Information security analyst full time jobs

Responsibilities and Qualifications RESPONSIBILITIES Serve as a cybersecurity SME, providing support for ESS and EKC system assessments. Fully versed in the general tenets of the DoD's authorization process, including relevant cybersecurity policies, procedures, and processes. Support the DoD cybersecurity process by serving as a SME for ESS and/or EKC systems undergoing authorization. Design, develop, and implement cybersecurity measures into systems, delivering comprehensive cybersecurity assessment documentation. Understand and apply security controls identified in NIST 800-53 to the process of assessing and authorizing DLA ESS and EKC systems. Determine the severity value of identified vulnerabilities and assess their potential impact on the system's current or future authorization status. Perform key functions related to security control selection, implementation, and documentation. Collaborate closely with the Information Systems Security Manager (ISSM) on complex system details. Monitor and control communications at key internal boundaries among subsystems and provide system-wide common controls that meet or exceed the requirements of constituent subsystems. Lead the development, integration, and testing processes to deliver and deploy production-ready systems that meet business requirements and project schedules. Work closely with product management to translate business requirements into technical solutions, architecture design, level of effort, and project schedule. Design architecture and establish best practices to produce efficient and effective system operations while minimizing refactoring and rework. Provide support for the Security Technical Implementation Guides (STIGs) process and develop and submit cybersecurity documentation as required. Ensure the implementation of DoD STIG compliance for ESS/EKC systems/applications and maintain compliance with required DoD STIGs. Support reviews associated with STIGs, cyber assessments, and continuous monitoring activities. REQUIRED QUALIFICATIONS Experience: Five (5) years of relevant C&A experience MF and NIST C&A experience DOD cybersecurity experience Certifications: (One of the following) CGRC/CAP CASP+ CCSP SSCP Security+ GSEC CISM CISSO FITSP-M GCIA GCSA GCIH GSLC GICSP CISSP-ISSMP CISSP Clearance: Must possess a Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). Overview We are seeking a Senior System Security / Cybersecurity Analyst to join our team supporting DLA Integrated Electronic Security Systems (IESS) and Electronic Key Control (EKC). TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles - the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at ***************** Apply now to explore jobs with us! The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation. By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration. Additional Job Information WORK ENVIRONMENT AND PHYSICAL DEMANDS The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Location: Columbus, OH Type of environment: On Site Noise level: Medium Work schedule: Schedule is day shift Monday - Friday. May be requested to work evenings and weekends to meet program and contract needs. Amount of Travel: Less than 10% PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus. WORK AUTHORIZATION/SECURITY CLEARANCE U.S. Citizen Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). OTHER INFORMATION Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment. EQUAL EMPLOYMENT OPPORTUNITY In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information, or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment. TekSynap is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please contact *************** for assistance.

Responsibilities & Qualifications RESPONSIBILITIES Serve as a cybersecurity SME, providing support for ESS and EKC system assessments. Fully versed in the general tenets of the DoD's authorization process, including relevant cybersecurity policies, procedures, and processes. Support the DoD cybersecurity process by serving as a SME for ESS and/or EKC systems undergoing authorization. Design, develop, and implement cybersecurity measures into systems, delivering comprehensive cybersecurity assessment documentation. Understand and apply security controls identified in NIST 800-53 to the process of assessing and authorizing DLA ESS and EKC systems. Determine the severity value of identified vulnerabilities and assess their potential impact on the system's current or future authorization status. Perform key functions related to security control selection, implementation, and documentation. Collaborate closely with the Information Systems Security Manager (ISSM) on complex system details. Monitor and control communications at key internal boundaries among subsystems and provide system-wide common controls that meet or exceed the requirements of constituent subsystems. Lead the development, integration, and testing processes to deliver and deploy production-ready systems that meet business requirements and project schedules. Work closely with product management to translate business requirements into technical solutions, architecture design, level of effort, and project schedule. Design architecture and establish best practices to produce efficient and effective system operations while minimizing refactoring and rework. Provide support for the Security Technical Implementation Guides (STIGs) process and develop and submit cybersecurity documentation as required. Ensure the implementation of DoD STIG compliance for ESS/EKC systems/applications and maintain compliance with required DoD STIGs. Support reviews associated with STIGs, cyber assessments, and continuous monitoring activities. REQUIRED QUALIFICATIONS Experience: Five (5) years of relevant C&A experience MF and NIST C&A experience DOD cybersecurity experience Certifications: (One of the following) CGRC/CAP CASP+ CCSP SSCP Security+ GSEC CISM CISSO FITSP-M GCIA GCSA GCIH GSLC GICSP CISSP-ISSMP CISSP Clearance: Must possess a Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). Overview We are seeking a Senior System Security / Cybersecurity Analyst to join our team supporting DLA Integrated Electronic Security Systems (IESS) and Electronic Key Control (EKC). TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles - the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at ***************** Apply now to explore jobs with us! The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation. By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration. Additional Job Information WORK ENVIRONMENT AND PHYSICAL DEMANDS The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Location: Columbus, OH Type of environment: On Site Noise level: Medium Work schedule: Schedule is day shift Monday - Friday. May be requested to work evenings and weekends to meet program and contract needs. Amount of Travel: Less than 10% PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus. WORK AUTHORIZATION/SECURITY CLEARANCE U.S. Citizen Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). OTHER INFORMATION Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment. EQUAL EMPLOYMENT OPPORTUNITY In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information, or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment. TekSynap is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please contact *************** for assistance.

