Information security analyst jobs in Hazelwood, MO - 102 jobs

The Defense group at Leidos has a career opening for a Network Information Security Specialist on a DISA contract. This role is primarily on the customer site at Scott AFB, IL. Administrator will provide support for assigned systems supporting Joint Worldwide Intelligence Communications System (JWICS). PRIMARY RESPONSIBILITIES: Works independently to perform configuration of Palo Alto enclave firewalls and other Information Assurance Networking assets as needed. Perform required patching, STIGs, upgrades, and updates on IA related assets. Must manage and enforce security strategies and policies within established guidelines. Effectively manage IT Security Strategy, Cyber Security, and Compliance and Risk Management supporting IT Security and Compliance Teams Create and maintain system documentation and support accreditation activities. Complete accreditation checklists and manage devices to mitigate cyber security controls and measures. Assist in the implementation of global projects for Network and Information Assurance upgrades by providing technical insight, projected necessary actions, timelines, and resource availability Implement recurring security requirements on network devices Communicate with multi-tier support and global partners to coordinate troubleshooting efforts where required. Utilize moderate System Administration skills in both Linux and Windows environments to navigate current systems while managing network assets. Lead focused multi-tier teams while troubleshooting or upgrading global network problems. Provide architectural and topology recommendations where efficiencies can be made. BASIC QUALIFICATIONS: Bachelor's degree in a relevant technical discipline with 4+ years of overall related experience, 8+ years of experience will suffice in lieu of degree Active DoD Top Secret Security Clearance and ability to obtain a DoD Top Secret with SCI. Must have experience or training in IA and IA supporting technologies to include Cisco and Juniper firewalls, authentication technologies (e.g., Active Directory), directory services, and vulnerability assessment tools (e.g., Nessus, nmap). At least 3 years Linux or Windows experience. Currently possess DoD 8750 certification at IAT level II, e.g. Security+ce or higher. Currently possess an active Top Secret security clearance with the ability to acquire a Top Secret/SCI clearance. Must satisfy both preparatory and sustaining DoD standard training and certification requirements as a condition of privileged access to any DoD information system. PREFERRED QUALIFICATIONS: Advanced Juniper experience Gigamon Load Balancer experience Experience with VMware vSphere/ESXi 5. ITIL certification. At Leidos, we don't want someone who "fits the mold"-we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, “what's next?” before the dust settles on “what's now.” If you're already scheming step 20 while everyone else is still debating step 2… good. You'll fit right in. Original Posting:January 13, 2026 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range:Pay Range $87,100.00 - $157,450.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

The Information Assurance Principal Analyst/Program Lead will provide leadership, oversight, and operational management for the Joint Operation Planning and Execution System (JOPES) and the Transportation Visualizer (TransViz) Functional Management Support contract. This individual will act as the primary liaison between TeAM, government officials, and all contract stakeholders, ensuring the coordination, integration, and execution of all program activities in accordance with DoD and USTRANSCOM expectations. The Information Assurance Principal Analyst/Program Lead will be responsible for meeting all performance, schedule, and quality objectives as outlined in the contract's scope. Mission Objectives - The primary objective of this project is to support the operational effectiveness and mission readiness of the JOPES and TransViz platforms at Scott Air Force Base. As a critical contract team member, the Information Assurance Principal Analyst/Program Lead ensures seamless functional management, stakeholder coordination, and compliance with all contractual and security requirements while facilitating process improvements and the timely delivery of program services. This position supports USTRANSCOM and associated DoD agencies by optimizing system capabilities and user experience in support of national defense objectives. Position Responsibility Summary Serve as the principal point of contact (POC) for all programmatic, technical, and contractual matters, representing TeAM in communications with government officials and stakeholders. Serve as a Liaison for all meetings & events, coordinating & scheduling all course training for teams, and attending reviews of the program. Lead, supervise, and coordinate activities of the project team-overseeing System Administrators and the Database Administrator-to fulfill contract objectives. Ensure timely and accurate reporting of program performance, deliverables, metrics, and compliance with DoD security, safety, and operational requirements. Manage risks, mitigate issues, and implement corrective actions to maintain project schedule and instill quality control. Oversee and ensure workforce compliance with all mandatory security, safety, and DoD-mandated annual training, including but not limited to OPSEC, Antiterrorism Level I, CUI, and Emergency Operations. Develop and implement process improvements, leveraging industry best practices (e.g., ITIL) to enhance JOPES/TransViz functionality and user satisfaction. Foster a culture of open communication and collaboration across stakeholders, promoting continuous improvement in program delivery. Ensure all support activities are conducted on-site in compliance with established guidelines and within the designated geographic radius.

Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client.* Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Join our dynamic and thriving company as a Data Security Analyst in St. Louis, MO where you'll have the opportunity to make an impact and shape the future of our renowned brands. If you have a passion for fashion, eager to learn and have an eye for detail, this is the perfect role for you! As a member of our team, you'll be part of a company that values results, caring and learning. What You'll Be Doing Monitor security service performance and availability: Provide recommendations on security equipment, software, and services On-going investigation: Inspect information security alarms and events to determine vulnerability and impact Implement processes: Put forth structured risk assessment processes, conducting ongoing threat and vulnerability assessments, and evaluating controls and countermeasures to mitigate risk Participate in architecture reviews: Ensure adherence to information security architecture Develop processes: Create plans for preventing, detecting, identifying, analyzing and responding to information security incidents Design and deliver programs: Create education and training programs on information security and privacy matters The Timberline Group Phone: ************ PO Box 565, Sullivan, Mo 63080 ********************* ************************* "Delivering quality solutions through quality people"

Perform cyber incident response duties, as well as, post notification coordinate/respond to all cyber related incidents and events. Actions include, 24x7x365 monitoring of Security Information and Event Management (SIEM) and other cyber tools used for identifying, diagnosing, mitigating, and reporting any service interruptions within the JTMS environment. This will also include, driving resolutions, coordinating with internal and external teams to identify the root cause, restore service with workarounds if necessary, communicating status to affected stakeholders throughout/following the incident, and completing the after actions report. Contract shall utilize Incident Response Plan and document the details of the event in the Incident Report in order to optimize response actions. The contractor will provide daily ticket reviews, updates, and reports. Requirements Secret Clearance Bachelors degree Experience depending upon Job Level Junior - 0 -3 years Intermediate - 3 -8 years Senior - 8 -11 years Subject Matter Expert - 12+ years

WCBinc is pursuing an opportunity with the National Geospatial-Intelligence Agency (NGA) for Transport & Cybersecurity Services (TCS) contract. The functional capabilities are to provide the information technology (IT) infrastructure services required to deliver timely, relevant, and accurate GEOINT in support of national security. TCS will provide innovative design, engineering, procurement, implementation, operations, sustainment and disposal of transport and cybersecurity IT services on multiple networks and security domains, at multiple locations worldwide to support the NGA GEOINT mission. What You'll Get to Do: Provide cyber threat intelligence services for the collection, fusion, analysis, creation, and distribution of threat intelligence from government entities, commercial feeds, open sources, and other partners to obtain situational awareness of the threat environment. Cyber threat intelligence services shall develop and disseminate reports and tippers to internal and external stakeholders based on events, alerts, and incidents on the customer systems and networks. Provide advanced cybersecurity analytics (ACA) services which aggregates and analyzes products, data, and information to identify trends and patterns, anomalous activity, provide situational awareness of the customers networks, missions and threats, and provide operational recommendations, visualizations, tuning requests, and custom signature creation to the CSOC and other internal and external stakeholders. Implements and monitors security measures for communication systems, networks, and provide advice that systems and personnel adhere to established security standards and Governmental requirements for security on these systems. Designs and implements data network security measures; operates Network Intrusion Detection and Forensics; conducts performance analysis of Information Systems security incidents; develops Continuity of Operation (COOP)/Disaster Recovery (DR) plans and supports certification of Information Systems and Networks. Advanced Cybersecurity Analytics will provide advanced cybersecurity services on an expanded 12x5service support level during core hours and on-call support with two-hour response time during non-core hours. Cyber Threat Intel Services will provide advanced cybersecurity services on an expanded 12x5 service support level during core hours and on-call support with two-hour response time during non-core hours. Supervises operation of Electronic Key Management System, other information security duties, and Public Key Infrastructure. Develops new concepts and processes. Analyzes root causes and resolves issues. Supports more junior level technicians and specialists in their activities. Can perform all tasks of lower level technicians or specialists. Works individually, actively participates on integrated teams, and may also lead a task, project or team Requires guidance and direction from more expert level technicians, specialists, and managers only when dealing with new, uncertain situations. Provides guidance to lower level technicians and specialists.

