enterprise risk management systems and automation platforms Experience with Data Loss Prevention (DLP) and Vulnerability Management solutions *This position is on-site located in Oklahoma City, must reside within the area to be considered. *Position requires a minimum of 3 years of relevant US based experience. #LI-Onsite #LI-DNI

Company: The Boeing Company The Boeing Company is looking for a highly motivated Cybersecurity - Information System Security Officer (ISSO) to join our Classified Operations Cybersecurity team based in Hazelwood, MO. This position supports Boeing's Enterprise Wide Area Network (eWAN). The selected candidate will rely on cyber security and Information Assurance (IA) background to support Enterprise activities and Boeing customers throughout multiple classified computing domains. The ISSO is responsible for maintaining and enforcing all Information System Security policies, standards, and directives to ensure assessment and authorization of information systems processing classified information. Position Responsibilities: Perform security analysis of operational and development environments, threats, vulnerabilities, and internal interfaces to define and assess compliance with accepted industry and government standards Support and implement the Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF) for new and existing information systems Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL) and support Continuous Monitoring (CONMON) Perform configuration management of assigned systems; auditing systems to ensure security posture integrity Conduct risk assessments and investigations, execute appropriate risk mitigations, and participate in incident response activities Conduct periodic hardware/software inventory assessments Interface with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements Basic Qualifications (Required Skills/Experience): IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification (i.e. CAP, Security+ CE, CISSP, CASP, CISM, GSLC) 1+ years of experience in cybersecurity 1+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs Preferred Qualifications (Desired Skills/Experience): 3+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS 3+ years of experience assessing and documenting test or analysis data to show cyber security compliance Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies . Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary pay range: $92,650 - $125,350 Language Requirements: Not Applicable Education: Bachelor's Degree or Equivalent Relocation: Relocation assistance is not a negotiable benefit for this position. Export Control Requirement: This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee. Safety Sensitive: This is not a Safety Sensitive Position. Security Clearance: This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) Visa Sponsorship: Employer will not sponsor applicants for employment visa status. Contingent Upon Award Program This position is not contingent upon program award Shift: Shift 1 (United States of America) Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. EEO is the law Boeing EEO Policy Request an Accommodation Applicant Privacy Boeing Participates in E - Verify E-Verify (English) E-Verify (Spanish) Right to Work Statement Right to Work (English) Right to Work (Spanish)

At Feed the Children, we recognize the value of outstanding people, and we are looking for compassionate changemakers to join our team. We pride ourselves on cultivating a collaborative workplace where employees experience productive and rewarding employment and feel engaged in our mission to end childhood hunger. Our passionate team shares a deep sense of purpose, and we dream big to solve complex problems and create positive impact in communities around the world. Feed the Children is recognized by Candid with its Platinum Seal of Transparency and is accredited by the BBB Wise Giving Alliance. The organization has received a 4-star rating from Charity Navigator and is consistently recognized on the Forbes Top 100 Charities list. We are currently in search of an Information Security Specialist to join our Information Technology team! The Information Security Specialist will investigate, analyze, and learn from cybersecurity researchers, attackers, and incidents to develop durable detective controls across the IT infrastructure. This role will provide support and resolution for scanning, reporting, and vulnerability remediation. This position will collaborate with the Senior Director of Information Security to assist in prioritizing vulnerabilities, planning mitigations, and security control configuration. NOTE: This is an entry level position working from our corporate office in Oklahoma City, OK. Salary range: Up to $21.64/hr. based on education and experience. Job Requirements: Education Bachelor's degree in Computer Science, CIS, Engineering, Cybersecurity, or related field preferred. High school diploma or GED required. Experience 2+ years' experience working with technical and business teams related to information security Ability to analyze general cyber security-related technical problems and provide basic engineering and technical support in solving these problems. Familiarity with Azure and Office 365 security suite of tools, to include Microsoft Defender. Industry-standard knowledge of activities relating to identity and access management, MDR, SIEM, and least privilege access management. Basic understanding of NIST-specific security assessments. Aware of the legal, regulatory, and ethical considerations of working with sensitive information Proactive, self-motivated, well organized, reliable, and detail-oriented team member Ability to communicate