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G. Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide. Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands. From Day 1, you'll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful work that will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded. The Opportunity Are you a person who is passionate about breaking applications, devices, services and/or processes to help protect them against the world's most advanced cyber security adversaries? The Information Security Protect organization at P&G is responsible for providing a realistic depiction of threat actor behaviors and scenarios during simulated exercises. We drive improvements to applications and systems, as well as detection and response capabilities through regular testing of security controls across the enterprise. Responsibilities: + Lead end-to-end red team operations aligned to priority threat actors: scenario design, ROE, pre-briefs, execution, and hot-wash/AAR. + Support purple-team engagements with DFIR/SOC and Detection Engineering to convert TTPs into durable detections, runbooks, and response improvements with measurable outcomes. + Orchestrate assumed-breach campaigns emphasizing evasion and control bypass (EDR/AV, email/web security, identity/conditional access, network segmentation, cloud guardrails). + Perform campaign/TTP research, develop internal PoCs/tooling (e.g., tradecraft to exercise specific controls, lightweight payloads), and steward OPSEC. + Produce executive-ready risk narratives and technical reporting (ATT&CK mapping, artifacts, evidence handling) and brief senior leadership. + Mentor junior engineers; set standards for craft quality, methodology, and safety. + Coordinate multi-party/third-party exercises; manage risk, deconflict with production, and ensure stakeholder alignment. + Contribute to operational expansion by researching, prototyping, and developing novel capabilities for offensive use. + Contribute to program maturity: metrics/KPIs, roadmap, methodology standardization, control validation cadence, and integration with vulnerability management. Job Qualifications Required: + BA or BS degree in Information Security, Cyber Security, Computer Science, or related field (OR 7+ years of relevant experience required in lieu of a degree). + 5+ years running offensive or emulation operations in large/complex environments, with demonstrated impact on detections/response. + Expertise across 2+ domains: enterprise/web/mobile apps; identity; cloud (AWS/GCP/Azure); network/endpoint; IoT/OT; or directory services. + Proven ability to bypass preventative/detective controls and reach mission objectives while maintaining safety and ROE. + Strong engineering skills (Python, PowerShell, GO, C++, Web Frameworks); comfort with low-level concepts a plus) and familiarity with C2 tradecraft. + Deep command of MITRE ATT&CK and threat-informed defense; history partnering with DFIR/SOC and Detection Engineering. + Excellent executive and technical communication. + Ability to work in Cincinnati, Ohio based office 3 days per week. Preferred: + Leadership of purple-team campaigns and incident-driven emulations; closed-loop improvements with measurable KPI movement. + Building program metrics/KPIs, standardizing reporting, and integrating with risk governance. + Threat-intel integration: actor/campaign analysis, hypothesis generation, and prioritization tied to business impact. + Identity and cloud attack paths (SSO, MFA, OAuth, PAM; AWS/GCP/Azure control planes) with hardening collaboration across platform/IDAM teams. + Coordinating large third-party exercises and setting complex ROE. Pay Range: $110,000 - $165,000 Compensation for roles at P&G varies depending on a wide array of equal opportunity factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process. Our company is committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ's, please click HERE (******************************************************* . P&G participates in e-verify as required by law. Qualified individuals will not be disadvantaged based on being unemployed. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Job Schedule Full time Job Number R000138781 Job Segmentation Experienced Professionals Starting Pay / Salary Range $110,000.00 - $165,000.00 / year

Full Part/Time: Full time Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information Security, Information Security Management, Information System Security Certifications: None Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) II is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide "day-to-day" support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include: * Assist the ISSM in meeting their duties and responsibilities. * Prepare, review, and update authorization packages. * Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. * Notify ISSM when changes occur that might affect the authorization determination of the information system(s). * Conduct periodic reviews of information systems to ensure compliance with the security authorization package. * Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. * Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. * Ensure all IS security-related documentation is current and accessible to properly authorized individuals. * Ensure audit records are collected, reviewed, and documented (to include any anomalies) * Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. * Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. * Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. * Prepare reports on the status of security safeguards applied to computer systems. * Perform ISSO duties in support of in-house and external customers. * Conduct continuous monitoring activities for authorization boundaries under your preview. * Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: * 5+ years related experience. * 2+ years SAP experience required. * Prior performance in roles such as System, Network Administrator or ISSO. Education: * Bachelor's degree OR Associate's degree in a related area + 2 years' experience OR equivalent experience (4 years) Certifications: * IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II - within 6 months of hire Clearance Required to Start: * TS/SCI required * Must be able to Attain - TS/SCI with CI Polygraph #AirforceSAPOpportunities The likely salary range for this position is $92,735 - $125,465. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA OH Dayton Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

: Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world's largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership. Information Security Analyst 2 Job Duties Governance, Risk, & Compliance (GRC) Application Subject Matter Expert - Operate and maintain Company's Governance, Risk and Compliance (GRC) platform, its libraries, reports, portals, and data integrations to effectively support operations, data accuracy and user processes. Serve as the primary liaison for GRC software vendors, by maintaining contact with vendor representatives, submitting troubleshooting tickets and software feedback to improve the user experience. Support Company's Enterprise Risk Management, Compliance, Vendor Management, Business Continuity Planning, Information Technology and Security, Project Management and Audit Programs with data entry, maintenance, and configuration. Develop, maintain, and distribute custom and ad hoc reporting of risk data including taxonomy analytics and Key Risk Indicators (KRI's). Security Architecture & Control Design - Develop/integrate cybersecurity designs for systems and networks for the processing of company data. Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements. Ensure that acquired or developed systems and architectures are consistent with company's cybersecurity architecture guidelines. Risk Assessment - Coordinate external risk assessments including audits, gap assessments, and penetration testing to evaluate security architectures and designs to determine the adequacy of security design and architecture. Determine protection needs (i.e., security controls) for company's information processing and document appropriately. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. Incident Response Communication- Coordinate communication and information sharing aspects of incident response. Draft messages and updates to internal and external audiences for Incident Response Team (IRT) review, such as employees, customers, partners, media, or public. Handle crisis management issues and provides guidance and education on incident prevention and response best practices. Perform other duties as assigned. Minimum Qualifications 2-4 years related experience Associate's degree (Information Technology, Cyber Security, Computer Science) Non-degree considered if 6+ years of related experience along with a high school diploma (GED) Preferred Qualifications Intermediate knowledge of various Information Security & Privacy Frameworks such as the Secure Controls Framework, NIST CSF, NIST 800-171, NIST 800-53, NIST Privacy Framework, ISO-27001, ISO-27701, GDPR, US & other global privacy regulations. Work experience in other Information Technology disciplines such as software development, help desk, networking, systems administration or similar in conjunction with professional certifications such as CASP+, CISSP Associate, or AWS Associate Level Certifications. Intermediate level of knowledge in at least one scripting or software development language such as PowerShell, Bash, Java, or Python. Good written and oral communication skills, deductive reasoning, and analytical investigative skills. Good interpersonal skills to facilitate positive relations between business groups. Requires excellent verbal and written communication skills, as well as a knowledge of company's culture and values. Work Authorization: Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future, are not eligible for hire. No agency calls please. Compensation and Benefits: Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and much more. EOE Veterans/Disabilities