The Managed Service Security Analyst is responsible for monitoring, detecting, and responding to security incidents to protect client environments. This role involves the identification of vulnerabilities, analyzing security risks, responding to security operations service tickets, and implementing protective measures. The Security Analyst will also assist with security audits, incident response, compliance-related activities and projects, and ensuring that all security services meet established performance and security standards. PRINCIPAL DUTIES AND RESPONSIBILITIES: Client Support: Provide security-related support to clients, addressing concerns, incidents, and queries in a timely manner. Security Monitoring: Perform continuous security monitoring of client systems, networks, and applications for malicious activities or security breaches. Incident Response: Respond to security incidents, conduct investigations, containment, and remediation efforts to mitigate risks and protect client environments. Vulnerability Management: Identify, assess, and prioritize vulnerabilities in client systems, recommending and implementing mitigation strategies. Threat Intelligence: Utilize threat intelligence tools to identify potential risks and provide proactive defense recommendations. Compliance Support: Ensure client systems adhere to regulatory and compliance standards (e.g., PII, HIPAA, PCI-DSS) as required. Security Audits: Assist with internal and external security audits, including the preparation and maintenance of audit documentation. Documentation: Maintain detailed records of security incidents, operational tasks, and system configurations in accordance with best practices. KNOWLEDGE, SKILLS AND ABILITIES: Education: Bachelor's degree in information technology, Computer Science, a related field, or additional years of relevant job experience. Experience: Minimum of 1 year of experience in an IT security or service role, preferably in a managed services environment. Certifications: Relevant certifications such as CASP+, CISSP, CEH, CompTIA Security+, or equivalent are preferred. Skills: Strong understanding of security frameworks (e.g., NIST, ISO 27001). Experience with security information and event management (SIEM) tools. Excellent analytical and problem-solving abilities. Strong communication and interpersonal skills for client-facing interactions. Ability to manage multiple security incidents and tasks simultaneously.