across all levels of the organization with strong organizational skills Ability to multitask, self-prioritize daily tasks, and experience with task management tools. Analytical and critical thinking skills, required Any combination of education, training and experience which provides the required knowledge, skills and abilities to perform the essential functions of this job may be considered. Essential Functions: Execute day-to-day threat hunting for targeted attacks against multiple environments. Work closely with Information Technology's Director of Data Governance and the Sr. Director of Information Security to make sure identified vulnerabilities are patched and remediated. Maintain an understanding of security-related IT policies to assess the effectiveness of controls. Facilitate incident remediation including monitoring Data Loss Prevention (DLP) tools and responding to alerts. Investigate network threats such as computer viruses, exploits, and malicious attacks to determine true threats, false positives, and network system misconfigurations. Monitor potential compromise, intrusion, deficiency, significant event or threat to the security posture and provide solutions to issues. Work within the IT department verifying and validating security compliance against corporate standards, regulatory standards, and other industry defined practices. Assist with security awareness training of employees, as needed. Champion the NIST 800-53 program, documenting policies and procedures as well as performing audits, risk assessments and implementation reviews. Update job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; monitoring information security news for emerging threats; and participating in professional organizations. Document specific activities, problems solved, and issues resolved. Protect our organization by keeping information confidential. Collaborate cross-functionally throughout the organization to safeguard sensitive information from potential insider risks and threat actors. Develop, update, and maintain policies and other technical documentation Establish an environment of high performance and continuous improvement that values learning, a commitment to quality, welcomes and encourages collaboration, and fosters both intra and inter-departmental dialogue and respect. Model the type and level of behavior, professionalism and leadership that is in accordance with the values of the organization. Perform other related duties as required About Feed the Children: As a leading anti-hunger organization, Feed the Children is committed to ending childhood hunger. We provide children and families in the U.S. and around the world with the food and essentials kids need to grow and thrive. Through our programs and partnerships, we feed children today while helping their families and communities build resilient futures. In addition to food, we distribute household and personal care items across the United States to help parents and caregivers maintain stable, food-secure households. Internationally, we expand access to nutritious meals, safe water, improved hygiene, and training in sustainable living. Responsible stewards of our resources, we are driven to pursue innovative, holistic, and child-focused solutions to the complex challenges of hunger, food insecurity, and poverty. For children everywhere, we believe that having enough to eat is a fundamental right. Our Values: We are driven by a shared sense of PURPOSE At Feed the Children, our commitment to the mission is at the heart of what we do and fuels our collective impact in the communities where we serve. We cannot achieve our bold vision without our talented PEOPLE We are passionate about fostering a best-in-class workforce that is engaged, respected, and empowered to deliver results. We believe in CURIOSITY and continued learning Success requires a culture of discovery, curiosity and continued learning to expand our knowledge, seek new perspectives and challenge the status quo. We know COLLABORATION is the only way to end childhood hunger We cannot succeed alone. It will take all of us - our employees, donors, partners, volunteers - working together to accomplish our ambitious goals. We DREAM big When we work together, we collectively reimagine what is possible. We dream big to solve complex problems and create deep impact in communities around the world. We VALUE every donor We respect our donors' intentions and promote responsible stewardship of the resources they entrust to us. Join Feed the Children and help create a world where no child goes to bed hungry. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire. Feed the Children is an equal opportunity employer. All qualified candidates will receive consideration for positions without regard to race, color, religion, sex, sexual orientation, age, national origin, disability, political affiliation, pregnancy, military and/or veterans' status, genetic characteristics, marital status or any other considerations made unlawful by applicable state, federal, or local law. Feed the Children welcomes and encourages applications from persons with physical and mental disabilities and will make every effort to reasonably accommodate the needs of those persons. Additionally, Feed the Children strives to provide an environment free from sexual exploitation and abuse and harassment in all places where relief and development programs are implemented. Feed the Children expects its employees to maintain high ethical standards, protect organizational integrity and reputation, and ensure that Feed the Children work is carried out in honest and fair methods, in alignment with the Feed the Children safeguarding and associated policies.