This role is primarily responsible for executing the tactical and strategic initiatives of the Information Security team to include programs such as risk and vulnerability management, incident response, security architecture, cloud security and third-party vendor management. Work is typically assigned by the Information Security Manager, although the Information Security Analyst is expected to operate with minimal oversight and be able to identify areas of opportunity to get involved with information security tasks and initiatives. The ideal candidate is comfortable working in a fast-paced environment, communicating to technical and non-technical staff, and capable of switching between tasks as situations and criticality arise and be passionate about learning and continuous education. ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned. Execute on security strategy as defined by the Information Security Manager. Participation in the Firm's Vulnerability Management Program, working with cross-functional teams to identify, manage and mitigate security vulnerabilities across the Firm. Assist with the administration of the Firm's Vendor Risk Management process, including analyzing and responding to third-party risk assessments. Monitor and respond to information security alerts and notifications (IDS/IPS, SIEM, AV/EDR, etc.). Design, review and administer Azure cloud security controls and architecture, including auditing Azure cloud environments. Utilize scripting languages such as PowerShell and Python to automate tasks and improve security operations. Collaborate and advise on IT projects to ensure security issues are addressed throughout the project life cycle. Assist other IT teams in developing and employing security solutions across various applications and product platforms. Administer and utilize various endpoint and network security tools, such as CrowdStrike, SIEM tools, Fortinet or other comparable advanced detection and response tools. Administer and utilize vulnerability scanning, packet analysis and exploitation tools such as Nessus, nmap, Wireshark, tcpdump, Metasploit or similar technologies. Design, review and aid with implementation of secure networks and system architecture (ex. network topology reviews, firewall ruleset reviews, minimum security baselines, etc.). Apply appropriate controls referenced in various security frameworks and standards, such as the NIST CSF 2.0 Framework, NIST 800-53, CIS Controls, etc. Monitor and secure Microsoft client and server systems, along with Fortinet and Cisco (or comparable) network devices. Assist with the management and maintenance of user security policy education, training and awareness programs. Conduct security research to stay abreast of latest security issues, including laws and regulations which may affect the Firm. Other duties as requested and assigned. QUALIFICATION REQUIREMENTS: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. EDUCATION/EXPERIENCE: Bachelor's Degree in Computer Science, Management Information Systems or related field with a minimum of 5-7 years of experience in Information Technology, or equivalent combination of education and experience. This must include 3-5 years of experience in Information Security with two or more of the following domains: Windows Systems Administration, UNIX/Linux Systems Administration, Networking, Access Control, Incident Response, and Information & Data Security. Preferred Certifications: Certified Information Systems Security Professional (CISSP) GIAC GSEC, GCIH, GCIA, GCWN, or equivalent certification CompTIA Security+, CySA+, Network+, CASP or equivalent certification Microsoft Azure Security Certifications (i.e. AZ-500, SC-100 to SC-400) TECHNICAL SKILLS: Demonstrated proficiency in Microsoft Office Suite including Word, Outlook, Excel, and PowerPoint. Proven aptitude to learn new software applications. LANGUAGE SKILLS: Very strong communication skills, both written and oral. Excellent interpersonal communication skills necessary to maintain effective relationships with staff, trusted third-party partners, attorneys and clients. Establish credibility with staff and attorney base through quality work and communications that bring to bear the right mix of confidence, tact, persistence and reliability. Written communications must be concise, professional and accurate. MATHEMATICAL SKILLS: Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals. REASONING ABILITY: Ability to apply common sense understanding to carry out instructions furnished in written, oral, or diagram form. Ability to deal with problems involving several concrete variables in standardized situations. Ability to define problems, collect data, establish facts and draw valid conclusions. Ability to interpret an extensive variety of instructions and deal with several abstract and concrete variables. Exhibit independent thinking and decision making. Ability to interpret an extensive variety of instructions in mathematical or diagram form and deal with several abstract and concrete variables. Ability to think strategically, develop tactics and execute pragmatically. OTHER SKILLS and ABILITIES: Excellent organizational and planning skills with ability to prioritize multiple tasks and projects to meet deadlines. Ability to work under pressure in a fast-paced environment with demanding individuals. Strong analytical and organizational skills with a tolerance for uncertainty and an ability to prioritize and complete simultaneous projects with minimal supervision. Outstanding creativity; flexibility and persistence; motivation and energy with the ability to work with little supervision and collaborate with other members of the team. Ability to work overtime when needed. Work occasionally requires more than 40 hours per week to perform the essential duties of the position. A tolerance for uncertainty and an ability to prioritize and complete simultaneous projects with minimal supervision. Thorough understanding of technologies that can be applied to firm operations and enhance working efficiency. Ability to exercise discretion with confidential and sensitive information. PHYSICAL DEMANDS: The physical demands described here are representative of those that should be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle, or feel objects, documents, books, pen/pencil, paper, controls and manipulate a keyboard, and input data into a PC; and talk or hear. The employee is frequently required to walk. The employee is occasionally required to use hands to prepare correspondence and reports on a personal computer. The employee is occasionally required to stand and reach with hands and arms. And stoop, kneel, bend, crouch or crawl. Ability to operate a variety of standard office equipment including a computer, copy and facsimile machines. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception and the ability to adjust focus. WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderate. The salary offered in any location will be determined by a wide range of factors, including, but not limited to, experience level, education/training, geographic region, and relevant skills. Associates also participate in a performance- and hours-based bonus program. The expected annual salary for this position ranges from $100,000- $115,000 Baker & Hostetler LLP is an Equal Opportunity Employer. #LI-Remote

Required Travel: 0 - 10% Employment Type: Full Time/Salaried/Exempt Anticipated Salary Range: $72,181.00 - $100,000.00 Security Clearance: TS/SCI Level of Experience: Mid This opportunity resides with Warfare Systems (WS), a business group within HII's Mission Technologies division. Warfare Systems comprises cyber and mission IT; electronic warfare; and C5ISR systems. HII works within our nation's intelligence and cyber operations communities to defend our interests in cyberspace and anticipate emerging threats. Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware development uniquely enable us to support sensitive missions for the U.S. military and federal agency partners. Meet HII's Mission Technologies Division Our team of more than 7,000 professionals worldwide delivers all-domain expertise and advanced technologies in service of mission partners across the globe. Mission Technologies is leading the next evolution of national defense - the data evolution - by accelerating a breadth of national security solutions for government and commercial customers. Our capabilities range from C5ISR, AI and Big Data, cyber operations and synthetic training environments to fleet sustainment, environmental remediation and the largest family of unmanned underwater vehicles in every class. Find the role that's right for you. Apply today. We look forward to meeting you. To learn more about Mission Technologies, click here for a short video: *************************** Job Description As the Information Systems Security Officer (ISSO) the individual works closely with the Information Systems Security Manager (ISSM) proposing, coordinating, implementing and enforcing information system security policies, standards and methodologies. Implementing operating systems and network devices security configuration in accordance with approved Security Technical Implementation Guides (STIGs). Collaborate with team members to define and implement cybersecurity requirements for managed systems and software. Conduct security assessments of Risk Management Framework (RMF) controls implemented for assigned systems. Identify corrective actions and mitigation strategies to achieve and sustain RMF compliance. Job Duties Include: Performing vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP). Performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems. Essential Job Responsibilities Assist with all activities associated with the assessment and authorization (A&A) of all hosted computing environments. Perform cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity testing and evaluation and to assist the ISSM with the final approval for Authority to Operate (ATO) and/or Authority to Connect (ATC). Interface with end users to discuss IT, data management and collaboration tools understanding and benefits. Ensures software, hardware and firmware complies with appropriate security configuration guidelines. Coordinates changes or modifications with the ISSM and SCAR/SCA. Initiates protective or corrective measures, in coordination with the ISSM. Reports security incidents or vulnerabilities to the ISSM. Minimum Qualifications + 2 years relevant experience with Bachelors in related field; 0 years experience with Masters in related field; or High School Diploma or equivalent and 6 years relevant experience. + Experience planning and implementing network layouts of varying classifications in SCIF/SAPF spaces. + Ability to coordinate and plan IT requirements across several Enterprise, MAJCOM, and agency partners. + Familiarity with ICD/ICS 705 Standards as they pertain to networks. + DoD 8570 (Sec+ or applicable) IAT level II cert required + Active TS/SCI clearance with ability to gain SAP/SAR Preferred Requirements Experience working as a COMSEC responsible Officer or familiarity handling and safeguarding COMSEC Physical Requirements May require working in an office or laboratory environment. Capable of climbing ladders and tolerating confined spaces and extreme temperature variances. The listed salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, HII's Mission Technologies division takes a variety of factors into consideration which include, but are not limited to, the role's function and a candidate's education or training, work experience, and key skills. Together we are working to ensure a future where everyone can be free and thrive. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to ************************** and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call ************** for assistance. Press #3 for HII Mission Technologies.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Mainframe Security EngineerRemote - United StatesJR012476 **Requirements:** + U.S. Citizenship is required. + Must pass a Federal Background Check. **Key Responsibilities:** + Administer security for RACF, ACF2, and Top Secret logon IDs, datasets, and resource rules. + Provision user access in response to ServiceNow tickets within defined SLAs. + Monitor system security policies and investigate violations/incidents. + Perform and review daily, weekly, and monthly audit reports. + Liaise with business units and technical support teams. + Prepare ad hoc reports and deliver presentations for customer support. + Ensure adherence to security standards across the environment. + Provide 24×7 on-call support as required. + Utilize Vanguard and/or IBM zSecure security products. + iSeries security knowledge is a plus. + Manage and lead large projects or tasks as needed. + Project management skills are highly desired. **Technical Skills:** + Proficient in TSO, JCL, IBM Utilities, JES2, and ISPF. + Experience with REXX or other programming languages is desired. + CICS security administration experience preferred. + Experience with Vanguard and/or IBM zSecure security products is desired. + Familiarity with IAM (Identity Access Management), MFA (Multi-Factor Authentication), and PAM (Privileged Access Management) is desired. + Strong PC skills, including Microsoft Outlook, Word, Excel, and PowerPoint. **General Knowledge:** + z/OS experience is highly desired. + Knowledge of other mainframe security products is a plus. **Personal Skills:** + Strong written and verbal communication skills. + Excellent organizational skills with the ability to manage multiple concurrent projects and work as part of a global team. + Ability to work independently and take initiative. + Strong analytical and problem-solving skills. + Effective team player who can work independently in a fast-paced environment. + Self-starter, detail-oriented, and able to multitask. **Education & Certifications:** + Bachelor's or Master's degree preferred. + CISSP, CISA, CISM, or ITIL certification is a plus. **Why Ensono?** Ensono is a place to make better happen - for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices. Some of our benefits include: + Unlimited Paid Days Off + Three health plan options through Blue Cross Blue Shield + 401k with company match + Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts + Paid Maternity Leave, Paternity Leave, and Sabbatical Leave + Education Reimbursement, Student Loan Assistance or 529 College Funding + Enhanced fertility coverage + Wellness program + Depending on location, ability to take Flexible work schedule + Advantage of fitness centers As of the date of this posting, a good faith estimate of the current pay scale for this role is **$90,000 to $135,000** annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program. Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP's pay transparency policy can be found on OFCCP's website (*********************************************************************************************** . If you need accommodation at any point during the application or interview process, please let your recruiter know or email ****************************** . JR012476