Monitors the health of Touchette Regional Hospital and SIHF Healthcare's security threat posture and cybersecurity & network infrastructure. Develops a deep understanding of the threat landscape and ensures cybersecurity technology is monitored to detect threats. Works with the IS Security Officer and junior members of the team to ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with Touchette Regional Hospital and SIHF Healthcare IT and cybersecurity standards Develops, documents, maintains, and communicates Touchette Regional Hospital and SIHF Healthcare's governance models and compliance codes and standards. Develop, provide, and maintain necessary documentation for all network applications and network systems Assist with network security in a multi-hospital & multi-healthcare clinic environment Key responsibilities include: Monitors endpoint anti-virus & malware, content-filtering, data loss prevention solutions, multi factor authentication systems, device profiling systems, firewall rules, network ACLs, server configuration monitoring, network logging consolidation and event correlation systems. Analyze threat intelligence to anticipate and mitigate potential risks. Conduct root cause analysis of security incidents and recommend corrective actions. Conduct research on network products, services, protocols, and standards in support of network & security procurement and development efforts. Installs and maintains network & security operating systems; ensures that backup copies of all files are routinely made and securely stored at separate location; maintains system documentation. Develops vulnerability remediation documentation and assists in the remediation of vulnerabilities both on server and network systems both cloud and physical. Documents systems with vulnerability's that are not able to be remediated, develops an action plan to secure those devices and communicates this information to stakeholder's and the IS Security Officer. Develops the skills necessary to manage network security solutions. Develops expertise in scanning and monitoring networks or server systems for attacks, malicious software, intrusions, and threats. Develops an understanding of the organization's current threat posture and uses a variety of tools to understand emerging threat patterns and gauge potential impacts to day-to-day business processes. Develops attack and penetration technologies to reduce threat landscape while looking for creative ways to save money and time where possible. Works with the IS Security Officer to develop policies and training to ensure employees are following and understanding security policies and procedures. Provides cybersecurity and network support for operational systems and assists in business planning, maintenance, and troubleshooting. Executes risk management initiatives to assess risk and gather information/data for defining/updating policy/standards. Researches and interprets risks and impacts of new technology, emerging patterns and trends in the cybersecurity landscape and provides updates/reports to the IS Security Officer on a regular basis. Develops monitoring use cases, tests, and assesses the effectiveness of Digital controls. Develops expertise in working with Network Packet Analyzers, Next-Generation Antivirus, Endpoint Detection and Response, Cyber Threat Intelligence and Threat Hunting Tools. Engages and communicates effectively with internal personnel, external vendors, or contacts in day-to-day activities and fosters positive business relationships. Educates the various business units on the different IT or cybersecurity strategies, policies, processes, and procedures. Executes projects and programs for the Network and Security team as required. Prepares and works with the different stakeholders to develop business continuity, disaster recovery and incident response plans Develop methods or propose technologies to protect data at rest when required. Will be required to provide on-call support in rotating intervals and emergency support as needed. Ability to occasionally support routine or emergency network or security changes during normal business hours, after-hours, on weekends or during holidays is required. At the direction of your supervisor this may involve travel on-site to a pre-determined location to support these changes. Ability to participate in on-call rotation. Provides second-level technical support to users concerning network & security system operations. Performs all other duties as assigned. Qualifications Bachelor's degree preferred, preferably in computer science, cybersecurity, network engineering, engineering, mathematics, or equivalent work experience 5-6 years of experience in information security, cybersecurity, or a related IT role. Professional certifications preferred Cisco Certified CyberOps Professional (CCCP), Cisco Certified Network Professional - Security (CCNP Security), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Certified Enterprise Defender (GCED). In addition to the above qualifications, the successful candidate will demonstrate: Fundamental knowledge of networking & security concepts Understand the OSI model, well-known and reserved ports & network protocol specifications Understand encryption methods used in securing network traffic transiting unsecured networks Understand encryption methods to secure sensitive information stored digitally Hands-on technical troubleshooting capabilities (physical, virtual, logical) Ability to work independently under minimal supervision Familiarity with network monitoring tools Exceptional critical thinking and problem-solving ability Strong interpersonal skills to assist non-technical individuals with complex technical issues Ability to adapt and learn new skills rapidly in support of the IT organization across a variety of different operating systems, protocols, applications, or technologies. Enthusiasm Teamworking skills Attention to detail Physical Demands: Must be able to sit and/or stand for prolonged periods of time Must be able to wear personal protective equipment (PPE) (mask, gown, gloves) when required Must occasionally lift and/or move up to 50 pounds; 100 pounds with assistance.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Senior AI Security EngineerAs an Information Security Engineer specializing in AI Security and Data Science, you will be at the forefront of protecting our AI systems and the underlying data that powers them. Your role will combine deep technical expertise in security engineering with strong data science capabilities to analyze, interpret, and secure complex datasets used in AI models. You will design and implement advanced security measures to safeguard AI infrastructure and ensure the integrity, confidentiality, and availability of AI-driven solutions. Key Responsibilities: - Security Architecture Design: Architect and implement robust security frameworks for AI systems, including secure coding practices and design principles. -Data Analysis & Risk Modeling: Apply data science techniques to analyze AI system data, identify patterns, and assess potential security risks. Develop predictive models to anticipate vulnerabilities and threats. - Vulnerability Assessment: Implement and manage tooling for penetration testing on AI models and systems, leveraging statistical and data-driven approaches to prioritize remediation. - Secure AI Development: Collaborate with data scientists and software engineers to integrate security best practices into the AI development lifecycle, including secure model training, validation, and deployment. - Data Governance & Privacy: Ensure compliance with data protection standards (GDPR, NIST, ISO) and implement privacy-preserving techniques such as differential privacy and federated learning. - Research and Innovation: Stay abreast of advancements in AI security and data science, conduct research, and contribute to innovative security solutions. - Documentation and Reporting: Prepare detailed reports and dashboards using data visualization tools to communicate security posture and risk insights. - Advisory and Support: Provide guidance on secure data handling and AI security best practices to cross-functional teams. - Technical Training and Mentorship: Mentor team members on AI security principles and data science methodologies. - Experimentation and POCs: Design and execute experiments and proof-of-concepts to validate emerging threats and security solutions using data-driven approaches. Qualifications: Bachelor's or Master's degree in Computer Science, Information Security, Data Science, or related field. Relevant experience in information security with a strong focus on AI systems and data protection. Proficiency in data science tools and languages (Python, R, SQL) and experience with machine learning frameworks (TensorFlow, PyTorch). Strong understanding of statistical modeling, data visualization, and anomaly detection techniques. Expertise in designing and implementing security measures for AI systems, including encryption, access controls, and secure coding desired. Excellent analytical and problem-solving skills with ability to interpret complex datasets for security insights. Relevant certifications such as CISSP, CEH, OSCP, or data science certifications are highly desirable.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $115,000 - $184,000 USD

