Information security analyst jobs in Forest Acres, SC

This job provides Information Security and Risk Management services for the Organization. Works with peers within security, HM Health Solutions customers and application teams to ensure alignment with current and future security needs. Manages activities of various Information Security personnel. Makes decisions on personnel actions (promotions, hiring, terminations, etc.). Develops talent, addresses resource management, cultivates capabilities of staff, planning and coordination of work, and managing performance. Conducts the oversight of security technology products for network, systems, and data. Controls expenses within the operating unit and is responsible for meeting budget goals. Actively contributes to the Information Security ans Risk Management (ISRM) strategic planning process by working with the Directors to develop and implement department strategic plans and action steps that support the corporate strategic objectives. Actively involved in the coordination, implementation, problem solving, communication, and training of new technologies and processes, as they are developed and moved into the environment. Develops and presents Information Security awareness and training programs. **ESSENTIAL RESPONSIBILITIES** + Perform management responsibilities including, but not limited to: involved in hiring and termination decisions; coaching and development; rewards and recognition; performance management and staff productivity. + Plan, organize, staff, direct and control the day-to-day operations of the department; develop and implement policies and programs as necessary; may have budgetary responsibility and authority. + Provide oversight of all aspects of project management to ensure continuous improvement of processes: negotiate and collaborate with leadership and staff to develop security solutions and options; develop and adhere to internal standards and strategies; ensure adherence to approved methodologies; coordinate resources, time, contingency plans and risk management. + Provide leadership to the department: lead and champion organizational change; encourage participation in activities that support relationship development; champion information security innovation; encourage and enforce proper training in regards to security issues. + Ensure compliance to Corporate and Information Security policies, standards and procedures. + Communicate effectively with all levels of the organization: facilitate meetings; plan, design and provide presentations; represent HM Health Solutions with outside entities; prepare divisional procedures, policies, reports and correspondence; spread awareness of new and existing security threats; provide oversight regarding metrics, funding, budgets and resources. + Other duties as assigned or requested. **EDUCATION** **Required** + Bachelor's Degree in Information Security, Information Systems, Information Assurance, Computer Science or related field **Substitutions** + 6 years of relevant experience substitution for a Bachelor's Degree **Preferred** + Master's Degree in Computer Science, Information Security or related field **EXPERIENCE** **Required** + 7 - 10 years in Information Security and/or Information Risk Management and/or Information Technology + 7 - 10 years in developing, communicating and presenting Information Security and Risk Management concepts to varying audiences + 1 - 3 years in mentoring others in a leadership role + 1 - 3 years in Staff Management + 1 - 3 years in developing and executing strategic plans to realize business objectives **Preferred** + 10 - 15 years in Information Security and/or Information Risk Management and/or Information Technology + Experience managing an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework + Experience supporting SSAE 16 or SOC 2 Security Trust Principle audits + Experience establishing budgets and meeting fiduciary goals + Security industry organization participation/leadership (HITRUST, ISACA, InfraGard, ISC2, ISSA, etc.) **LICENSES AND CERTIFICATIONS** **Required** + None **Preferred** + Certified Information Systems Security Professional (CISSP) **OR** + Certified Information Security Manager (CISM) **OR** + Certified in Risk and Information Systems Controls (CRISC) **OR** + Information Technology Infrastructure Library (ITIL) **SKILLS** + Knowledge of regulatory requirements such as Health Insurance Portability and Accountability Act (HIPPA), Payment Card Industry Data Security Standards (PCI DSS), and FIPS-140 + Strong teamwork and interpersonal skills + Experience in leading process improvement initiatives + Ability to motivate high performance, multi-discipline teams + Demonstrated competency in project execution + Demonstrated abilities in relationship management **Languages (Other than English)** None **Travel Requirement** 0% - 25% **PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS** **Position Type** Office-Based Teaches/Trains others regularly Frequently Travels regularly from the office to various work sites or from site-to-site Occasionally Works primarily out-of-the office selling products/services (Sales employees) Does Not Apply Physical Work Site Required Yes Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 to 50 pounds Does Not Apply **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._ _As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._ _Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._ **Pay Range Minimum:** $108,000.00 **Pay Range Maximum:** $201,800.00 _Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J269753

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. Coinbase stores more digital currency than any company in the world, making us a top tier target on the internet. Security is core to our mission and has been a key competitive differentiator for us as we scale worldwide. Essential to scaling is building and running a security compliance program that reflects how we protect the data and assets in our care, to open the doors with customers, regulators, auditors, and other external stakeholders. If you love working with fast moving companies to grow and scale security compliance engines and create positive change across the business, we'd like to speak with you about joining our team. Coinbase is looking for a Security Compliance Senior Analyst to drive the second line of defense IT SOX initiatives and help mature the IT SOX program. *What you'll be doing (ie. job duties):* * Lead Security and IT initiatives to support the SOX roadmap and advance program maturity * Assist with SOX planning activities, including scoping of IT systems and creating training material to owners in preparation for SOX audit * Lead security control gap assessments over SOX control environment, recommend remediation plans and track through completion * Assess SOX implications of new products, update relevant controls, and communicate requirements to product organization and other stakeholders * Provide ongoing reporting to stakeholders and leadership on above responsibilities and communicate progress and escalations management * Perform SOX audit and control impact analysis as a result of security and technology incidents and partner with owning teams on control uplift activities * Build close relationships with stakeholder teams including Security, IT, Infrastructure, Engineering, Data, and Finance to advise on SOX requirements and ensure excellence in control ownership * Create and improve SOX procedural documentation, including process documentation, data flow diagrams, and uplifting templates * Work closely with internal and external auditors to educate them about a complex technology control environment * Oversee quality of audit initiatives, identify and analyze process gaps, provide guidance and expertise to team members * Develop creative solutions to prove risk mitigation and solve for complex audit problems faced by the crypto industry * Identify opportunities to address systemic program challenges, recommend solutions and drive efficiency through AI and automation *What we look for in you (ie. job requirements):* * Minimum of 5+ years of security/IT compliance or equivalent experience * Strong knowledge and hands-on experience in Internal Controls over Financial Reporting, SOX 404 frameworks, and testing to support compliance * Prior experience at a big 4 accounting firm * Experience leading compliance initiatives from start to finish * Proven understanding and audit experience of cloud technologies, AWS preferred * Ability to effectively and autonomously accomplish outcomes across cross-functional teams in ambiguous situations with minimal supervision * Strong oral and written communication skills * Ability to multitask, direct cross functional work, and hold others accountable to committed deadlines in a fast paced environment * Ability to communicate with technical / non-technical stakeholders to align on shared outcomes * Experience in Financial services, Big Tech, or FinTech *Nice to haves:* * BA or BS in a technical field or equivalent experience * Security certifications e.g. CISA, CISSP, CISM or other relevant certifications * Experience auditing in Crypto space Position ID: P73675 \#LI-Remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $167,280-$196,800 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