Information Technology Manager 1 - Security & Compliance Manager- 20078290 (250008DD) Organization: CommerceAgency Contact Name and Information: ************************ or **************Unposting Date: OngoingPrimary Location: United States of America-OHIO-Franklin County-Columbus Compensation: Pay range 16, step 1 $47.50/hr.Schedule: Full-time Work Hours: 8:00 am - 5:00 pm (Hours subject to change) Classified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: Information TechnologyTechnical Skills: Risk Management, CybersecurityProfessional Skills: Analyzation, Collaboration, Consultation, InnovationPrimary Technology: Security Monitoring Agency Overview This is a re-post. If you applied to posting 250006TA, you do not need to re-apply to be considered. The Mission of the Ohio Department of Commerce is promoting prosperity by protecting what matters most. The Division of Administration provides overall leadership and administrative support for all Divisions. The Division includes the Office of Director, Communications, Fiscal, Human Resources, IT, Legal and Legislative Affairs. As the state's chief regulator, the Department of Commerce impacts Ohioans every day. We are motivated by our mission to promote prosperity for businesses and licensees by protecting what matters most to the residents of our state. We ensure compliance through proactive outreach, education, and customer-focused service.Commerce is comprised of eight operating divisions and one standalone program that span a variety of industries including real estate, liquor, banking, securities, firefighting, construction and skilled trades, and cannabis. Through exceptional compliance practices and oversight, Commerce has a direct role in protecting Ohioans.Our Guiding PrinciplesMaking an IMPACT for the customer:InclusiveMotivatedProactiveAccountableCustomer-FocusedTeamwork Job DescriptionThe IT Security Manager will serve in a management role with technical capabilities and strategic planning oversight; responsible for overseeing and managing security programs, projects, personnel, logical/technical administration, and security acquisitions. Our preferred candidate possesses the ability and experience to focus on reducing security risks throughout the infrastructure to an acceptable level, in alignment with the organizations business needs and requirements. They will be capable of identifying, establishing, and adhering to tactical plans for achieving set goals within a dynamic fast-paced environment. Duties include but are not limited to: Lead the team responsible for security assessments, developing risk-based solutions and controls frameworks. Serve as the subject matter expert for control validation in the Security team. Create/Update/Maintain IT Security Guidelines and Standards. Develop System Policies and establish system standards. Communicate security controls and remediate any concerns. Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations. Conduct, document, and report on internal and third-party risk program. Collaborate with the DAS OISP team to ensure successful delivery of security & business objectives. Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements. Be a highly analytical and effective communicator capable of influencing other teams and departments. Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.Qualifications8 1/2 years (102 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting; 18 months exp. in performing project management functions as defined in series purpose. -Or completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; additional 6 1/2 years (78 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting.; 18 mos. exp. in performing project management functions as defined in series purpose. -Or 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. Or in offices of statewide information technology policy & planning, positions require completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; 3 yrs. exp. in utilizing word processing software; 3 yrs. exp. in utilizing internet browser(s) for research; 54 mos. exp. which included following: knowledge of information technology architecture components, developing information technology strategic plans, preparing & making presentations/public speaking, writing information technology related policy & procedures, preparing & monitoring budget, providing cost & resources estimates, & contract management; 2 yrs. exp. in utilizing e-mail system; 18 mos. exp. in project management or lead role on information technology project;12 mos. exp. in utilizing spreadsheet software; 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. -Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skills: Information TechnologySupplemental InformationApplications must clearly indicate how the applicant meets the minimum qualification for the position. If you meet minimum qualification due to educational achievement, please submit a copy of your unofficial transcript(s) with your application. All answers to the supplemental questions must be supported by information provided in the work experience &/or education sections on your civil service application. Please do not use “see resume” as a substitution for the completed application; assumptions will not be made. Application Status: You can check the status of your application online by signing into your profile. Careers to which you've applied will be listed. The application status is shown to the right of the position title and application submission details. The final candidate selected for this position will be required to undergo a criminal background check as well as other investigative reviews. Criminal convictions do not necessarily preclude an applicant from consideration for a position, unless restricted under state or federal law or federal restrictions. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration.All final applicants tentatively selected for this position will be required to submit to urinalysis to test for illegal drug use prior to appointments. Testing will also be performed for the presence of marijuana. An applicant with a positive test shall not be offered employment unless the applicant submits medical documentation of legally prescribed medications or a recommendation for medical marijuana. Also, an applicant with a positive test will not be considered for any position with the State of Ohio for a period of one year.ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.