Exegy is a global leader in intelligent market data, advanced trading systems, and future-proof technology. Exegy serves as a trusted partner to the complete ecosystem of the buy-side, sell-side, exchanges, and financial services technology firms around the globe. Headquartered in St. Louis with regional offices in North America, the UK/Europe and Asia Pacific, Exegy has the global footprint to deliver world-class support and managed services to its customer base of elite financial market participants. Job Summary We are seeking a hands-on Security Engineer - ASR to own and mature our vulnerability management program with a clear mandate to reduce real organizational risk and shrink our attack surface. This role goes beyond scanning and reporting-success is measured by fewer exploitable weaknesses, faster remediation, and sustained risk reduction over time. The ideal candidate is analytical, persistent, and pragmatic, with the ability to translate vulnerability data into clear, risk-based prioritized actions that engineering and /or IT teams can execute. Responsibilities Risk-Driven Vulnerability Management Own the end-to-end vulnerability lifecycle: discovery, prioritization, remediation tracking, and validation Maintain accurate asset and exposure visibility across endpoints, servers, cloud workloads, SaaS, and internet-facing systems Perform regular vulnerability scanning and ad-hoc assessments Prioritize remediation based on real-world risk, considering: Exploitability and threat intelligence Asset criticality and business impact Exposure (internet-facing, privileged systems, sensitive data) Reduce vulnerability noise by deduplicating findings and focusing teams on what matters most Track remediation progress and validate fixes Attack Surface Reduction Identify and eliminate: Unmanaged or unknown assets Legacy systems with chronic vulnerabilities Misconfigurations that expand attack surface Partner with IT and Engineering to: Improve patching cadence Enforce secure configuration baselines Reduce recurring vulnerability patterns Recommend compensating controls where remediation is not immediately feasible Threat Awareness & Continuous Improvement Conduct targeted threat analysis and light threat hunting to identify exploitation attempts and abnormal authentication or privilege activity Feed threat intelligence and observed attacker behavior back into vulnerability prioritization Improve detection, hardening, and prevention based on findings Collaboration & Communication Work closely with IT, Engineering, and Infrastructure teams to drive remediation outcomes Translate technical vulnerabilities into clear, actionable risk statements Provide leadership with concise, outcome-focused metrics and trend reporting Contribute to security standards, procedures, and operational improvements Success Metrics Reduction in critical and high-risk vulnerabilities over time Mean time to remediate (MTTR) Percentage of assets with known ownership and patch coverage Reduction in repeat or systemic vulnerabilities Demonstrated attack surface reduction (fewer exposed services, unused assets, misconfigurations) Our Ideal Candidate Has: Technical Experience 3+ years of hands-on experience in security engineering, vulnerability management, or a closely related discipline Strong working knowledge of common vulnerability classes, exploitation techniques, and attacker methodologies Solid foundation in operating systems, networking concepts, and cloud fundamentals Experience using vulnerability scanning, detection, and security monitoring tools to identify and assess risk Demonstrated ability to prioritize remediation efforts based on business and technical risk rather than raw finding volume Risk & Threat Awareness Familiarity with how vulnerabilities map real-world attack techniques and threat models Working knowledge of widely adopted security frameworks and control sets (e.g., MITRE ATT&CK, NIST CSF, ISO 27001, CIS Controls) Ability to contextualize vulnerability findings within broader security, operational, and compliance considerations Execution & Communication Approach Capable of clearly documenting vulnerability findings, risk rationale, and remediation guidance Effective in working with engineering, infrastructure, and IT teams to drive timely remediation Comfortable translating technical findings into actionable work items and recommendations Experience That Enhances Impact Experience operating in lean or resource-constrained environments where prioritization and pragmatism are critical Exposure to integrating vulnerability findings into ticketing, backlog management, or ITSM workflows Relevant security certifications (e.g., Security+, CEH, CISSP) or equivalent practical experience are beneficial but are not required