As a Product Security architect, you will be performing security reviews and providing hands-on help to development teams to address security issues systematically. We're looking for passionate engineer who is able to consider business impact and risk to Oracle and its customers while dealing with any security issues. You will work a trusted partner with one or more SaaS product development teams, while simultaneously collaborating with your peers in evolving or creating new security patterns or standards to address any security issues/gaps in an efficient way. You will research the product security landscape and help steer product security architecture for solutions that will provide a competitive edge for Oracle SaaS. This position requires strong product security and application security experience. It will be highly valuable to have past experience in working in or with product development teams. **Responsibilities** **Key responsibilities:** + Evaluate existing and proposed SaaS Service architectures and perform security architecture reviews, threat modeling, risk assessment and provide guidance on mitigating the security risks. + Partner and collaborate with development teams for SaaS products and provide security expertise to product design conversations and implementation decisions. + Work with product teams and peers in security operations to analyze and triage security issues in production and deploy any mitigation such as WAF policies + Review and assess security posture and CVEs in third party libraries or products. + May perform source code review for vulnerability fixes by development teams. + Keep up to date on emerging threats and standards and translate into actionable guidance including but not limited to crypto, AI Security, Identity, Web security, multi-tenant deployment + Evolve security processes and integrate security architecture into SDLC leveraging AI and automation, as appropriate. + Engage in technical discussions, as needed and serve as a subject matter expert for security architecture and trusted advisor to executive leadership and key stakeholders. + Define and influence secure-by-design architecture standards, security patterns, and reference implementations for SaaS Services + May train and mentor team members **Qualifications:** + 7+ years of information security experience including product security, application security, security testing/offensive security, security tools and security architecture. + Experience in helping or leading a product security architecture and assurance effort in a large-scale IaaS/PaaS/SaaS Cloud Service Provider, or Fortune 500 company. + Expert knowledge of modern vulnerability types and threats including intelligence, discovery, mitigation, remediation, and root cause. + Understanding of security risks in AI based solutions including AI Agents, MCP, Generative AI and ML. + Hands-on experience with at-least one programming languages such as Java, Python. + Hands-on experience and knowledge of product development lifecycle in a large enterprise software company. + Understanding of industry standard frameworks such as OWASP, MITRE, NIST, PCI, FedRAMP, etc. + Ability to guide and engage individuals and development teams located across multiple geographies and or cultures. + Knowledge of Oracle Cloud Infrastructure or Oracle SaaS Services is a plus. + Excellent written and verbal communication skills, strong analytical and problem-solving skills. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $96,800 to $251,600 per annum. May be eligible for bonus, equity, and compensation deferral. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC5 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

SCOPE OF THE PROJECT: The SCDHHS Office of Information Assurance (OIA) is charged with ensuring the security and compliance of SCDHHS' information systems and data. OIA seeks experienced consultants to assist with the establishment, implementation, and/or enhancement of information system security and compliance efforts based on Federal, State, and Agency regulatory requirements, policies, standards, and guidelines. Role Summary/Purpose Overview: The IA Analyst will report to the Office of Information Assurance and operate as an experienced information assurance consultant to SCDHHS leadership, business units, business partners, vendors, and other stakeholders. Security Program Experience: Demonstrated work experience and high degree of familiarity with FISMA or NIST Risk Management Framework-based programs is required. Experience and knowledge of MARS-E is preferred. This experience should include documented success in the creation and maintenance of Risk Management Framework (RMF) and Assessment and Authorization (A&A) artifacts such as System Security Plans, Privacy Impact Assessments, Interconnection Security Agreements, Computer Matching Agreements, and Plans of Action and Milestones. Such experience will necessarily require excellent communication skills with the ability to interview staff and vendors, to review and analyze existing documentation and diagrams, and to create or collect other required supporting documents as appropriate. Experience with integrating RMF and A&A tasks into the System Development Life Cycle (SDLC) is preferred. Experience in security as related to Cloud services and vendor management is desirable for this position. Technical Knowledge: Although this is not a technical position, suitable candidates will have a good working knowledge of a broad range of information technologies such as IBM System 390/zSeries, Linux and Windows servers, database management systems, firewalls, IPS solutions, switching and routing infrastructure, data types and data classifications, and related information technologies and concepts. General Duties and Responsibilities: 1. Assist in the development, implementation, and/or ongoing maturation of SCDHHS security and compliance initiatives. 2. Audit and assess internal agency systems as well as business partner, service provider, and vendor information system security controls. 3. Utilize the Microsoft Office software suite, eGRC system, Bizagi, Atlassian, and other products to document and report on information gathered during audit and assessment activities or other OIA efforts. 4. Participate in third-party audits and/or assessments of agency and business partner systems. 5. Collaborate with agency leadership, business partners, and other parties/stakeholders to provide recommendations for security and compliance risk mitigation efforts. REQUIRED CERTIFICATION: ISC(2), ISACA, SANS GIAC, or other similar Information Security Certification is required. EDUCATION PREFERRED: Bachelor's degree in computer science or similar discipline is preferred. 1. Strong working knowledge of FISMA, NIST, and HIPAA Security and Privacy requirements, standards, and guidelines. 2. 5+ years of experience working in the Information Technology field or auditing Information Technology systems or programs. 3. ISC(2), ISACA, SANS GIAC, or other similar Information Security Certification is required. 4. Documented experience in the creation and maintenance of Risk Management Framework (RMF) and Assessment and Authorization (A&A) artifacts such as System Security Plans, Privacy Impact Assessments, Interconnection Security Agreements, Computer Matching Agreements, and Plans of Action and Milestones. 5. Ability to work independently and as a member of a team. 6. Ability to multitask and prioritize tasks effectively in order to meet deadlines. 7. Ability to engage diverse audiences of varying technical and non-technical skill-levels to ensure effective alignment of technical requirements to business objectives. 8. Ability to collaborate and coordinate efforts among multiple teams and vendors. 9. Must have intermediate to advanced skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency. 10. Keen attention to detail while maintaining the ability to see the big picture. 11. Ability to absorb, retain, and communicate complex processes. 12. Strong English language skills. 13. Demonstrable understanding of the rules of English grammar and usage. 14. Ability to accept changes and constructive criticism and to remain flexible in dealing with leadership and teams of varying technical and business knowledge. Preferred Requirements/Skills: 1. Bachelor's degree in computer science or similar discipline. 2. Strong working knowledge of CMS MARS-E compliance requirements. 3. Prior experience working with an organization subject to CMS MARS-E requirements. 4. Experience and training with eGRC solutions. 5. Prior Health Information Technology experience. 6. Previous Medicaid experience. 7. Understanding of LEAN and Agile development practices. Additional Information All your information will be kept confidential according to EEO guidelines.