Full-time Description LOCATED IN AURORA, OHIO*** About Us: LayerZero Power Systems Inc. is a globally recognized leader in providing state-of-the-art power distribution solutions for critical industries. With a strong focus on reliability, innovation, and customer satisfaction, we deliver advanced power systems products that ensure uninterrupted and dependable power supply in mission-critical environments. Our customer base is comprised of companies in the transaction processing, financial, computer service provision and semiconductor manufacturing sectors. LayerZero Power Systems is on a trajectory of sustained growth, with a loyal customer base of existing Fortune 100 customers and an expanding portfolio of new customers. Position Description: Senior Security Analyst Responsible for monitoring, analyzing, and responding to security events across LayerZero's IT environment. This role requires a proactive professional with strong technical skills who can identify risks, investigate incidents, and support the implementation of security controls and best practices. Primary Duties: • Monitoring & Incident Response • Monitor security alerts, logs, and dashboards for potential threats. • Investigate and respond to security incidents, escalating as needed. • Perform root cause analysis and recommend corrective actions. • Risk Management & Compliance • Assist with vulnerability assessments, penetration testing, and remediation efforts. • Support compliance initiatives and audits (e.g., ISO, NIST, SOC). • Maintain documentation of policies, procedures, and incident reports. • Security Operations • Manage endpoint protection, firewalls, intrusion detection/prevention systems, and SIEM tools. • Ensure timely patching and updates across systems. • Collaborate with IT teams to enforce access controls and data protection practices. • Continuous Improvement • Stay current on emerging threats, tools, and best practices. • Recommend improvements to security architecture and processes. • Provide training and awareness to employees on cybersecurity practices. Requirements Skills & Experience • Familiarity with SIEM platforms, firewalls, IDS/IPS, and endpoint protection tools. • Knowledge of security frameworks (NIST, ISO, CIS). • Strong analytical and problem-solving skills. • Excellent communication and documentation abilities. Education: • Bachelor's degree in Information Security, Computer Science, or related field (preferred). • 2-4 years of experience in IT security or systems administration. What We Offer: Competitive pay with performance incentives 100% company-paid medical, dental, and vision 401(k) with company match 3 weeks PTO, 8 paid holidays, and 2 floating holidays Why You Will Love Working with Us: Impact: Develop your skills and expertise in a rapidly growing industry, with your work directly influencing the success of mission-critical projects. Innovation: Immerse yourself in an environment that celebrates forward-thinking and continuous improvement. Collaborative spirit: Work closely with engineers, marketers, and other professionals to bring ideas to life. Grow with us: We are committed to your personal and professional development, offering endless opportunities to improve your skills and advance your career. At LayerZero, we are proud to be an Equal Opportunity Employer. We welcome and celebrate diversity, and we are committed to creating an inclusive environment for all employees. Salary Description $85k-115k Annually based on Skills & Experience

Cintas is currently looking for an Information Security GRC Analyst II for the Compliance team within the IT Security GRC (Governance, Risk, Compliance) organization. The IT GRC Analyst II is responsible for: supporting Cintas IT Governance, Risk and Compliance (GRC) operations; identifying, recommending, driving and implementing improvements; supporting the organization and retention of evidential documentation for Policy and regulatory compliance and assessment of levels of risk; responsible for security procedures documentation, controls execution, monitoring, and reporting; coordinating and owning key GRC practices; participating in annual budgeting and planning processes related to Cintas IT GRC. The role will have a heavy involvement with assessing, designing, and implementing controls compliant with PCI DSS requirements. **This position is required to be on-site at the Cintas corporate headquarters in Mason, OH.** **Skills/Qualifications** **Required:** + H.S. Diploma/GED required; bachelor's degree in an appropriate discipline or its equivalent in related work experience preferred + Minimum 4 years of experience in Information Technology + Minimum 3 years of experience in IT Governance, Risk and/or Compliance + Minimum 2 years of experience with PCI DSS **Preferred** **:** + Familiarity with SOX, NIST or other cybersecurity, compliance, and risk frameworks Benefits Cintas offers comprehensive and competitive medical, dental and vision benefits, with premiums below the national average. We offer flexibility with four different medical plan options; one plan is offered at zero cost. Additionally, our employee-partners enjoy: - Competitive Pay - 401(k) with Company Match/Profit Sharing/Employee Stock Ownership Plan (ESOP) - Disability, Life and AD&D Insurance, 100% Company Paid - Paid Time Off and Holidays - Skills Development, Training and Career Advancement Opportunities Company Information Cintas Corporation helps more than one million businesses of all types and sizes get Ready to open their doors with confidence every day by providing products and services that help keep their customers' facilities and employees clean, safe, and looking their best. With offerings including uniforms, mats, mops, towels, restroom supplies, workplace water services, first aid and safety products, eye-wash stations, safety training, fire extinguishers, sprinkler systems and alarm service, Cintas helps customers get Ready for the Workday . Headquartered in the U.S., Cincinnati, OH, Cintas is a publicly held Fortune 500 company traded over the Nasdaq Global Select Market under the symbol CTAS and is a component of both the Standard & Poor's 500 Index and Nasdaq-100 Index. Cintas Corporation is proud to be an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, age, genetic information, disability, protected veteran status, or any other characteristic or category protected by local, state, or federal law. This job posting will remain open for at least five (5) days. **Job Category:** Information Technology **Organization:** Corporate **Employee Status:** Regular **Schedule:** Full Time **Shift:** 1st Shift

WhiteDog is seeking an Information Security Analyst to join our Security Operations Center team. The Analyst will help coordinate and report on cyber incidents impacting SOC-as-a-Service customers. This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work. Onsite Location: Cincinnati, OH (no remote available) Employment Type: Full-Time, hourly Compensation: $22-$28/hour Key Responsibilities: Responsible for working in a 24x7 Security Operation Center (SOC) in person. (Hours - 7:00pm-7:00am PST) Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident. Provide threat and vulnerability analysis as well as security advisory services. Analyze and respond to previously undisclosed software and hardware vulnerabilities. Investigate, document, and report on information security issues and emerging trends. Integrate and share information with other analysts and other teams. Ability to work and be available for on-call activities Other duties as assigned. Experience and Skills: Experience in security device management and SIEM. Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc. Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix. Knowledge of applications, databases, middleware to address security threats against the same. Knowledge of various security methodologies and processes, and technical security solutions (firewall and intrusion detection systems). Knowledge of TCP/IP Protocols, network analysis, and network/security applications. Knowledge of common Internet protocols and applications. Ability to multi-task, prioritize, and manage time effectively. Strong attention to detail. Excellent interpersonal skills and professional demeanor. Excellent verbal and written communication skills. Excellent customer service skills. Proficient in Microsoft Office Applications. Qualifications: The successful candidate will possess the personality traits, work habits, communication, and social skills necessary to work effectively within a dynamic and highly operational environment. This person will have exemplary personal and professional integrity and demonstrate strong interpersonal skills. In addition, the qualified candidate will have a strong desire to succeed in a nationally and internationally recognized operational environment. Bachelor's or Master's degree in a related field or equivalent demonstrated experience and knowledge. You must be a US Citizen 1-3 years' experience as a Security/Network Administrator or equivalent knowledge. Security Essentials Certification (GSEC) Certified Intrusion Analyst (GCIA) Certified Incident Handler (GCIH) Certified Ethical Hacker (CEH) Certified Penetration Tester (CWAPT) CompTIA Network+ CompTIA Security+ Benefits: WhiteDog offers a competitive compensation plan with great earning potential. Our benefits include medical coverage, dental coverage, disability, life insurance, 401K and an amazing work environment! We are an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, ethnicity, religious affiliation, gender, gender identity or expression, sexual orientation, national origin, or disability status. EOE AA M/ F/Vet/Disabled