Delaware Nation Industries/Unami works with the Oklahoma City Air Logistics Complex (OC-ALC) located at Tinker AFB, OK to provide on-site cybersecurity support services to maintain an Authority to Operate (ATO) for all OC-ALC systems, applications, and networks using the NIST Risk Management Framework (RMF) per DoDI 8510.01, Risk Management Framework (RMF) for DoD Information and AFI 17-101, Risk Management Framework (RMF) for Air Force Information Technology. An active security clearance is REQUIRED. A Security+ Certification is REQUIRED. This position is 100% onsite. · Document and maintain controls, appendices, and document attachments under NIST SP 800-53 Rev. 4 & 5 for all DSS and IDM systems and sub-systems · Document and maintain inheritable common controls catalog for to document controls offered to applications or systems hosted on multi-cloud platform · Ensure common controls are available for all hosted systems to inherit and maintain · Assist in the development and maintenance of System Security Plans (SSP) and security controls assessments, and organizational policy · Update the SSP and server documentation and provide the ISSO to update security artifacts and the baseline documents · Update POA&Ms throughout the POA&M lifecycle till closure for all system controls. · Provides high-level functional systems analysis, design, integration, documentation, and implementation advice on moderately complex cybersecurity problems that require an appropriate level of knowledge of the subject matter for effective implementation · Serves as the IT security POC for assigned systems to ensure information systems comply with applicable policies · Ensures security activities are implemented throughout the entire SDLC, including during system changes and modifications · Provides audit support by developing the appropriate responses to audit questionnaires and remediation recommendations of audit report findings. · Coordinates with appropriate stakeholders and system owners to ensure all NIST 800-53 controls are properly implemented and assessed during the steps of the ATO lifecycle · Ability to conduct an analysis of the NIST SP 800-53 rev. 5 controls and identify controls that can be automated · Ensures all systems are operated, maintained, and disposed of IAW documented security policies and procedures, including but not limited to Assessment & Authorization (A&A). · Supports the development and maintenance of all security documentation such as the System Security Plan, Privacy Impact Assessment, Configuration Management Plan, Contingency Plan, Contingency Plan Testing, POA&Ms, and incident reports. Requirements At least 2+ years of related experience Detailed knowledge of NIST SP 800-53 Rev. 4 & 5, Security Policies, NIST Risk Management Framework, eMASS, Security Planning and Architecture, Incident Analysis, and General Security Best Practices Knowledge of NIST regulatory compliance requirements Deep knowledge of the information security principles Experience developing Information Security policies and procedures Experience performing A&As and supporting the Risk Management Framework lifecycle Ability to communicate, both written and orally, to both technical and non-technical stakeholders Strong written and oral communication skills to interact with senior managers, junior staff, and business unit (non-technical) customer Benefits Benefits Include: Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental Matching 401K Short- and Long-Term Disability Pet Insurance Professional Development/Education Reimbursement Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Information Security Operations Analyst IIOverview The Security Awareness team is looking for an Information Security Operations Analyst II to drive continued improvements to the education and training offerings we have for our Mastercard colleagues. Our award winning SecurIT First program must continue to remain relevant and effective in how we keep security awareness top of mind for all employees and contingent staff. The ideal candidate is passionate about the internal customer experience, is highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In this Security Awareness position, you will: • Liaise between the Security Awareness team and all others at Mastercard. • Build new content and design awareness events to positively impact the security behaviors of Mastercard staff. • Partner with external providers to deliver effectives solutions with quality and integrity. • Manage our collaboration with the M&A Team and manage all Audit and Regulatory requests that come into our team. All About You The ideal candidate for this position should: • Possess advanced knowledge in security awareness concepts and principals. • Be comfortable meeting with business leaders to discuss and educate their teams about the desired security behaviors and how to influence and improve those behaviors. • Be able to identify appropriate security awareness solutions to further reduce the human risk at Mastercard. • Analyze, recognize and escalate trends in security behaviors and identify ways to improve our offerings. • Lead vendor relationships with those providers of contract solutions for the Security Awareness program. • A professional certification in Security Awareness is not required but highly encouraged. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard's security policies and practices; • Ensure the confidentiality and integrity of the information being accessed. • Report any suspected information security violation or breach. • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $76,000 - $127,000 USD

