Information security analyst jobs in Joplin, MO - 386 jobs

Title: Sr Information Security Analyst Salary: $100K Job Summary: As a member of the Information Security team, responsibilities include manages and mitigates information security risk by identifying, evaluating, assessing, designing, monitoring, administering, reporting and implementing systems, policies and processes. Provides information security risk insight and guides management on information security risk issues and serves as advisor to peers, team members and management. Minimum Education: Bachelor's degree in Computer Science, MIS, Computer Engineering, Cyber Security or related discipline. Licensure, Registration and/or Certification: One or more of the following certifications are preferred: Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Auditor (CISA). Work Experience: 3 - 4 years related experience inclusive of two years working directly in an Information Services department and previous experience with HIPAA/PHI compliance programs, policies, procedures, risk assessments and audits. Knowledge, Skills and Abilities: In-depth knowledge of cyber security methodology and security practices. Knowledge of HIPAA, PCI, SOX, ISO and NIST cybersecurity frameworks. Knowledge of intrusion detection and intrusion prevention systems, penetration and vulnerability testing. Knowledge of data loss prevention, anti-virus and anti-malware software tools. Knowledge of computer networking, TCP/IP, routing and switching, network protocols and packet analysis tools. Knowledge of Windows, UNIX and Linux operating systems. Excellent problem solving and analytical skills. Excellent written and oral communication skills. Excellent organizational and interpersonal skills. Ability to work independently as well as in a team setting. Essential Functions and Responsibilities: Define, implement, and enforce information security policies, strategies, and procedures that align with healthcare laws and regulations, such as HIPAA. Conduct and/or support targeted risk assessment. Determine significant risk points and exercise process for risk assessment and risk acceptance. Review assessment results for vulnerabilities, gaps, control deficiencies, and work with key stakeholders to establish plans for sustainable resolution. Maintain an effective information security awareness program and educate internal teams on best practices. Ensures that business and clinical software applications include adequate information and security controls. Establish and maintain metrics based on the information security framework..

At Boeing, we innovate and collaborate to make the world a better place. We're committed to fostering an environment for every teammate that's welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us. This role is at Spirit AeroSystems, Inc., a wholly owned subsidiary of The Boeing Company, at Spirit's Defense Business Unit ("Spirit Defense"). Spirit Defense is an independent supplier to the defense and space marketplace. Through innovative engineering and rapid prototyping excellence, Spirit Defense provides the capabilities, technologies and support customers need to succeed in their missions. Key Accountabilities: Performs analysis to identify and evaluate the quality of non conformance notifications and to verify or validate compliance with Quality Management System requirements, applicable company procedures, contract requirements, or government regulations. Verify and take actions required to confirm customer contractual requirements are met for dispositioning and reviewing non conformances as a delegated member of the Material Review Board (MRB) such as requirements for corrective action, structurally and functionally Use as is dispositions, acceptable rework/repair, and suspected delivered discrepancies. Monitor/Audit MRB crib inventory records and ensure actions are taken by crib owners to ensure compliance. Monitor and maintain quality notification records to prevent aging. Required Qualifications: Candidates must be able to obtain and maintain a DoD security clearance 5 years experience in Quality Read/Write Airplane Coordinates Understand RCCA Production and assembly knowledge Can do Attitude Industry Experience HS Diploma or GED Preferred Qualifications: Successful candidates must be able to secure Program access approval Bachelor's Degree Auditing Skills Union: This is a union-represented position. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary Pay Range: $59,400 - $91,100 Kansas Tax Credit: Join Spirit AeroSystems' Kansas team and you may be eligible for a $5,000 state of Kansas Aviation tax credit for up to five years. Click here for more information on the tax credit. Security Clearance This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret Clearance Post-Start is required. Visa Sponsorship Employer will not sponsor applicants for employment visa status. Export Control Requirements: Export Control Requirements: This position must meet export control compliance requirements. To meet export control compliance requirements, a "U.S. Person" as defined by 22 C.F.R. §120.15 is required. "U.S. Person" includes U.S. Citizen, lawful permanent resident, refugee, or asylee. Equal Opportunity Employer Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. Read more Shows the full job description for sighted users Apply Now Save JobRemove Job

Oversees and coordinates all information security staff and activities to ensure the firm's overall information assets are adequately protected. Oversees the planning, coordinating and implementing of information security programs in order to maintain information integrity and protect against all cybersecurity threats. Interacts with other individuals in the firm in a problem-solving and team-building manner. Oversees, develops and maintains the Firm's ISO 27001 Program, and operation objectives. Manages the development and cost effective solutions to maintain the integrity of system information while allowing business operations to continue in the event of any type of business interruption. Assists in audits of the Information Security program as needed at the request of management. Uses leadership skills to train, motivate and direct assigned staff. Provides technical expertise in the selection, testing, implementation and deployment of information security systems. Provides technical guidance and direction in information security monitoring, assessment, auditing and testing. Defines, develops and implements the firm's Information Protection Program security