Versiti is a fusion of donors, scientific curiosity, and precision medicine that recognize the gifts of blood and life are precious. We are home to the world-renowned Blood Research Institute, we enable life saving gifts from our donors, and provide the science behind the medicine through our diagnostic laboratories. Versiti brings together outstanding minds with unparalleled experience in transfusion medicine, transplantation, stem cells and cellular therapies, oncology and genomics, diagnostic lab services, and medical and scientific expertise. This combination of skill and knowledge results in improved patient outcomes, higher quality services and reduced cost of care for hospitals, blood centers, hospital systems, research and educational institutions, and other health care providers. At Versiti, we are passionate about improving the lives of patients and helping our healthcare partners thrive. Position Summary The Infrastructure Security Analyst will play a critical role in ensuring the security and integrity of our IT systems and networks. This position involves a balanced focus on IT Systems and Network Support and Cybersecurity with a concentration on Vulnerability Management. The ideal candidate will possess both technical expertise and strong analytical skills to identify, mitigate, and manage vulnerabilities while supporting the overall IT infrastructure. The candidate will thrive in a dynamic, team-oriented environment, where knowledge sharing, and continuous learning are encouraged. As an integral part of our collaborative team, the Infrastructure Security Analyst will work closely with various IT departments, including network operations, system administration, and application development. This role includes direct collaboration with the Senior Cybersecurity Engineer to ensure thorough analysis, identification, and mitigation of infrastructure vulnerabilities. Together, the team will address evolving cyber threats, communicate complex security concepts to stakeholders across all levels, and promote an organization-wide security culture while supporting Versiti's business and operational goals. This position values teamwork, encouraging information sharing and joint problem-solving to fortify the organization's defenses. This role is essential in building a resilient IT infrastructure that can adapt to evolving threats while supporting the organization's business objectives. Total Rewards Package Benefits Versiti provides a comprehensive benefits package based on your job classification. Full-time regular employees are eligible for Medical, Dental, and Vision Plans, Paid Time Off (PTO) and Holidays, Short- and Long-term disability, life insurance, 7% match dollar for dollar 401(k), voluntary programs, discount programs, others. Responsibilities Provide technical support for IT infrastructure, including servers, networks, and cloud services. Monitor system performance, troubleshoot issues, and perform regular maintenance on IT systems and document system configurations, changes, and procedures for future reference and compliance audits. Collaborate with IT teams to implement and maintain secure network configurations and ensure compliance with organizational policies while assisting in the deployment and configuration of hardware and software as needed. Respond to and resolve service requests and incidents in a timely manner. Conduct regular vulnerability assessments and penetration testing to identify security weaknesses within IT systems and networks and collaborate with IT teams to develop and implement mitigation strategies for identified vulnerabilities. Analyze vulnerability scan reports and prioritize remediation efforts based on risk assessment and monitor security alerts and incidents, responding to security breaches or threats as necessary. Maintain up-to-date knowledge of the latest cybersecurity threats, vulnerabilities, and trends. Utilize threat intelligence feeds and monitoring tools to proactively identify and mitigate potential security threats. Provide recommendations for security improvements and help implement new security controls. Performs other duties as required or assigned which are reasonably within the scope of the duties in this job classification Understands and performs in accordance with all applicable regulatory and compliance requirements Complies with all standard operating policies and procedures Qualifications Education Bachelor's Degree Computer Science, Information Technology, Cybersecurity, or a related field preferred Experience 4-6 years Demonstrated experience installing, managing and troubleshooting Linux and/or Microsoft Server environments. required 4-6 years Experience with Enterprise Data Center Server and Network environments. required 4-6 years Experience in conducting vulnerability assessments and penetration testing. required Demonstrated experience with VMware Server and storage management. preferred Knowledge, Skills and Abilities Understanding of patch management processes and tools required Knowledge of common security frameworks (e.g., NIST, ISO 27001, CIS Controls) required Strong analytical and problem-solving skills. required Excellent communication skills, both verbal and written, with the ability to explain technical concepts to non-technical stakeholders. required Strong attention to detail and ability to work independently as well as part of a team. required Experience with ticketing systems and IT service management processes. required Familiarity with scripting languages (e.g., PowerShell, Python). preferred Licenses and Certifications Certified Ethical Hacker (CEH) desired CISSP Certified Information Systems Security Professional desired Microsoft Certified Systems Engineer (MCSE) preferred Microsoft Certified Systems Administrator (MCSA) preferred CompTIA Network+ Certification preferred CompTIA Security+ Certification preferred Tools and Technology Proficiency in network protocols, firewalls, VPNs, and security appliances. required Knowledge of operating systems (Windows, Linux) and cloud environments (AWS, Azure). required Experience with vulnerability assessment tools (e.g., Nessus, Qualys, Rapid7). preferred Experience with container technologies (e.g., Docker, Kubernetes) preferred Familiarity with threat intelligence and incident response processes. preferred #LI-EH1 #LI-Hybrid Not ready to apply? Connect with us for general consideration.

JobID: 210683473 JobSchedule: Full time JobShift: : As a Cloud Security Engineer at JPMorgan Chase within the Cybersecurity & Technology Controls (CTC) group, your primary responsibility will be to ensure that Public Cloud is adopted in a secure and compliant manner. You will play an important role in identifying and managing risk related issues and actions with respective technology. You will have an eye for detail and an ability to see the big picture across security issues. Job responsibilities * Lead the execution and continuous improvement of information risk and control strategies to secure public cloud assets. * Conduct and oversee risk-based assessments of technology controls for cloud services, platforms, and architecture. * Advise and guide business technology teams on firm control requirements and best practices across diverse cloud architectures. * Review and provide feedback on infrastructure-as-code for cloud platform development, ensuring alignment with security standards. * Develop and maintain documentation, and contribute to agile processes supporting security initiatives. * Collaborate with CTC teams to ensure seamless integration with security operations, threat intelligence, IAM, and network security. * Mentor junior engineers and contribute to knowledge sharing within the team. Required qualifications, capabilities, and skills * Formal training or certification on security engineering concepts and 5+ years applied experience. * Strong analytical, problem-solving, and communication skills. * Experience planning, designing, building and implementing enterprise level security engineering products and solutions in a public cloud environment (i.e. AWS, GCP, Azure) * Experience working in cross-functional teams and managing multiple priorities. Preferred qualifications, capabilities, and skills * Advanced understanding of public cloud security concepts and technologies. * Hands-on experience with cloud engineering, architecture, and infrastructure-as-code (Terraform, etc.). * Familiarity with DevOps, CI/CD, and agile methodologies. * Experience mentoring or training junior staff.