We are seeking an experienced and mission-driven Manager of Information Security to help protect our credit union's systems, safeguard member data, and support our commitment to being the best place our employees have ever worked and the best place our members have ever banked. The ideal candidate holds a current CISSP certification, demonstrating deep expertise across all cybersecurity domains, and maintains ongoing training to stay ahead of evolving threats and regulatory requirements in the financial services sector. The Manager Information Security responsible for overseeing the Information Security program, Vendor Management program, and the administration of the Business Continuity Plan at WEOKIE Federal Credit Union. Responsibilities include but are not limited to developing and maintaining the information security framework, monitoring and managing vendor risk, and maintaining, enhancing, and testing the Business Continuity Plan. Major Activities: * Develops, maintains, and reviews appropriate information security policies and procedures needed to maintain the integrity of the information security program. * Conducts threat focused business impact analysis to maintain an inventory of business impacting cyber threats. * Organizes and conducts cybersecurity simulation exercises. * Acts as the IT Security, Business Continuity, and Vendor Management central point of contact for the annual NCUA exam and IT Controls Audit. * Ensures proper policies, procedures, risk mitigation activities, and operation controls are followed. Reports gaps in policies, procedures, and operating controls to leadership to ensure member impact and risk is mitigated. * Responsible for performing information security risk assessments on a scheduled basis that focus on ensuring policies and procedures are consistently applied. * Attends/makes presentations to the WEOKIE Board of Directors and various Board Committees as assigned. * Assist with development of company wide information security training materials for computer-based training modules and build company wide information security awareness materials. * Support technology/systems that enable all vendor management activities by administering the Tandem platform. * Responsible for vendor risk assessment and execution of other vendor management activities as needed. This includes administration, processing risk acceptance documentation, and maintaining the schedule of vendor management activities. * Maintain, develop, update, and test WEOKIE's Business Continuity Plan. * Write reports to summarize testing activities, including results and recommendations. * Act as Business Continuity Coordinator in the event of an incident, to ensure that WEOKIE's Business Continuity Plan is implemented. Critical Results: * WEOKIE's information security program is a core part of its culture and is integrated into all of its lines of business, support functions and third-party management programs. * Information Security risks and threats are clearly identified, measured and remediated timely. * The Board of Directors and Senior Management receive timely and credible reporting and recommendations that lead to effective decision-making in both strategic and tactical contexts. * Members and credit union information security assets are protected from unauthorized access and when necessary, reacts timely and effectively to manage incidents or vulnerabilities. * WEOKIE receives favorable results from key reviews, audits, and exams from audit and exam sources. * WEOKIE's information security program is seen as independent from the IT line of business and also seen as supportive and collaborative to all stakeholders. * Risk assessments are completed annually and deficiency are quickly addressed and/or remediated. * Security incidents are properly documented, tracked, and escalated in a timely fashion when deficiencies are presented. * New quality control activities are developed and presented to leadership that correspond to the information security program. * Vendor Management risk assessments, reporting results, and conclusions are thoroughly documented, completed timely and accurately. * Vendor Management is collaboratively managed with fellow team members. * Vendor Management risks are controlled and mitigated by adhering to all applicable policies and procedures. * WEOKIE's Business Continuity Plan is up-to-date, regularly tested, thoroughly communicated, and ready for immediate implementation in the event of an incident. Qualifications: * Specialized or Technical Knowledge and Skills: The Manager Information Security is a data security professional skilled at managing IT security activities in a complex, multi-system/multi-vendor computing environment. A strong, practical working knowledge of information security concepts and technical architecture are necessary along with an ability to take technical concepts and