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. **Manager - Security Architect** **The opportunity** We're hiring an experienced Security Architect that is an expert in the modern security threat and mitigation environment. Knowledge of the use of security in the development of applications (threat model development) best practices for security in the design architecture of applications. The use of AI in SEIM/MDR/MXDR and/or the analysis of behavioral threats. The successful candidate should have experience in the emerging area of AI based attack vectors and be able to devise successful mitigation. The candidate should thrive in fast-paced environments and are passionate about enabling scalable AI solutions. **Your key responsibilities** + Develop effective security designs for implementation into enterprise applications and internal EY platforms. + Support security tool selection and verification. + Develop best practices for security design patterns in AI native applications. + Execute security assessments based on experience and select AI and conventional code analysis tools. + Assess new proposed projects to insure they are leveraging best security practices architecture design and implementation. + Collaborate with other architectural experts in AI, Data and Infrastructure to insure balanced and practical outcomes. + Support strategic business development activities for emerging technology. **Skills and attributes for success** + Strong analytical and troubleshooting skills. + Ability to lead security architectural product functions and mentor junior engineers. + Comfortable working across cross-functional teams and managing competing priorities. + Build and manage strong internal and external partnerships by fostering trust, empathy, and mutual value. + Leverage emotional agility and hybrid collaboration to navigate diverse stakeholder needs and drive long-term engagement. + Use critical thinking and creative reasoning to address complex problems and exceed expectations. + Align cross-functional teams around shared goals, ensuring accountability and progress. Use emotional intelligence and hybrid collaboration to motivate others and deliver high-impact results. **T** **o qualify you must have** + 5-10+ years of experience in security engineering and architecture for products. + Understand security and safety in an AI environment (Guardrails, Adversarial attacks, output validation etc..) + Use of security tooling for application verification in Github Advance Security, Checkmarx JFrog, DAST, etc.. + Understand threat model development and verified implementation. + Familiarity with security certifications and appropriate use for best practices development OWASP etc.... + Expertise in the assessment of security best practices of agile development process + Expertise in the development and adoption of security first best practices. **Ideally, you'll also have** + Experience with large-scale cross functional software development projects. + Excellent communication and leadership abilities. **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $125,500 to $230,200. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $150,700 to $261,600. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

Information System Security Officer (ISSO) INTERVIEWS WILL BE CONDUCTED VIA TEAMS. INTERVIEWS WILL BE CONDUCTED BY SCEIS MANAGEMENT TEAM. Duration of the Contract: 12 months Possibility for Extension: Yes Interview Process: 2 rounds, Virtual & In Person Work Location: Fully Onsite - 5 days onsite. Candidates must be able to be onsite at Jefferson Square starting on the first day of employment. Remote work is not available for this position. Candidate Location: Candidate MUST be a SC resident or willing to relocate to SC prior to starting the role at their own expense. Full job description attached & required/preferred skills are stated below. Technical Knowledge: Hands on experience with any or all the following technologies would be considered a desirable for this position: 1. Archer (eGRC) 2. Enterprise NoSQL Database 3. IBM System 390/zSeries 4. Linux and Windows servers 5. Network Firewalls, Intrusion Prevention Systems (IPS), Switching and Routing Infrastructure 6. Security Information and Event Management (SIEM) solutions 7. Identity and Access Management (IAM) solutions General Duties and Responsibilities: 1. Perform detailed architectural reviews and risk analysis of security related requests in order to make sound decision making recommendations, such as: a. Network Design and Information Flow b. System and Data Access Models c. Review Firewall Rule Requests (Ports, Protocols, and Services) d. Baseline Configuration Management Deviation Requests e. Vulnerability Management 2. Champion the design, development, implementation, and/or ongoing maturation of SCDHHS security and compliance efforts. 3. Audit and assess internal agency systems as well as business partner/service provider information system security controls. 4. Utilize Microsoft Office software suite, System Center Service Manager (Ticketing system), Archer eGRC system, Bizagi, Atlassian and other products to document and report on information gathered during Audit and Assessment activities or other OCS efforts. 5. Perform security and compliance reviews of Contracts, Business Associate Agreements, Data Usage/Sharing Agreements, and other types of documents and artifacts. 6. Serve as primary point of contact for third-party audits and/or assessments of agency and business partner systems 7. Collaborate with agency leadership, business partners, and other parties/ stakeholders to provide recommendations for security and compliance risk mitigation efforts. Required Knowledge/Skills: 1. Must have a strong working knowledge of FISMA, NIST, CMS MARS-E and HIPAA Security and Privacy. 2. 5+ years of experience in IT working with and/or auditing IBM System 390/zSeries, Windows, Linux, Databases (Relational and Non-Relational), Networking Infrastructure, and Web-based Applications. 3. Prior experience working within a FISMA compliant program. 4. Prior experience in working with any eGRC systems. 5. Prior Health Information Technology experience. 6. ISC(2), ISACA, SANS GIAC and/or other Information Security Certification is required. 7. Ability to work independently and as a member of a team. 8. Ability to collaborate and coordinate with multiple teams and vendors. 9. Ability to multitask and prioritize tasks effectively in order to meet deadlines. 10. Experience and training with eGRC solutions. 11. Ability to engage diverse audiences of varying technical and non-technical skill- levels to ensure effective alignment of technical requirements to business objectives. 12. Ability to collaborate and coordinate efforts amongst multiple teams and vendors in fulfillment of SCDHHS OCS initiatives. 13. Ability to multitask and prioritize tasks effectively in order to meet deadlines in a results-oriented environment. 14. Must have intermediate to advanced skills in Microsoft Office products (Word, Excel, PowerPoint, Visio) to include working with templates and style guidelines for branding consistency. 15. Keen attention to detail while maintaining the ability to see the big picture. 16. Ability to absorb, retain and communicate complex processes. 17. Ability to accept changes and constructive criticism and remain flexible in dealing with leadership and teams of varying technical and business knowledge. Preferred Requirements/Skills: 1. BS degree in computer science or similar discipline or 10+ years of experience in the field or a in a related area. 2. Prior ITIL experience in the area of Information Security Management. REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): 1. 5+ years of experience in IT working with and/or auditing IBM System 390/zSeries, Windows, Linux, Databases (Relational and Non-Relational), Networking Infrastructure and Web-based Applications. 2. Prior experience working within a FISMA compliant program. 3. Prior experience in working with any eGRC systems. 4. Prior Health Information Technology experience. REQUIRED EDUCATION/CERTIFICATIONS: 1. ISC(2), ISACA, SANS GIAC and/or other Information Security Certification is required. PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE): Prior ITIL experience in the area of Information Security Management. PREFERRED EDUCATION/CERTIFICATIONS: 1. Bachelor's in a related area or 10+ years of experience in the field or in a related area.