Apex Systems is seeking a Data Analyst to join a Workforce Analytics team for one of our clients. This role is ideal for someone passionate about data and supporting strategic initiatives focused on optimizing a dynamic workforce and improving the employee experience. You will play a key role in executing, designing, and improving workforce reports that drive organizational decisions. The Workforce Analytics team is responsible for bringing insight to help improve operations, fuel innovation, and execute organizational goals. We do this by focusing on three key areas: * Quality of source data * Integration and accessibility to information * Providing tools to assist in identifying connections and correlations that will provide insight into our current and future workforce Responsibilities * Assist with the design, development, and execution of dashboards, scorecards, presentations, communications, and reporting that drive decisions for organizational initiatives, resources, and programs. * Proactively monitor, analyze, and troubleshoot workforce data to identify and resolve issues ensuring objectives are met. * Gather reporting requirements and deliver the best analytical solution to help solve business needs. * Maintain full understanding of performance tools, systems, and enhancements that automate and streamline workforce data. * Design, develop, enhance, evaluate, and implement both scheduled reporting and ad-hoc reporting requests. * Maintain data integrity and ongoing quality control of systems, tools, and delivered reports through testing and validation. * Assist with presentations, explanations, and discussions of the results of analysis concisely and effectively to support decision-making. * Understand HRIS systems administration and reporting. * Partner with leadership to identify, implement, and ensure compliance on audits and reporting. * Assist with projects that support workforce initiatives. Required Skills * Commitment to incorporating security into all decisions and daily job responsibilities. * 2 or more years of related experience. * 1 or more years of experience reporting and analyzing workforce data in a professional environment using research and database software. * Experience with Talent Management systems (HRIS, performance management, talent acquisition, learning & development, vendor management). * Intermediate to advanced skill level in Microsoft Excel (VLOOKUPs, pivots, formulas). * Advanced level understanding of MS Office Suite. * Strong research, critical thinking, and problem-solving skills. * Excellent organizational and time management skills. * Ability to effectively communicate data results to stakeholders. * Ability to work independently or within a team, as needed. * Demonstrated ability to make sound and well-informed decisions regarding a broad range of factors. * Strong customer service orientation. * Ability to maintain confidentiality at all times. Preferred * Bachelor's degree in Human Resources, Computer Information Systems, Management Information Systems, or related field. * Intermediate skill level in Microsoft SharePoint (lists, views, and access security for data collection). Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click here for more details. Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. Employee Type: Contract Remote: Yes Location: St. Louis, MO, US Job Type: Date Posted: December 12, 2025 Pay Range: $35 - $45 per hour Similar Jobs * Business Analyst * SOC Analyst * Business Analyst * Telecommunications Analyst * Business Analyst

The position is in the Strategy, Planning and Execution (SPE) team, in the Information Risk Management (IRM) department. IRM is responsible for managing the Information Security risk for the organization. The SPE team leads the creation of the multi-year strategy and IRM roadmaps, and manages the execution of the plans. SPE also defines the corporate security standards, performs risk assessments, and measures organizational security performance. ESSENTIAL FUNCTIONS •Perform application and system risk assessments and security audits of internal and external facilities against established standards •Provides consultative advice to information security customers that enables them to make informed risk management decisions •Contribute in establishing policies and procedures necessary to ensure the security of information system assets, and to protect them from intentional or inadvertent access, disclosure, or destruction •Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., Sarbanes Oxley, HIPAA •Weigh business needs against security concerns and articulate issues and options to management •Maintains appropriate security documentation for applications and systems •Ensures that user community understands and adheres to necessary procedures to maintain security •Communicates risk assessment findings to information security “customers,” or business partners •Active participation in strategic initiatives in accordance to the IRM roadmap Qualifications QUALIFICATIONS •At least 5 years of IT experience with a Bachelor's Degree in computer related field or equivalent •At least 3 years of experience in Information Security •PC skills including knowledge of Microsoft Office •Excellent organizational skills and ability to communicate with internal/external entities and executives a must •Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities •Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve •Certification in information security (CISSP, CISM, GIAC, or equivalent) preferred Additional Information All your information will be kept confidential according to EEO guidelines.