translate them into business impact. * A bachelor's degree is required, preferably in Information Technology or Computer Science. * A minimum of three years of experience in the information security field. * A Certified Information System Security Professional (CISSP) certification is required; additional certifications such as a Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) are preferred. * Demonstrated experience in managing and working with third party vendors. * Demonstrated ability to research and implement innovative solutions that have improved security, operational efficiency, quality, and service levels. * In-depth understanding of the financial services or highly regulated business, and the applications systems and technical infrastructures needed to support them. B. Behavioral Competencies: Behavioral competencies are the skills and personal characteristics that an individual should possess in order to be successful in this position. * Core Competencies: Core competencies are consistent for all positions across the organization and are aligned with WEOKIE's core values. * Member Focus (internal and external): Builds member confidence, is committed to increasing member satisfaction, sets achievable member expectations, assumes responsibility for solving member problems, ensures commitments to members are met, solicits opinions and ideas from members, responds to internal members. * Dependability: Meets commitments, works independently, accepts accountability, handles change, sets personal standards, stays focused under pressure, and meets attendance/punctuality requirements. * Integrity/Ethics: Deals with others in a straightforward and honest manner, is accountable for actions, maintains confidentiality, supports company values, conveys good news and bad. * Job Specific Competencies: The position requires a well‐rounded and level‐headed individual who is able to maintain composure in a variety of situations. The following stand out among a long list of behavioral competencies for this position: * Managing Vision and Purpose: Communicates a compelling and inspired vison of core purpose; talks beyond today; talks about possibilities, is optimistic, creates mileposts and symbol to rally support behind the vision; make the vision sharable by everyone; can inspire and motivate entire units or organizations. * Strategic Agility: Sees ahead clearly, can anticipate future consequences and trends accurately; has broad knowledge and perspective; is future oriented; can articulately pain credible pictures and visions of possibilities and likelihoods; can create competitive and breakthrough strategies and plans. * Oriented Towards Serving Others: Is predisposed to servant leadership and excited towards improving conditions for others. * Command Skills: Relishes leading; takes unpopular stands if necessary; encourages direct and tough debate but isn't afraid to end it and move on; is looked to for direction in a crisis; faces adversity head on; energized by tough challenges. * Intellectual Horsepower: Is bright and intelligent; deals with concepts and complexity comfortably; described as intellectually sharp, capable, and agile. * Innovation Management: Is good at brining the creative ideas of others to market; has good judgement about which creative ideas and suggestions will work; has a sense about managing the creative process of others; can facilitate effective brainstorming; can project how potential ideas may play out in the marketplace. * Composure: Is cool under pressure; does not become defensive or irritated when times are tough; is considered mature; can be counted on to hold things together during tough times; can handle stress; is not knocked off balance by the unexpected; doesn't show frustration when resisted or blocked; is a settling influence in a crisis. * Political Savvy: Can maneuver through complex political situations effectively and quietly; is sensitive to how people and organizations function; anticipates where the land mines are and plans his/her approach accordingly; views corporate politics as a necessary part of organizational life and work to adjust to that reality. C. Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to stand; walk; sit; use hands to finger, handle, or feel; reach with hands and arms; climb or balance; stoop, kneel, crouch, or crawl and talk or hear. The employee must occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include color vision, peripheral vision, depth perception and ability to adjust focus. D. Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The worker is not substantially exposed to adverse environmental conditions. The noise level in the work environment is usually moderate. WEOKIE does not and shall not discriminate on the basis of Protected Status, marital status, and political belief or any other status or condition protected by applicable federal and/or state law. Bona fide occupational qualifications will be applied impartially. These activities include, but are not limited to, hiring of staff, selection of volunteers and vendors, and provision of services. We are committed to providing an inclusive and welcoming environment for all our members, our staff, clients, volunteers, subcontractors, vendors, and clients.