policy. Works with the Director of Information Security and Risk Management to develop methods of improving department workflow, customer satisfaction and employee efficiency. Assists in determining department work procedures, plans, assigns and directs work as necessary. Monitors employee workflow and makes adjustments as necessary to ensure customers' needs are addressed in a timely and efficient manner. Monitors and audits analyst(s) work product, reviews and communicate results with employee and provides advice. Coordinates training of staff to ensure work meets/exceeds performance expectations within a reasonable time frame. Oversees department projects, ensuring that procedures are followed and objectives are accomplished according to schedule. Responsible for conducting, coordinating, testing, implementing, deploying, and operational maintenance of all information security systems, applications, appliances and devices throughout the firm. Responsible for assessing, recommending, developing, implementing and maintaining the firm's information security infrastructure and security standards. Lead for security risk assessments and penetration studies of networks. Recommends solutions for security vulnerabilities and takes corrective measures and/or applies security patches when appropriate. Installs, monitors, maintains and upgrades virus detection applications/tools to ensure computer codes, viruses, and worms are blocked or eradicated when detected. Analyzes problematic security log entries from security servers and routers, provides technical solutions to issues and security breaches. Is on call to respond to security incidents or disaster recovery and business continuity operations. Maintains advanced knowledge of the firm's Information Security posture, goals and objectives. Supervises the Information Security Engineers. Is responsible for the overall direction, coordination, and evaluation of designated employees in this category. Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding, coaching, and disciplining employees; addressing complaints and resolving problems.

The Cyber Security Operations Analyst is primarily responsible for monitoring the front lines of the company's cyber defense program, helping to protect critical systems and data from potential threats, responding to reported security violations, analyzing internet access, connectivity and threats (virus protection, spam, etc.) DUTIES AND RESPONSIBILITIES The following represents the majority of the duties performed by the position but is not meant to be all-inclusive nor prevent other duties from being assigned when necessary. 1. Complies with DOT and OSHA health, safety and environmental requirements and follows safety philosophy and procedures developed by the Company including: applicable environmental, health and safety rules, procedures, and accepted safe work practices, the use of appropriate personal protective equipment and safety systems, and the reporting of workplace hazards and injury or illness arising from workplace activities; observes the workplace to identify conditions or behaviors that should be corrected and takes appropriate action. 2. Monitors Security Information and Event Management (SIEM) alerts, firewall logs, intrusion detection systems, and network activity for suspicious behavior including public and private threat intelligence sources for emerging risks; analyzes internet access, connectivity logs, and alerts related to virus protection, spam, and suspicious behavior including user account activity providing reports on potential anomalies. 3. Conducts daily security log reviews and assists in identifying potential threats; summarizes and shares relevant alerts with the cybersecurity team. 4. Monitors incoming security tickets and alerts; documents and triages security incidents, escalating to senior analysts as needed; assists with evidence collection and incident tracking. 5. Performs scheduled vulnerability scans, analyzes findings, and maintains remediation tracking logs; assists with patch management processes including deployment, tracking, and reporting. 6. Assists with internal and external audits by collecting necessary documentation and evidence. 7. Maintains regulatory compliance documentation as required by TSA, DOT, O SHA, etc.; creates and updates procedural documents, runbooks, security playbooks, and knowledge base articles. 8. Documents all incidents, assessments, and routine checks to support audit readiness and knowledge transfer; manages project tracking logs. 9. Assists with the configuration and maintenance of endpoint protection, firewall settings, and other cybersecurity tools under guidance. 10. Reviews vendor solutions and compiles initial summaries for team consideration; maintains security-related inventories, software licenses, and access lists. 11. Assists with development and dissemination of basic cybersecurity awareness content for end users; tracks completion of required security training and assists with scheduling refresher sessions. 12. Participates in a scheduled on-call rotation for after-hours and weekend security support. REQUIREMENTS * Associate's degree or the equivalent in experience in Cyber Security, Information Technology or related field and a minimum of two (2) years of prior experience in cybersecurity, IT support, or SOC environment. Internship or hands-on training in networking, firewalls, or security systems preferred. Certification such as CompTIA Security+, CASP+, or CEH (preferred or in progress). Knowledge, Skills and Abilities * Ability to actively engage in safe behavior and understand and follow the principles and methods related to pipeline and workplace safety as established by the Company. * Knowledge of emergency and safety procedures, policies procedures, equipment operating parameters, and all applicable DOT, EPA, FERC, DHS, and OSHA requirements. * Knowledge of Active Directory, Exchange, SharePoint, CISCO routing and switching configuration. * Knowledge of firewall and network security and IDS (intrusion detection systems), and network management tools. * Knowledge of TSA security requirements and regulations. * Knowledge of identity management processes and procedures. * Skill in project management. * Ability to manage, track and analyze information. * Ability to effectively work and cooperate with supervisors, co-workers, and vendors. * Ability to follow corporate policies and the directions of supervisors. * Ability to refrain from causing or contributing to the disruption of the workplace.