Significance is a woman-owned consulting firm serving the federal government. We are known for building trusted relationships within our teams and with our clients and hiring the highest-level experts who implement innovative solutions. We also like to have fun! Our focus on culture has contributed to Significance being named a Washington Business Journal Best Place to Work each of the last seven years. We are seeking an IT Audit Analyst to join our program in support of USTRANSCOM at Scott AFB. Work will be performed on a hybrid basis with onsite work expected 3 days per week. In this role you will: • Conduct reviews of a designated critical feeder and core accounting systems for compliance with applicable standards, ensuring compliance with: o DoD Instruction 8510.01 o NIST 800-53 RMF o FMFIA o Federal Information System Controls Audit Manual (FISCAM)• Support with the execution of test plans to evaluate design and operating effectiveness of IT controls. As findings are addressed, the Contractor shall assist in the development of a CAP.• Provide support in reviewing and mapping the Statement on Standards for Attestation Engagements 18 reports, reviewing and testing Complimentary User Entity Controls (CUEC), and providing the test results. • Support the development of CAPs and support remediation testing for CAPs that have been implemented by the programs. The results of the CUEC reviews are reported in the timeframe and format provided by OSD.• Support with FISCAM training as requested to program managers.Required Skills/Experience Interim Secret security clearance with ability to get a fully active secret security clearance 0-3 years experience in a related position, preferably supporting DoD agencies Bachelor's Degree (Information Systems, Accounting or relevant field) Must be currently located in the St. Louis metro area and able to report to Scott AFB at least 5 days/week Desired Skills Experience (can include internships) with IT audit or internal audit in the Federal Government At Significance, your base pay is one part of your total compensation package and is determined within a range. Our pay ranges are based on the local cost of labor benchmarks for each specific role, level, and geographic location. We carefully consider a wide range of factors when determining compensation, including but not limited to experience; job-related skill sets; relevant education or training; and other business and organizational needs. The salary range listed is for the level at which this job has been scoped. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for a comprehensive and generous benefits package. We are an E-Verify Employer********************************************** Contents/E-Verify_Participation_Poster.pdf**************************************************************************************

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

Job Description Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

Security analysts are responsible for analyzing system and application security and making recommendations that optimize the protection of our computer systems and information resources. Security analysts develop, test, implement and maintain security policies and programs. They are responsible for staying current on security best practices and identifying security procedures to support business objectives and regulatory compliance. Responsibilities: The Information Security Office (ISO) Regulatory Compliance team is seeking a Security Analyst 2 to actively contribute to our organization's compliance efforts. This role calls for someone who can work closely with various business units, conduct thorough assessments, and assist in crafting effective remediation plans. Key Responsibilities: As a Security Analyst 2 on the Regulatory Compliance Team, you will: Coordinate audits with external assessors (QSA) and internal stakeholders to streamline assessment process related to collecting evidences Lead the validation of PCI requirements testing results and drive compliance gap remediation efforts Create and maintain documentation to support PCI program Conduct comprehensive internal compliance assessments, identify compliance gaps, and actively participate in developing remediation plans. Collaborate closely with different business units to ensure alignment with relevant regulations and standards. Support automation efforts across the compliance function. Regularly review policies and procedures to ensure ongoing compliance with regulatory requirements. Effectively manage and prioritize multiple projects related to regulatory compliance. Stay vigilant in monitoring and tracking regulatory changes, providing teams with guidance on updating policies and procedures as needed. Be a source of guidance and support for fellow members of the compliance team. Qualifications: Required: Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future Must be committed to incorporating security into all decisions and daily job responsibilities 3+ years with leading, planning and execution of PCI assessments which includes review of control design with a focus on payment card compliance and security. Demonstrate the ability to work both independently with a strong sense of ownership and collaboratively within a team to achieve departmental and project objectives. Ability to maintain a high degree of confidentiality. Detail-oriented with strong project management skills, including project planning, directing project activities, and leading project teams. Proficient in documentation, communication skills, and a proven ability to deliver formal and informal presentations to a diverse audience. Ability to organize and prioritize multiple complex assignments and tasks for self and team members, ensuring deadlines are met. Excellent problem-solving and analytical skills, with the ability to define problems, collect data, establish facts, and draw valid conclusions. Demonstrated leadership, collaboration, and relationship management skills, representing goals within the team and outside the department. Ability to be flexible and adaptable to changing requirements and responsibilities while delivering high-quality results. Commitment to incorporating security into all decisions and daily job responsibilities. Proficiency with Microsoft Office applications, including Outlook, Word, PowerPoint, and Excel. Preferred: Bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Management Information Systems, or extensive security-related experience, or an equivalent combination of education and experience. Functional knowledge of productivity, documentation, and collaboration tools such as SharePoint, Jira, Confluence, and Jive. The Timberline Group Phone: ************ PO Box 385, Lebanon, MO 65536 ********************* ************************* "Delivering quality solutions through quality people"