RESPONSIBILITIES : • Assists in the development and implementation of security policies and standards for IT related items procured by the agency (e.g., hardware and software); • Researches and reviews various national and international security standards (e.g., Internal Revenue Service, Federal Information Processing (FIPS), National Institute of Standards and Technology (NIST), and International Organization for Standardization (ISO)) and explains the results, both orally and in writing; • Attends meetings with the Contract Attorney, General Counsel, Chief Information Officer, Chief Information Security Officer, and Deputy Director in order to determine agency policy as it relates to Information Security. REQUIRED SKILLS: - Oral and written communication skills; - Experience in developing and maintaining documentation for security policies, procedures, and best practices; - Providing continual consultation and written reports to senior management concerning security issues; - Hands-on experience documenting and managing all aspects of security within an enterprise organization, including but not limited to: o Firewall and IDS/IPS experience; o Virtual Private Networking (VPN); o Network access policies; o Web filters; o Publically accessible assets; o Active directory; o Security compliance for third party and/or in-house developed applications; o Virtualization and Storage area networking security; and o Anti-Virus management; - Experience preparing and submitting Security Program evaluations and compliance reports; - Working with other Department leaders, designing security components for operations and other strategic processes, and supervising the development and implementation of required security reporting devices and processes at all levels. Extensive working knowledge of Internet protocols, tools, and techniques including but not limited to: o Virtual Private Networking (VPN); o TCP/IP, Local Area Networks (LAN), Wide Area Networks (WAN); o Network device operating systems security configuration; o Internet security; and o Internet Information Server; - Knowledge of Virtual Machine operation, strengths, and weaknesses; - Experience with VMWare ESX security; - Support of web-based applications for internal (intranet) sites and external (Internet) sites; - Experience and working knowledge of backup products and methodologies.. Qualifications EXPERIENCE: • At least 10 years experience working as the Chief Information Security Officer, Security Officer, Security Consultant, or Security Analyst for a state or federal agency or large corporation. • Minimum 6 + Years experience in Application Security and Security - Knowledge in networking, databases, systems and Web operations. • 6 + Years experience in Security Information Architecture and Windows Security - Group Policy, Network access policies, User access policies. • 2 - 4 Years experience in Anti-Virus management and VPN - virtual private network. • And 6 + Years experience in Software Development Lifecycle - SDLC. • 2 - 4 Years experience in Firewall and Web Filters. • 6 + Years experience in Experience in developing and maintaining documentation for policies, procedures, and best practices, NIST Security. Additional Information Please help pass along to colleagues or associates below position who are looking for new role if you are not available. Should someone need more information I can be reached at narendra ATmitresourceDOTcom Thank you for your time.

Designs, tests and implements security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Researches attempted or successful efforts to compromise systems security and designs countermeasures. Maintains hardware, software and network firewalls and encryption protocols. Administers security policies to control physical and virtual access to systems. **Required Education, Experience, & Skills** Typically a Bachelor's Degree and 8 years work experience or equivalent experience **Preferred Education, Experience, & Skills** Experience with either CSAM or JCAM **Pay Information** Full-Time Salary Range: $95106 - $161680 Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience. Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20 hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics. **Information System Security Officer Mid-Level** **119224BR** EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. Lead IAM work for new customer onboardings and migrations. Collaborate with CAH Account Management, Application Teams, and Customers to design, implement, and test federated SSO solution based on customer login requirements. Provide technical guidance and act as primary point of contact for business partners and customer related to IAM work for onboarding. Additional responsibilities include supporting application integrations and enhancing SSO self service application onboarding. **Responsibilities:** + **Customer Onboarding IAM Efforts - Strategy & Execution :** Lead the planning, design, and execution for Customer Onboarding via federated SSO, ensuring alignment with overall business and security objectives. This includes assessing multiple Cardinal Health e-commerce applications, understanding login requirements for new/existing customers, designing, testing and implementing solutions etc to ensure top notch user login experience and enhancing Cardinal Health's security posture. + **Collaboration & Communication:** Coordinate cross-functional teams, including Customer Business and IT teams, Cardinal Health's Account Management/Sales and Application teams, Information Security and others to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical internal and external stakeholders. + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Role-Based Access Control (RBAC) frameworks. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

**About Us** **As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to market demands. We call it Digital Agility.** **To learn more about how we're shaping the future of digital business and a more secure world, visit stratascale.com.** **Job Description Summary** The Senior Security Consultant - Penetration Testing is a critical role within Stratascale's Adversarial Operations team who will assist in leading and supporting the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients. This position is remote with a Home Office setup as determined by Stratascale management. **Role Description** + Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements. + Consult and document attack surface, threats, and vulnerability improvements based on team's overall assessment of client's environment. + Perform full assessment and threat modeling against industry best practices to identify control weaknesses and assess the effectiveness of existing controls. + Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations. + Collaborate with client's security teams to understand mitigation or resolutions for findings discovered by analysts. + Review threat intelligence for specific threat vectors that align with client's industry or potentially impacted by to utilize in attack path modeling. + Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients their stakeholders. + Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems. + Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation. + Develop and deliver governance models, security frameworks, compliance reporting, and security assessments. + Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery. + Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement. + Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met. + Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions. + Participate in customer and internal meetings, providing technical guidance and facilitating discussions. + Stay educated on new product technologies, industry trends, and emerging capabilities within the practice. + Develop and optimize cross practice capabilities, collaborate with peer practice leaders, and mentor other consultants. **Behaviors and Competencies** + Communication: Can effectively communicate complex ideas and information to diverse audiences, facilitate effective communication between others, and mentor others in effective communication. + Relationship Building: Can take ownership of complex team initiatives, collaborate with diverse groups, and drive results through effective relationship management. + Self-Motivation: Can take ownership of complex personal or professional initiatives, collaborate with others when necessary, and drive results through self-motivation. + Negotiation: Can take ownership of complex negotiations, collaborate with others, and drive consensus. + Impact and Influence: Can rally a team or group towards a common goal, creating a positive and persuasive influence. + Business Development: Can take ownership of significant business initiatives, collaborate with various stakeholders, and drive business results. + Emotional Intelligence: Can use emotional information to guide thinking and behavior, manage and/or adjust emotions to adapt to environments or achieve one's goal(s), and help others do the same. + Detail-Oriented: Can oversee multiple projects, maintaining a high level of detail orientation, identifying errors or inconsistencies in work, and ensuring accuracy across all tasks. + Follow-Up: Can take ownership of tasks, collaborate with others in managing follow-ups, and drive results through effective task completion. + Presenting: Can effectively use visual aids, storytelling, and persuasive techniques to enhance presentations and engage audiences. + Delegation: Can delegate responsibilities across a team, balancing workload, and ensuring all members understand their roles. + Analytical Thinking: Can use advanced analytical techniques to solve complex problems, draw insights, and communicate the solutions effectively. + Critical Thinking: Can integrate and synthesize information from various sources to inform strategic decision-making and problem-solving. + Technical Troubleshooting: Can take ownership of complex technical problems, collaborate with others to manage solutions, and drive results in problem resolution. **Skill Level Requirements** + Expertise in planning, executing, and leading penetration tests across networks, web and mobile applications, APIs, wireless, and cloud environments, including scoping, rules of engagement, and debriefs. - Intermediate + Proficiency with offensive security methodologies and frameworks such as PTES, OWASP (WSTG/MASVS/ASVS), MITRE ATT&CK, and threat modeling to drive risk-based testing. - Intermediate + Deep hands-on experience with common offensive tooling and techniques, including reconnaissance, enumeration, exploitation, post-exploitation, lateral movement, and data exfiltration, along with strong operational security practices. - Intermediate + Ability to assess and attack cloud services (AWS, Azure, GCP) including IAM misconfigurations, storage, serverless, container/orchestration, and cloud networking, and communicate cloud-specific remediation guidance. - Intermediate + Strong web application testing skills including auth flows, access control, injection, deserialization, SSRF, XXE, business logic abuse, and modern app architectures (SPAs, microservices, GraphQL, WebSockets). - Intermediate + Working knowledge of Active Directory and Azure AD attack paths (Kerberoasting, constrained/unconstrained delegation, ACL abuses, LAPS/MAPS, certificate services), and the ability to simulate realistic enterprise attack chains. - Intermediate + Proficiency with social engineering and phishing engagements, including payload development, infrastructure setup, pretexting, and measurement aligned to customer policies and legal constraints. - Intermediate + Competence in scripting and automation to accelerate testing and proof-of-concept development using Python, PowerShell, Bash, and basic Go or JavaScript as needed. - Intermediate + Ability to develop clear exploit proofs-of-concept, reproduce vulnerabilities reliably, and validate fixes; familiarity with exploit development fundamentals is a plus. - Intermediate + Strong reporting and communication skills, including writing executive summaries and technical reports with reproducible steps, risk ratings, and actionable remediation, and presenting findings to both technical and non-technical stakeholders. - Intermediate + Experience collaborating in red/purple team exercises, working with blue teams, and translating findings into detection and hardening recommendations (e.g., SIEM detections, EDR tuning, hardening baselines). - Intermediate + Familiarity with vulnerability management workflows, responsible disclosure practices, and integration of pen test results into remediation programs and retesting cycles. - Intermediate + Proficiency with productivity and documentation tools such as Word, Excel, PowerPoint, and Outlook to efficiently produce statements of work, test plans, and final reports. - Intermediate **Other Requirements** + Completed Bachelor's Degree in a related field or relevant work experience required + 5-7 years of hands-on penetration testing/red team experience delivering engagements for mid-to-large enterprises, including leading complex assessments. + Ability to travel to SHI, Partner, Customer events, and on-site testing engagements as needed. + Advanced industry certifications preferred (e.g., OSCP, OSEP, OSWE, GXPN, GPEN, CRTO, CRTP, PNPT; CISSP or CSSLP a plus). + Demonstrated understanding of legal/ethical considerations, testing authorization, and safe handling of client data The estimated annual pay range for this position is $165,000 - $205,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity - M/F/Disability/Protected Veteran Status

REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): 6 years information security experience Excellent written skills; Proven work experience in process improvement Ability to identify processes that must be in place for an IT organization to be efficient Extensive knowledge of IRS Pub 1075, NIST 800-53, ITIL, and CJIS Process Management ITIL Business Analysis experience to include data flow diagrams, requirements specifications, use case scenarios, and acceptance testing. Ability to work with security technicians to develop detailed procedures; Ability to quickly grasp complex technical concepts and make them easily understandable in both text and diagrams/flow charts Ability to deliver high quality documentation with attention to detail. REQUIRED EDUCATION: Bachelor's Degree in a relevant field of work or equivalent work experience. Additional Information All your information will be kept confidential according to EEO guidelines.

Security Analyst Duration : 12+ Months REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): Ability to install and use various security tools Application Security Experience in projects involving PCI/NIST security implementations and/or audits information security principles and practices IRS Safeguard Computer Security Evaluation Matrix (SCSEM) IT Security Malware NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY CONTROLS risk/vulnerability assessments Security - Knowledge in networking, databases, systems and Web operations SSP Additional Information All your information will be kept confidential according to EEO guidelines.

JOB DESCRIPTION: SCOPE OF THE PROJECT: THE POSITION WILL WORK AS A SECURITY ARCHITECT WITHIN THE DIVISION OF INFORMATION SECURITY AND WILL ASSIST WITH THE IMPLEMENTATION, INTEGRATION, AND OPERATIONALIZING SECURITY TECHNOLOGIES. THIS POSITION REQUIRES EXPERIENCE IN INFORMATION SECURITY ARCHITECTURE AND SOLUTION DESIGN TO ASSIST IN THE STRATEGIC PLANNING, DESIGNING, AND IMPLEMENTATION OF NEW SYSTEMS AND CHANGES IN CURRENT SYSTEMS IN A SECURE MANNER. THIS POSITION IS EXPECTED TO BE NEEDED FOR 12 MONTHS WITH THE POSSIBILITY OF EXTENSION. DAILY DUTIES / RESPONSIBILITIES: • LOGGING AND EVENT MANAGEMENT - ENSURING THAT APPROPRIATE SECURITY LOGS ARE INGESTED INTO THE SIEM AND/OR LOG AGGRIGATION PLATFORM AND PROPERLY PARSED TO SUPPORT SECURITY OPERATIONS • RESPONSIBLE FOR PLANNING, DESIGNING, DEVELOPMENT AND IMPLEMENTATION OF ENTERPRISE SECURITY ARCHITECTURE SOLUTIONS THAT ALIGN WITH BUSINESS GOALS AND RISK TOLERANCE. LEVERAGING STATE APPROVED PROCESSES AND TECHNOLOGIES WHEREVER POSSIBLE. • LEAD PROCESS DEFINITION, REDESIGN AND/OR TECHNOLOGY INNOVATION OF SECURITY ARCHITECTURE, TO ENSURE DIS SOLUTIONS SUPPORT SECURE DELIVERY OF ENTERPRISE BUSINESS ARCHITECTURE AND SERVICES. • DESIGN, DEPLOY AND MANAGE COUNTERMEASURES TO KNOWN SECURITY THREATS AND DEVELOP PREVENTATIVE MITIGATION STRATEGIES FOR NEW AND EMERGENT THREATS TO ENTERPRISE DATA, NETWORKS AND ASSOCIATED SERVICES. • ENSURE, VALIDATE AND MEASURE THE CONSISTENT APPLICATION OF PROTECTIVE MEASURES THROUGHOUT THE ENTERPRISE BUSINESS APPLICATION AND INFRASTRUCTURE SUPPORT ENVIRONMENTS. TAKE APPROPRIATE ACTION TO PROTECT STATE DATA AND TECHNOLOGY SERVICES. Requirements REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): • CYBER SECURITY AWARENESS AND UNDERSTANDING • EXPERIENCE WITH LINUX, WINDOWS, NETWORK SECURITY PROTOCOLS AND PROCEDURES • EXPERT UNDERSTANDING OF ACCESS CONTROL, LOGGING AND REPORTING SYSTEMS PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE): • SIEM MANAGEMENT • INTRUSION PREVENTION SYSTEMS (IPS) • SECURITY FRAMEWORKS: NIST, CSF, CJIS, IRS 1075, CMS MARS-E • APPLICATION SECURITY (APPSEC) REQUIRED EDUCATION/CERTIFICATIONS: • BACHELOR'S DEGREE IN AN INFORMATION TECHNOLOGY OR INFORMATION SECURITY RELATED FIELD • SIX YEARS OF RELEVANT WORK EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATION • THREE YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS AND/OR SYSTEM DEPLOYMENTS PREFERRED EDUCATION/CERTIFICATIONS: • GSEC • GCED BenefitsHealth Insurance Sick Leave