At Jack Henry, we're more than a technology company, we're a force for good in financial services. We're redefining how community banks and credit unions connect with the people they serve. Our mission is rooted in people inspired innovation, empowering financial institutions to deliver seamless, secure, and human centered experiences. We deliver cutting-edge solutions that are paving the way for the next generation of digital banking and payments, but our true impact begins with our associates. If you're ready to help transform an industry and grow with a company that values purpose, collaboration, and excellence then we'd love to meet you. We are seeking a highly skilled PCI Security Analyst to join our team. The analyst is responsible for ensuring organizational compliance with the Payment Card Industry Data Security Standard (PCI DSS) and related cybersecurity requirements. This role involves conducting compliance assessments, managing audits, implementing security controls, and mitigating risks associated with payment card data. This position offers remote flexibility within a 70-mile radius of our office locations in Allen, TX; Lenexa, KS; Springfield, MO; or Monett, MO. The salary range for this position is $110,000- $125,000 and will be determined based on location and experience level. All positions, regardless of location, may require an onsite interview or in-person onboarding requirement to verify your identity. What you'll be responsible for: * Conducts PCI DSS compliance assessments to identify gaps and risks supporting ongoing security and compliance. * Develops, implements, and maintains PCI-related security policies, standards, and procedures to ensure consistent protection of cardholder data. * Monitors and validates compliance with PCI DSS requirements across systems and processes to maintain regulatory adherence. * Executes comprehensive validation of PCI DSS scope across enterprise environments, ensuring accurate identification and classification of in-scope systems, applications, and data flows. * Collaborates with cross-functional teams to assess segmentation controls, cardholder data locations, and business processes to confirm scope boundaries align with PCI DSS requirements. * Documents scope rationale and provide evidence-based recommendations to reduce scope where feasible, while maintaining compliance integrity. * Validates vulnerability assessments and penetration testing to ensure secure configurations. * Validates encryption, key management, and secure transmission of cardholder data to protect sensitive information. * Supports incident response and forensic investigations involving payment card data to enable rapid resolution. * May perform other job duties as assigned. What you'll need to have: * Minimum of 6 years of experience in a PCI DSS compliance role. * At least one relevant certification (e.g., PCIP, QSA, CISSP, ISA) is required. What would be nice for you to have: * A senior level professional with in-depth body of knowledge, experience and expertise with the ability to resolve complex issues. * Excellent understanding of PCI DSS requirements and security frameworks (e.g., PCI 4.x, NIST, ISO 27001). * Strong knowledge of network security, encryption, and secure system configurations. * Strong technical expertise in network security, encryption, vulnerability management, and secure system design. * Strong risk management capabilities including the ability to identify, assess, and mitigate compliance and security risks within payment card environments * Demonstrated proficiency using compliance management platforms (e.g., Archer, Qualys, Trustwave), SIEM, and vulnerability scanning tools to support PCI DSS compliance and cybersecurity initiatives. If you got this far, we hope you're feeling excited about this opportunity. Even if you don't feel you meet every single requirement on this posting, we still encourage you to apply. We're looking for passionate, driven individuals who align with our mission and can bring unique perspectives to our team. Why Jack Henry? At Jack Henry, we live by the motto: "Do the right thing, do whatever it takes, and have fun." It's more than a tagline, it's the foundation of our culture. We recognize that our associates are the key to our success, and we're deeply committed to their wellbeing. That's why we offer comprehensive benefits designed to support your physical, mental, and financial health so you can thrive both personally and professionally. We're also leading the way in technology modernization, helping financial institutions evolve with speed, security, and flexibility. Our strategy focuses on delivering secure data access, mitigating fraud, and enabling seamless integration. Empowering our teams to build innovative solutions that meet the evolving needs of accountholders. Culture of Commitment Ask our associates why they love Jack Henry, and many will tell you it is because our culture is exceptional. We do great things together. Our culture empowers us to rise to challenges, seek new opportunities, and support one another through change. It's this shared commitment that drives our success. We're proud to foster an environment where inclusion, sustainability, and community impact are more than values, they're how we operate. Visit our Corporate Sustainability site