Job Title: Security Engineer - Cloud & Endpoint Security Pay Rate: $50/hr - $85/hr Duration: 2/10/2025 - 12/31/2025 (Temp-to-Hire) Contract Type: W2 (must be authorized to work in the US; no sponsorships or C2C) Job Overview Our Cloud and Endpoint Security team is looking for a Security Engineer to drive the deployment and management of an allowlisting/reverse proxy solution (Airlock). This engineer will collaborate with cross-functional teams to ensure integration with existing infrastructure, refine security policies, and contribute to the enhancement of the organization's cybersecurity posture. The role involves hands-on configuration, monitoring, and ongoing maintenance of security solutions, while remaining adaptable to changing threats and technologies. Key Responsibilities Allowlisting & Reverse Proxy Deployment: Lead the deployment and configuration of Airlock, ensuring seamless integration with current systems and networks. Policy Development: Define and implement allowlisting policies to enhance application security, access control, and threat detection. Incident Response Collaboration: Work closely with the incident response team to optimize alerting and logging capabilities, ensuring swift detection and remediation of potential security incidents. Security Strategy & Best Practices: Assist in shaping the broader cybersecurity strategy, aligning it with business objectives and recognized frameworks (e.g., NIST, MITRE, ISO 27001). Automation & Reporting: Identify opportunities to automate configurations, streamline reporting processes, and enhance visibility into system performance. Monitoring & Analysis: Track solution performance and review security logs for emerging threats or anomalies; implement proactive measures where necessary. Research & Continuous Improvement: Stay informed about the latest cybersecurity threats and trends, applying relevant findings to enhance Airlock's configurations. Documentation & Maintenance: Support the development of incident response plans, secure access protocols, and maintain thorough documentation of all configurations and processes. Qualifications Minimum Requirements Bachelor's Degree in a related field or equivalent work experience. 3+ years of experience in cybersecurity, IT, or related roles. 1+ years of hands-on experience deploying or managing application allowlisting or reverse proxy solutions. 1+ years of experience with security frameworks (e.g., NIST, MITRE, ISO 27001). Proficiency with Windows and Linux environments, including command-line configurations. Preferred Skills Experience using Airlock or similar allowlisting tools. Familiarity with scripting/automation (Python, PowerShell, Bash) for configuration and reporting. Industry certifications (e.g., Sec+, CCSP, GIAC). Strong analytical and problem-solving abilities, especially in process development and root cause analysis. Additional Information Temp-to-Hire: This is a W2 contract position with potential to convert to a full-time role, contingent on performance and business needs. Work Arrangements: Local candidates are preferred; remote candidates will be considered if necessary. Team Environment: The Cloud & Endpoint Security team collaborates with multiple departments, playing a crucial part in establishing security best practices and ensuring incident response readiness.

We are hiring a full-time Cybersecurity Engineer who is technical, dedicated to learning new things, security-minded, has strong initiative, and is able to manage projects autonomously. The Information Security team defends the company's digital infrastructure by designing, implementing, and improving the company's cybersecurity architecture. This is a critical role responsible for protecting infrastructure, cloud, edge devices, and data against unauthorized use, modification, exfiltration, or damage. If you're excited to be part of a fast-growing team, then Medpace is a great place to grow your career. Responsibilities * Engineer security solutions without oversight while collaborating with multiple internal departments and vendors; * Analyze security systems and drive continuous improvements; * Research vulnerabilities, perform vulnerability scanning and remediate threats; * Mature security best practices and policies internal to the organization; * Develop new processes while cross-training coworkers and assisting employees on security-related matters; * Provide security awareness training and testing for employees to verify proper security protocols are being adhered to; * Performing cyber security incident triage, reviewing logs, and performing remediation activities; and; * Review and reduce inappropriate/overprovisioned access to drive least privileged access. Qualifications * Minimum of bachelor's degree, preferably in Cybersecurity or Information Technology; * 3 years of experience in implementing, sustaining, and supporting Information Security solutions; * Understanding of security best practices and how to implement them within an enterprise environment; * Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following areas: * Zero Trust networking and network segmentation * Networking protocol analysis and forensics * Firewall configuration, Intrusions Detection and Prevention Systems (IDS/IPS) * Configuring Azure network architecture, working with Azure policies and Defender for Cloud Nice to have: * Experience with vulnerability assessment tools such as Nessus and Tenable; * Experience with enterprise web proxy solutions, web filters, and VPN such as Zscaler; * Experience with governing Windows environment including GPO; * Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPPA, and/or SOC2; and * Auditing and policy-writing experience. Medpace Overview Medpace is a full-service clinical contract research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 5,000 people across 40+ countries. Why Medpace? People. Purpose. Passion. Make a Difference Tomorrow. Join Us Today. The work we've done over the past 30+ years has positively impacted the lives of countless patients and families who face hundreds of diseases across all key therapeutic areas. The work we do today will improve the lives of people living with illness and disease in the future. Cincinnati Perks * Cincinnati Campus Overview * Flexible work environment * Competitive PTO packages, starting at 20+ days * Competitive compensation and benefits package * Company-sponsored employee appreciation events * Employee health and wellness initiatives * Community involvement with local nonprofit organizations * Discounts on local sports games, fitness gyms and attractions * Modern, ecofriendly campus with an on-site fitness center * Structured career paths with opportunities for professional growth * Discounted tuition for UC online programs Awards * Named a Top Workplace in 2024 by The Cincinnati Enquirer * Recognized by Forbes as one of America's Most Successful Midsize Companies in 2021, 2022, 2023 and 2024 * Continually recognized with CRO Leadership Awards from Life Science Leader magazine based on expertise, quality, capabilities, reliability, and compatibility What to Expect Next A Medpace team member will review your qualifications and, if interested, you will be contacted with details for next steps.