Job Title: Security Architect - Consultant SCOPE OF THE PROJECT: THE POSITION WILL WORK AS A SECURITY IDENTITY AND ACCESS MANAGEMENT ENGINEER WITHIN THE DIVISION OF INFORMATION SECURITY AND WILL ASSIST WITH THE IMPLEMENTATION, INTEGRATION, AND OPERATIONALIZING SECURITY TECHNOLOGIES. ADDITIONALLY, THIS POSITION WILL DEVELOP AUTOMATION INTEGRATION AMONG SECURITY TOOLS. THIS POSITION REQUIRES EXPERIENCE IN INFORMATION SECURITY ARCHITECTURE AND SOLUTION DESIGN TO ASSIST IN THE STRATEGIC PLANNING, DESIGNING, AND IMPLEMENTATION OF NEW SYSTEMS AND CHANGES IN CURRENT SYSTEMS IN A SECURE MANNER. THIS POSITION IS EXPECTED TO BE NEEDED FOR 12 MONTHS WITH THE POSSIBILITY OF EXTENSION. Key duties and Responsibilities PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN WORK ONSITE OVER HYBRID OVER FULL-TIME REMOTE (ON-SITE AS NEEDED). IDENTITY AND ACCESS MANAGEMENT - ENSURING THAT APPROPRIATE IDENTITY MANAGEMENT, SINGLE SIGN ON, MULTI-FACTOR AUTHENTICATION, ACTIVE DIRECTORY AND APPLICATIONS ARE PROPERLY IMPLEMENTED AND CONFIGURED TO SUPPORT IT AND SECURITY OPERATIONS RESPONSIBLE FOR AUTOMATION DEVELOPMENT AND IMPLEMENTATION OF DISPARATE SECURITY AND ENTERPRISE IT TOOLS RESPONSIBLE FOR PLANNING, DESIGNING, DEVELOPMENT AND IMPLEMENTATION OF ENTERPRISE SECURITY SOLUTIONS THAT ALIGN WITH BUSINESS GOALS AND RISK TOLERANCE. DESIGN, DEPLOY AND MANAGE COUNTERMEASURES TO KNOWN SECURITY THREATS AND DEVELOP PREVENTATIVE MITIGATION STRATEGIES FOR NEW AND EMERGENT THREATS TO ENTERPRISE DATA, NETWORKS AND ASSOCIATED SERVICES. ENSURE, VALIDATE AND MEASURE THE CONSISTENT APPLICATION OF PROTECTIVE MEASURES THROUGHOUT THE ENTERPRISE BUSINESS APPLICATION AND INFRASTRUCTURE SUPPORT ENVIRONMENTS. TAKE APPROPRIATE ACTION TO PROTECT STATE DATA AND TECHNOLOGY SERVICES. Required Skills 5+ YEARS OF EXPERIENCE AND EXPERT UNDERSTANDING OF IDENTITY AND ACCESS CONTROL, LOGGING AND REPORTING SYSTEMS 5+ YEARS OF EXPERIENCE AND EXPERTISE IN AUTOMATION DEVELOPMENT USING TOOLS SUCH AS PYTHON AND BASH CYBER SECURITY AWARENESS AND UNDERSTANDING 5+ YEARS OF EXPERIENCE WITH LINUX, WINDOWS, NETWORK SECURITY PROTOCOLS AND PROCEDURES 5+ YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS AND/OR SYSTEM DEPLOYMENTS Preferred Skills SIEM ANALYSIS AND REPORTING SECURITY FRAMEWORKS: NIST, CSF, CJIS, IRS 1075, CMS MARS-E APPLICATION SECURITY (APPSEC) Education Requirement BACHELOR'S DEGREE IN AN INFORMATION TECHNOLOGY OR INFORMATION SECURITY RELATED FIELD OR EIGHT YEARS OF RELEVANT WORK EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATION PREFERRED EDUCATION/CERTIFICATIONS: CISSP, CISA, CISO OR EQUIVALENT ADVANCED SECURITY CERTIFICATION. ADDITIONAL RELEVANT CERTIFICATIONS (E.G., CEH, OSCP, GPEN). VENDOR CERTIFICATIONS IN SIEM OR LOGGING TECHNOLOGIES. Benefits at IntelliBee Long-Term Stability: Join us on a multi-year opportunities with room to grow. Comprehensive Health Coverage: Access quality healthcare benefits to keep you and your family well. Future Planning: Enroll in our 401(k) program and invest in your financial security. GC Assistance: We support immediate Green Card processing, if required. Please apply on our secured job site at <> or email [email protected]

Seeking an Information Systems Security Officer (ISSO) with a proven track record of DevSecOps success to include a combination of technical skills, communication skills, and cybersecurity skills. is located in Columbia, MD. Your future duties and responsibilities: . Ensure the implementation and maintenance of security controls in accordance with RMF v5 . Manage ATO packages . Draft security documentation including Operating Procedures, Cybersecurity Strategy (CSS), System Security Plans (SSP) ATO packages as well as System Security and Privacy Plan (SSPP) in accordance with DoD policies, Department of Airforce (DAF) regulations and our Federal Government customer's guidance. . The candidate must have expert knowledge and demonstrated experience with cybersecurity technologies, risk management, and incident response procedures as well as have a solid working understanding of computer functions, including hardware, software, and operating systems. This includes knowledge of Windows, Unix, and Linux operating systems, along with other applications such as databases, web servers, networking technologies, including routing, switching, and VPNs. . The ISSO must be able to work autonomously, manage their workload effectively, shift priorities with little to no loss of productivity and communicate effectively with technical and non-technical personnel. Required qualifications to be successful in this role: . Bachelor's degree and 8+ years of experience, or Master's Degree and 6+ years of experience, or PhD and 3+ years of experience. A degree should be within one of the following fields: Information Technology, Computer Science, Cybersecurity, Information Systems, Data Science, or Software Engineering. However, an additional 4 years of relevant experience may be considered in lieu of a Bachelor's degree. . Well-versed in best practices for cyber security program standards, processes, and procedures compliance, industry-standard security frameworks and demonstrated expert working knowledge of NIST Special Publication (SP) 800-53: Recommended Security Controls for Federal Information Systems, NIST SP 800-53A: Guide for Assessing the Security Controls in Federal Information Systems, AFPD 17-1 and AFI 17-130, Cybersecurity Program Management. . Ability writing security policies and procedures, CSS, SSP, SSPP, and assess all ATO package artifacts. . Expert knowledge of Risk Management Framework (RMF) v5 (Processes, workflow, etc.). . Ability to use eMASS to execute, RMF v5 to include document / update system status, identify, document, and manage implementation of operational and technical security controls, implementation and risk assessment tabs, non-compliant and non-validated controls, POAM management (entry, evidence, close-out), produce report and track Plan of Action and Milestone (POA&M) due dates, etc. . The ability to complete a checklist to ensure Security Authorization Process documents are complete and comply with all guidance. . Ability to work collaboratively with IT counterparts, communicate effectively (skilled in communicating complex technical information to non-technical audience) and coordinate STIG remediation with system administrators and developers. . Ability to conduct risk assessments, monitor security Incidents and respond appropriately to Security Threats. . Working understanding of network technology (includes knowledge of network protocols Desired qualifications/non-essential skills required: . Experience transitioning from RMF v4 to v5. . Experience with cloud computing platforms such as AWS and Azure. . Basic understanding of identity and access management system capabilities and configuration. . Experience with TASKORDS, OPORDS, etc. . Experience leading Cybersecurity (ISSO & ISSE) teams. CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $79,600.00 - $194,000.00. CGI Federal's benefits are offered to eligible professionals on their first day of employment to include: . Competitive compensation . Comprehensive insurance options . Matching contributions through the 401(k) plan and the share purchase plan . Paid time off for vacation, holidays, and sick time . Paid parental leave . Learning opportunities and tuition assistance . Wellness and Well-being programs #CGIFederalJob #LI-LB1 #ClearanceJobs Skills: * CompTIA Security+ * Network * TCP/IP What you can expect from us: Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world. Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status or responsibilities, reproductive health decisions, political affiliation, genetic information, height, weight, or any other legally protected status or characteristics to the extent required by applicable federal, state, and/or local laws where we do business. CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at US_Employment_******************. You will need to reference the Position ID of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a Position ID will not be returned. We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members. All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. Dependent upon role and/or federal government security clearance requirements, and in accordance with applicable laws, some background investigations may include a credit check. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.