Job Description Monitors the health of Touchette Regional Hospital and SIHF Healthcare's security threat posture and cybersecurity & network infrastructure. Develops a deep understanding of the threat landscape and ensures cybersecurity technology is monitored to detect threats. Works with the IS Security Officer and junior members of the team to ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with Touchette Regional Hospital and SIHF Healthcare IT and cybersecurity standards Develops, documents, maintains, and communicates Touchette Regional Hospital and SIHF Healthcare's governance models and compliance codes and standards. Develop, provide, and maintain necessary documentation for all network applications and network systems Assist with network security in a multi-hospital & multi-healthcare clinic environment Key responsibilities include: Monitors endpoint anti-virus & malware, content-filtering, data loss prevention solutions, multi factor authentication systems, device profiling systems, firewall rules, network ACLs, server configuration monitoring, network logging consolidation and event correlation systems. Analyze threat intelligence to anticipate and mitigate potential risks. Conduct root cause analysis of security incidents and recommend corrective actions. Conduct research on network products, services, protocols, and standards in support of network & security procurement and development efforts. Installs and maintains network & security operating systems; ensures that backup copies of all files are routinely made and securely stored at separate location; maintains system documentation. Develops vulnerability remediation documentation and assists in the remediation of vulnerabilities both on server and network systems both cloud and physical. Documents systems with vulnerability's that are not able to be remediated, develops an action plan to secure those devices and communicates this information to stakeholder's and the IS Security Officer. Develops the skills necessary to manage network security solutions. Develops expertise in scanning and monitoring networks or server systems for attacks, malicious software, intrusions, and threats. Develops an understanding of the organization's current threat posture and uses a variety of tools to understand emerging threat patterns and gauge potential impacts to day-to-day business processes. Develops attack and penetration technologies to reduce threat landscape while looking for creative ways to save money and time where possible. Works with the IS Security Officer to develop policies and training to ensure employees are following and understanding security policies and procedures. Provides cybersecurity and network support for operational systems and assists in business planning, maintenance, and troubleshooting. Executes risk management initiatives to assess risk and gather information/data for defining/updating policy/standards. Researches and interprets risks and impacts of new technology, emerging patterns and trends in the cybersecurity landscape and provides updates/reports to the IS Security Officer on a regular basis. Develops monitoring use cases, tests, and assesses the effectiveness of Digital controls. Develops expertise in working with Network Packet Analyzers, Next-Generation Antivirus, Endpoint Detection and Response, Cyber Threat Intelligence and Threat Hunting Tools. Engages and communicates effectively with internal personnel, external vendors, or contacts in day-to-day activities and fosters positive business relationships. Educates the various business units on the different IT or cybersecurity strategies, policies, processes, and procedures. Executes projects and programs for the Network and Security team as required. Prepares and works with the different stakeholders to develop business continuity, disaster recovery and incident response plans Develop methods or propose technologies to protect data at rest when required. Will be required to provide on-call support in rotating intervals and emergency support as needed. Ability to occasionally support routine or emergency network or security changes during normal business hours, after-hours, on weekends or during holidays is required. At the direction of your supervisor this may involve travel on-site to a pre-determined location to support these changes. Ability to participate in on-call rotation. Provides second-level technical support to users concerning network & security system operations. Performs all other duties as assigned. Qualifications Bachelor's degree preferred, preferably in computer science, cybersecurity, network engineering, engineering, mathematics, or equivalent work experience 5-6 years of experience in information security, cybersecurity, or a related IT role. Professional certifications preferred Cisco Certified CyberOps Professional (CCCP), Cisco Certified Network Professional - Security (CCNP Security), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Certified Enterprise Defender (GCED). In addition to the above qualifications, the successful candidate will demonstrate: Fundamental knowledge of networking & security concepts Understand the OSI model, well-known and reserved ports & network protocol specifications Understand encryption methods used in securing network traffic transiting unsecured networks Understand encryption methods to secure sensitive information stored digitally Hands-on technical troubleshooting capabilities (physical, virtual, logical) Ability to work independently under minimal supervision Familiarity with network monitoring tools Exceptional critical thinking and problem-solving ability Strong interpersonal skills to assist non-technical individuals with complex technical issues Ability to adapt and learn new skills rapidly in support of the IT organization across a variety of different operating systems, protocols, applications, or technologies. Enthusiasm Teamworking skills Attention to detail Physical Demands: Must be able to sit and/or stand for prolonged periods of time Must be able to wear personal protective equipment (PPE) (mask, gown, gloves) when required Must occasionally lift and/or move up to 50 pounds; 100 pounds with assistance.