Sonsoft , Inc. is a USA based corporation duly organized under the laws of the Commonwealth of Georgia. Sonsoft Inc. is growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services. Job Description Wants: Ø In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls Ø Knowledge of an experience in developing and documenting security controls and test plans/scripts. Ø Experience with SOX 404, HIPPA, GLBA, PCI, foreign and domestic privacy laws. Ø Experience with common Information security management frameworks, such as [International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) frameworks. Ø Knowledge of the fundamentals of project management In-depth knowledge of risk assessment methods and technologies. Ø Proficiency in performing risk, business impact, control and vulnerability assessments. Ø Strong understanding of business applications, including ERP and financial systems, Excellent technical knowledge of mainstream operating systems [for example, Microsoft Windows and Oracle Solaris) and a wide range of security technologies, such as network security appliances, identity end access management (IAM) system, anti-malware solutions, automated policy compliance tools, and desktop security tools. Ø Knowledge of network infrastructure. including routers. switches. Ø firewalls, and the associated network protocols and concepts. Ø Experience In developing, documenting and maintaining security policies, processes, procedures and standards. Ø Audit, compliance or governance experience is required. Musts: Ø Bachelor's degree in Information Systems or equivalent work experience in IS auditing, governance, compliance. Business Experience: Ø 3 to 5 years of combined IT and security work experience with a broad range of exposure to systems analysis, applications development, database design and administration; one to two years of experience with information security. Daily Tasks Performed: Ø Developing a single control framework to streamline the audit process into a Singular audit. Ø Documenting controls and test procedures surrounding privacy and financial audit assessments Reforming independent assessments of various IT systems based on the newly defined control framework, Work with various business unit managers, application teams, and team managers to obtain testing evidence and execute lest scripts. Ø Formally document test results and communicate findings to management and auditee/group/team. Ø Assisting with remediation activities as identified within the assessment Actively reporting on progress and keeping management informed of the current status. Ø Review processes and Identify areas where efficiency can be gained. Ø Assist with risk mitigation strategies and framework development as needed. Ø Assist in other areas of the department and organization as needed based on management direction. Qualifications Description: Responsibilities Pivotal team member in developing a compliance framework including controls development, test scripts, conducting assessments, reporting evaluations performed, and providing metrics on the progress made Works with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments. Components of this activity include but are not limited to: Business system analysis Communication, facilitation and consensus building Assists in the coordination and completion of information security operations documentation Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse assets and noncompliance Plays an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned Collaborates on critical IT projects to ensure that security controls are implemented as planned Works with IT throughout the project life cycle as directed by management Works with IT department and members of the information security team to identify, select and implement technical controls Develops security processes and procedures, and supports service-level agreements (SLAB) to ensure that security controls are managed and maintained Address security administration on a normal and exception-based processing of security authorization requests Researches new compliance requirements, works with other team members to incorporate existing process to reduce risk exposure. Additional Information ** U.S. citizens and those authorized to work in the U.S. are encouraged to apply . We are unable to sponsor at this time. Note:- This is a FULL TIME job oppurtunity. Only US Citizen, Green Card Holder, GC-EAD, H4-EAD, L2-EAD, TN VIsa can apply. No OPT-EAD & H1-B for this position. Please mention your Visa Status in your email or resume.

Cloud Security Engineer - (23000FK6) Description The Cloud Security Engineer (CSE) should be hands-on in all aspects of Azure security including implementing security controls and threat protection, manage identity and access management, defining organizational structure and policies, using Azure technologies in order to provide data protection, configuring network security defenses, collecting and analyzing Azure logs, managing incident responses, and an understanding of regulatory concerns. As a Cloud Security Engineer you design and implement a secure end-to-end infrastructure on Azure in a hybrid cloud setup. Essential FunctionsMonitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns Maintain and improve the security posture of the Azure platform, identifying, and remediating vulnerabilities by using a variety of security tools. Provide cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. Implement and configure security controls and policies, manage access to data, and monitor threats to ensure that apps, containers, infrastructure, and networks are protected. Implementing threat protection and responding to security incident escalations. Automate security controls, data, and processes to provide better metrics and operational support using security-as-code. Configure access within a cloud solution environment using the defense-in-depth principle Configure network security including in a hybrid context with traditional network centric controls Ensure data protection Manage operations within a cloud solution environment such as operations tasks, using cloud native tools, like Log Analytics, Azure Monitor and Azure Security Center or other monitoring tooling. Support our cloud engineers to implement security best-practices and enable secure development and release processes. Deep understanding of configuring security policies and securing applications and data. Required For All JobsPerforms other duties as assigned. Complies with all policies and standards. For specific duties and responsibilities, refer to documentation provided by the department during orientation. Must abide by all requirements to safely and securely maintain Protected Health Information (PHI) for our patients. Annual training, the UH Code of Conduct and UH policies and procedures are in place to address appropriate use of PHI in the workplace. Qualifications QualificationsEducationBachelor's Degree in Information Technology, Computer Science, or a related field Required Work Experience5+ years IT security experience Required and 3+ years building and maintaining secure azure cloud solution and tools (Azure Monitor, Log Analytics, Azure Security Center) Required Knowledge, Skills, & Abilities Understand agile and DevOps concepts in a security context such as “trust but verify”, central vs decentral controls, make agile teams as autonomous as possible while ensuring the teams adhere to the NonFunctional-Requirements. A deep understanding of networking, e. g. IP subnetting, Network Security Groups, routing, Azure Firewall, ExpressRoute, load balancer, DNS. Strong familiarity with cloud capabilities and products and services for Azure, e. g. Azure Active Directory, Privileged Identity Management, VMs, Container Registry, Azure Kubernetes Services (AKS), Data Services, KeyVault. Have the intrinsic quality to want to continuously improve and do better Hands-on and can-do mentality Feeling of ownership Good communication and presentation skills Team player Able to express ideas effectively in individual and group situations. Able to execute a task in a good manner and with good results with limited supervision Strong skills in scripting and automation, Infrastructure-as-Code and using CI/CD concepts. Experience with pipeline tooling for automated deployments and applying security controls. Experience with Experience with infrastructure orchestration tools such as Terraform and other cloud-specific infrastructure automation tools (Azure Resource Manager, Google Cloud Deployment Manager) to automate the creation of staging, testing and production environments. Work experience from large, international companies and have dealt with or worked for global service providers. Licenses and CertificationsCertified Information System Security Professional (CISSP) Preferred Certified Ethical Hacker (CEH) Preferred Additional Licenses and Certifications Microsoft Azure Security related certifications Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Information Protection Administrator Associate, or Microsoft Certified: Security Operations Analyst Associate) Preferred Certified Cloud Security Professional (CCSP) Preferred Certificate of Cloud Security Knowledge (CCSK) Preferred Global Information Assurance Certification (GIAC) Preferred Physical DemandsStanding Occasionally Walking Occasionally Sitting Constantly Lifting Rarely 20 lbs Carrying Rarely 20 lbs Pushing Rarely 20 lbs Pulling Rarely 20 lbs Climbing Rarely 20 lbs Balancing Rarely Stooping Rarely Kneeling Rarely Crouching Rarely Crawling Rarely Reaching Rarely Handling Occasionally Grasping Occasionally Feeling Rarely Talking Constantly Hearing Constantly Repetitive Motions Frequently Eye/Hand/Foot Coordination Frequently Primary Location: United States-Ohio-Shaker_HeightsWork Locations: 3605 Warrensville Center Road 3605 Warrensville Center Road Shaker Heights 44122Job: Information TechnologyOrganization: UHHS_Information_TechnologySchedule: Full-time Employee Status: Regular - ShiftDaysJob Type: StandardJob Level: ProfessionalTravel: NoRemote Work: YesJob Posting: Nov 14, 2025, 1:58:20 PM