Mainframe Security EngineerRemote - United StatesJR012476 **Requirements:** + U.S. Citizenship is required. + Must pass a Federal Background Check. **Key Responsibilities:** + Administer security for RACF, ACF2, and Top Secret logon IDs, datasets, and resource rules. + Provision user access in response to ServiceNow tickets within defined SLAs. + Monitor system security policies and investigate violations/incidents. + Perform and review daily, weekly, and monthly audit reports. + Liaise with business units and technical support teams. + Prepare ad hoc reports and deliver presentations for customer support. + Ensure adherence to security standards across the environment. + Provide 24×7 on-call support as required. + Utilize Vanguard and/or IBM zSecure security products. + iSeries security knowledge is a plus. + Manage and lead large projects or tasks as needed. + Project management skills are highly desired. **Technical Skills:** + Proficient in TSO, JCL, IBM Utilities, JES2, and ISPF. + Experience with REXX or other programming languages is desired. + CICS security administration experience preferred. + Experience with Vanguard and/or IBM zSecure security products is desired. + Familiarity with IAM (Identity Access Management), MFA (Multi-Factor Authentication), and PAM (Privileged Access Management) is desired. + Strong PC skills, including Microsoft Outlook, Word, Excel, and PowerPoint. **General Knowledge:** + z/OS experience is highly desired. + Knowledge of other mainframe security products is a plus. **Personal Skills:** + Strong written and verbal communication skills. + Excellent organizational skills with the ability to manage multiple concurrent projects and work as part of a global team. + Ability to work independently and take initiative. + Strong analytical and problem-solving skills. + Effective team player who can work independently in a fast-paced environment. + Self-starter, detail-oriented, and able to multitask. **Education & Certifications:** + Bachelor's or Master's degree preferred. + CISSP, CISA, CISM, or ITIL certification is a plus. **Why Ensono?** Ensono is a place to make better happen - for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices. Some of our benefits include: + Unlimited Paid Days Off + Three health plan options through Blue Cross Blue Shield + 401k with company match + Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts + Paid Maternity Leave, Paternity Leave, and Sabbatical Leave + Education Reimbursement, Student Loan Assistance or 529 College Funding + Enhanced fertility coverage + Wellness program + Depending on location, ability to take Flexible work schedule + Advantage of fitness centers As of the date of this posting, a good faith estimate of the current pay scale for this role is **$90,000 to $135,000** annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program. Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP's pay transparency policy can be found on OFCCP's website (*********************************************************************************************** . If you need accommodation at any point during the application or interview process, please let your recruiter know or email ****************************** . JR012476

By joining Sedgwick, you'll be part of something truly meaningful. It's what our 33,000 colleagues do every day for people around the world who are facing the unexpected. We invite you to grow your career with us, experience our caring culture, and enjoy work-life balance. Here, there's no limit to what you can achieve. Newsweek Recognizes Sedgwick as America's Greatest Workplaces National Top Companies Certified as a Great Place to Work Fortune Best Workplaces in Financial Services & Insurance Security Engineer - Secure Software Development Security Engineer - Secure Software Development **PRIMARY PURPOSE OF THE ROLE:** To manage the implementation of security measures to protect company data, networks, and computer systems. To focus on executing security fundamentals for threat detection, investigation, and response efforts. **ARE YOU AN IDEAL CANDIDATE?** We are looking for enthusiastic candidates who thrive in a collaborative environment, who are driven to deliver great work, are customer-oriented and are naturally empathetic. **ESSENTIAL RESPONSIBLITIES MAY INCLUDE** + Engineers, implements and monitors security measures for the protection of computer systems, networks and information. + Identifies and defines system security requirements. + Designs computer security architecture and develops detailed cyber security designs. + Prepares and documents standard operating procedures and protocols. + Configures and troubleshoots security infrastructure devices. + Develops technical solutions and new security tools to assist in mitigating security vulnerabilities and automating repeatable tasks. + Leads IT groups and business units as necessary in troubleshooting compatibility issues between security tools and business or productivity programs. + Performs analysis of suspected malicious code and other software or programs and provides written or verbal analysis to management. + Analyzes client and customer needs as required and provides clear and concise reports to leadership. + Works closely with management on assigned projects from inception through implementation ensuring adequate internal communication and user involvement is maintained. **QUALIFICATIONS** Eight (8) years of encryption technologies/algorithms, digital forensics, network topologies, and access controls experience or equivalent combination of educated and experience required. **Skills & Knowledge** + Knowledge of TCP/IP services + Knowledge of audit and compliance + Knowledge of vulnerability management + Knowledge of penetration testing + Knowledge of various operating systems + Knowledge of desktop productivity software + Knowledge of Carbon Black Protection + Knowledge of Symantec Endpoint Protection and host data loss prevention + Knowledge of information technology security frameworks + Excellent oral and written communication skills, including presentation skills + PC literate, including Microsoft Office products + Analytical and interpretive skills + Strong organizational skills + Excellent interpersonal skills + Ability to create and complete comprehensive, accurate and constructive written reports + Ability to work in a team environment + Ability to meet or exceed Performance Competencies **Proficient in Snyk for Application Security:** Demonstrated expertise in integrating Snyk into CI/CD pipelines to proactively identify and remediate vulnerabilities in open-source dependencies, container images, and infrastructure as code. Skilled in leveraging Snyk's developer-first tools to maintain secure codebases, enforce security policies, and ensure compliance with industry standards. Experienced in configuring automated scans, interpreting results, and collaborating with development teams to implement effective remediation strategies, contributing to a robust DevSecOps culture. **TAKING CARE OF YOU** + Career development and promotional growth opportunities + A diverse and comprehensive benefits offering including medical, dental vision, 401K, PTO and more \#LI-TS1 Work environment requirements for entry-level opportunities include - Physical: Computer keyboarding Auditory/visual: Hearing, vision and talking Mental: Clear and conceptual thinking ability; excellent judgement and discretion; ability to meet deadlines Travels as required The statements contained in this document are intended to describe the general nature and level of work being performed by a colleague assigned to this description. They are not intended to constitute a comprehensive list of functions, duties, or local variances. Management retains the discretion to add or to change the duties of the position at any time. Sedgwick is an Equal Opportunity Employer and a Drug-Free Workplace. **If you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, consider applying for it anyway! Sedgwick is building a diverse, equitable, and inclusive workplace and recognizes that each person possesses a unique combination of skills, knowledge, and experience. You may be just the right candidate for this or other roles.** **Sedgwick is the world's leading risk and claims administration partner, which helps clients thrive by navigating the unexpected. The company's expertise, combined with the most advanced AI-enabled technology available, sets the standard for solutions in claims administration, loss adjusting, benefits administration, and product recall. With over 33,000 colleagues and 10,000 clients across 80 countries, Sedgwick provides unmatched perspective, caring that counts, and solutions for the rapidly changing and complex risk landscape. For more, see** **sedgwick.com**

Researches, analyzes and troubleshoots information systems compliance and security issues. Identifies, validates and reports on security incidents and events based on enterprise policies and procedures. Performs forensic information security investigations involving enterprise computers, servers and/or networking infrastructure. Assists in providing security infrastructure and support for enterprise systems. Description Logistics: BlueCross BlueShield of South Carolina Location: This hybrid position is full-time (40-hours/week) Monday-Friday in a typical office environment. You will work an 8-hour shift scheduled during our normal business hours of 8:00AM-5:00PM with rotational on-call duties. It may be necessary, given the business need to work occasional overtime. This role is located at 2501 Faraway Drive, Columbia, SC 29223. Government Clearance: This position requires the ability to obtain a security clearance, which requires applicants to be a U.S. Citizen. Sponsorship: This position is not eligible for sponsorship now or in the future. Position Purpose: Researches, analyzes and troubleshoots information systems compliance and security issues. Identifies, validates and reports on security incidents and events based on enterprise policies and procedures. Performs forensic information security investigations involving enterprise computers, servers and/or networking infrastructure. Assists in providing security infrastructure and support for enterprise systems. What You'll Do: Responsible for analyzing compliance and technical control validation data to determine and report baseline variance for all applicable technology environments. Interfaces with internal and external audit staff to ensure appropriate and accurate responses to audit queries are satisfied in a timely fashion. Assists in researching and evaluating systems and procedures for the prevention, detection, containment and correction of information security breaches. Assists in advising management and users regarding security procedures and compliance policies. Utilizing technologically advanced software, performs system monitoring evaluations and audits to ensure compliance with the corporate security policies and standards. Prepares and analyzes compliance information to develop mitigation priorities, milestones and audit responses. Participates in the evaluation of products and/or procedures to enhance productivity and effectiveness of information security across the organization. Assists architects and security specialists to ensure adequate security solutions are in place throughout IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements. Work Environment: Fast paced, multi-platformed environment which may require action and response 24X7 to support the technical business needs of the customer. To Qualify, You'll Need: Required Education: Bachelor's degree in a job-related field Degree Equivalency: 8 total years of job-related work experience OR Associate's degree in a job-related field plus 2 additional years of job-related work experience for a total of 6 years of job-related work experience. Required Experience: 4 years of job-related technical experience. Required Skills and Abilities: Strong data analysis and correlation abilities. Strong organizational, interpersonal and communication skills. Strong knowledge of administrative, procedural and technical controls used to reduce security risks. Ability to effectively prioritize and execute tasks in a high-pressure environment. Strong knowledge of enterprise data architecture, systems engineering and data communications as applied to the automated storage and retrieval of information, using multiple platforms and protocols with the inherent security risks of each. Strong understanding of the organization's goals and objectives. Strong familiarity with threat analysis risk management, configuration management, business continuity and contingency planning as it applies to IT. Ability to troubleshoot multi-vendor Security issues. Able to work in a team-oriented, collaborative environment. Excellent attention to detail. Required Software and Tools: Strong proficiency with applicable IT Security tools (software and hardware). Microsoft Office. We Prefer that You Have: Preferred Work Experience: Experience in network security (Cisco ASA, IPS, VPN, RSA SecurID, PKI, cryptography), security controls for LAN/WANs, client server, web-based systems, and databases. Experience with configuration of security devices such as firewalls, intrusion prevention, patch deployment, and risk assessment/ vulnerability scanners. Level 1 SOC Experience Preferred Software Tools: Intrusion Detection/Prevention systems SIEM Monitoring tools Endpoint Detection and Response software Forensics Analysis tools Tennable Nessus scanning software Preferred Licenses and Certificates: CompTIA Security +, OSCP, GIAC (GSEC, GCIH), CISA, NSA, CISM, CISSP What we Can Do for You: Our comprehensive benefits package includes: 401(k) retirement savings plan with company match Subsidized health plans and free vision coverage Life insurance Paid annual leave - the longer you work here, the more you earn. Nine paid holidays On-site cafeterias and fitness centers in major locations Wellness programs and a healthy lifestyle premium discount Tuition assistance Service recognition What to Expect Next: After submitting your application, our recruiting team members will review your resume to ensure you meet the qualifications. This may include a brief telephone interview or email communication with our recruiter to verify resume specifics and salary requirements. Management will be conducting interviews with those candidates who qualify with prioritization given to those candidates who demonstrate the preferred qualifications. Equal Employment Opportunity Statement BlueCross BlueShield of South Carolina and our subsidiary companies maintain a continuing policy of nondiscrimination in employment to promote employment opportunities for persons regardless of age, race, color, national origin, sex, religion, veteran status, disability, weight, sexual orientation, gender identity, genetic information or any other legally protected status. Additionally, as a federal contractor, the company maintains affirmative action programs to promote employment opportunities for individuals with disabilities and protected veterans. It is our policy to provide equal opportunities in all phases of the employment process and to comply with applicable federal, state and local laws and regulations. We are committed to working with and providing reasonable accommodations to individuals with disabilities, pregnant individuals, individuals with pregnancy-related conditions, and individuals needing accommodations for sincerely held religious beliefs, provided that those accommodations do not impose an undue hardship on the Company. If you need special assistance or an accommodation while seeking employment, please email ************************ or call ************, ext. 47480 with the nature of your request. We will make a determination regarding your request for reasonable accommodation on a case-by-case basis. We participate in E-Verify and comply with the Pay Transparency Nondiscrimination Provision. We are an Equal Opportunity Employer. Here's more information. Some states have required notifications. Here's more information.