to learn more about our culture and commitment to our people, customers, community, environment, and shareholders. Equal Employment Opportunity At Jack Henry, we know we are better together. We value, respect, and protect the uniqueness each of us brings. Innovation flourishes by including all voices and makes our business - and our society - stronger. Jack Henry is an equal opportunity employer and we are committed to providing equal opportunity in all of our employment practices, including selection, hiring, performance management, promotion, transfer, compensation, benefits, education, training, social, and recreational activities to all persons regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, genetic information, pregnancy, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, and military and veteran status, or any other protected status protected by local, state or federal law. No one will be subject to, and Jack Henry prohibits, any form of discipline, reprisal, intimidation, or retaliation for good faith reports or complaints of discrimination of any kind, pursuing any discrimination claim, or cooperating in related investigations. Requests for full corporate job descriptions may be requested through the interview process at any time.

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is composed of industry experts with deep experience in cybersecurity, automation, and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to join our mission of revolutionizing the MDR landscape. We're a fast growing startup backed by industry experts and top tier investor Andreessen Horowitz. As an early employee, you'll play a meaningful role in defining and building our culture. Get in on the ground floor. We're a small but well-funded team that just raised a substantial round - joining now comes with limited risk and unlimited upside. Culture is one of the most important things at TENEX.AI-explore our culture deck at culture.tenex.ai to witness how we embody it, prioritizing the irreplaceable collaboration and community of in-person work. We are looking for a detail-oriented Information Security Analyst to spearhead our internal compliance efforts and manage our Third-Party Risk Management (TPRM) program. In this role, you won't just be checking boxes; you will be the architect of the controls that protect our customers' data involving AI and other cutting edge technologies. You will bridge the gap between technical security operations and formal audit requirements, ensuring we remain a gold standard in the industry. Location: This role will require onsite in our Overland Park, KS or Sarasota, FL location. Key Responsibilities 1. Internal SOC 1 & SOC 2 Compliance Audit Readiness: Lead the preparation for annual SOC 1 Type II and SOC 2 Type II audits. Control Monitoring: Perform continuous testing of technical and administrative controls (e.g., access reviews, change management, encryption standards). Evidence Collection: Coordinate with Engineering, HR, and DevOps teams to gather and organize audit evidence throughout the year. Remediation: Identify gaps in current processes and work with department heads to implement corrective actions. 2. Third-Party Risk Management (TPRM) Vendor Assessments: Conduct security assessments of new and existing vendors, reviewing their SOC reports, ISO certifications, and SIG questionnaires. Risk Scoring: Evaluate the risk profile of third-party tools and services, providing recommendations to leadership on whether to approve or mitigate risks. Contract Review: Partner with Legal to ensure security addendums (DSAs/BAsAs) meet our internal compliance requirements. 3. Policy & Governance Maintain and update the Information Security Management System (ISMS) documentation. Develop and deliver security awareness training tailored to compliance requirements. Act as the primary point of contact for client inquiries regarding our security posture. Required Qualifications & Skills: Experience: At least 2 years in Information Security, IT Audit, or Compliance (GRC). Frameworks: Deep understanding of AICPA Trust Services Criteria (SOC 2) and SSAE 18 (SOC 1) along with ISO 27001, NIST-800. Technical Knowledge: Familiarity with cloud environments (GCP/AWS/Azure), IAM, and vulnerability management. TPRM Tools: Experience with risk assessment platforms (e.g., OneTrust, Vanta, or Drata). Certifications: CISA, CRISC, or Security+ preferred (CPA-tracked experience is a plus). Ideal Candidate Profile: The "Translator": You can explain complex frameworks like ISO27001, NIST 800, and map them to internal controls in policy documentation to support compliance requirements. Meticulous: You audit the environment and policies for consistency and enforcement. Proactive: You don't wait for the audit window to open; you are constantly looking for ways to automate evidence collection. Education & Certifications: Bachelor's degree in Computer Science, Cybersecurity, Engineering, or a related field (or equivalent experience). Why Join Us? Opportunity to work with cutting-edge AI-driven cybersecurity technologies and Google SecOps solutions. Collaborate with a talented and innovative team focused on continuously improving security operations. Competitive salary and benefits package. A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies.

Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

Freedom Technology Solutions Groups is looking to add a Tier 3 Cyber Security Analyst to the team. The candidate will provide CSOC Tier 3 services, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents. CSOC Tier 3 services includes malware and implant analysis, and forensic artifact handling and analysis. When a CIRT is stood up, all contractors in support of CSOC Tier 3 services will be under the direct control of, and take direction from, the Government CIRT Commander. While not in a period of incident response, the Contractor shall conduct continuous exercises and dry runs to improve response outcomes in the event of a cyber-incident. All Contractor personnel performing CSOC Tier 3 services shall have or obtain, within six months of start, a certification that is compliant with DoDD 8140.01 and DoD 8570.01-M IAT Level III and CSSP Incident Responder. Job Duties: Coordinate and implement tasks, performing analysis, and building/documenting response activities required during cyber security incident response, to include but not limited to actions such as implementing containment measures, IP blocks, domain blocks, and disabling user accounts on direction of the Government. Coordinates with Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), in addition to other law enforcement and counter intelligence personnel as required to perform advanced investigation and triage of incidents; Collaborates with appropriate authorities in the production of security incident reports; Categorizes incidents and events; Coordinates with other contracts, organizations, activities, and other services as appropriate to ensure incidents are properly reported, contained, and eradicated; Coordinates with other contracts, organizations, activities, and other services as appropriate to de-conflict blue / red team activity with open incidents/events; Coordinates with other contracts, organizations, activities, and services to ensure NGA recovers from an incident/event; Builds timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions. Documents actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed. Develops and when approved by the Government generates and updates reports in the Joint Incident Management System (JIMS), Incident Case Management System (ICMS), and/or other authorized reporting systems as directed; Develops, maintains, sustains, and when properly authorized by the Government executes custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events; Performs digital media analysis on host, server, and network data as required to analyze and respond to an incident, to include but not limited to volatile and non-volatile memory and/or system artifact collection and analysis; Develops and identifies indicators of compromise to send to Cybersecurity stakeholders and other Contract Services; Provides adversary attribution; Performs malware analysis and signature development; Coordinate with CSOC Tier 1 and 2 services to remediate all discrepancies and provide recommendations to prevent reoccurrence. Job Requirements: Bachelors Degree and or 6 years' experience in Cyber Security (CSOS) Active security clearance. DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Incident Responder. Provides input to and coordinates with all applicable stakeholders to develop and deliver the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report; Serve as C-IRT members as required and serve under the direct control of, and take direction from, the Government C-IRT Commander; Develop and coordinate courses of action with various Government and contract stakeholders, and when properly authorized by the Government, execute Defensive Cyberspace Operations-Internal Defensive Measures on behalf of the NGA on NGA networks and systems; Performs digital media analysis and malware reverse engineering on host, server, and network data as required to analyze and respond to an incident, to include but not limited to volatile and non-volatile memory and/or system artifact collection and analysis. When properly authorized by the Government, execute custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events; Develops, documents, and provides to the Government incident investigation reports which include sufficient information to document the entire lifecycle of the incident and the response, including but not limited to adversary and friendly forces activity, host and network analysis, timelines, and recommendations for corrective actions, recommendations for new Tactics, Techniques, and Procedures (TTP) and other recommendations as appropriate, within 30 days of C-IRT stand-down; Conduct Quality Control reviews of a percentage closed CSOC Tier 2 tickets each week to ensure proper analysis, categorization, documentation, and notification Preferred Qualifications: Masters degree IAT III Qualifications that are nice to have: Juniper certification What's in It for You? Flexible work environment A team mentality - work with friendly, like-minded professionals Work with innovative, cutting edge technologies Enjoy extremely competitive compensation and benefits A work-life balance you can count on Opportunities to grow and advance your career on our dime The Benefits You Get with Freedom Amazing benefits including matching 401k, fully paid medical, and more Generous paid time off - including paid site closure days Competitive salary offerings Paid training and tuition reimbursement Referral bonuses Fully paid life and disability Annual logo wear allowance Company sponsored events (game nights, holiday party, summer party, happy hours) Interested in learning more about Freedom and our culture? Contact us today! We're constantly hosting hiring events in our office and elsewhere, to help you get a sense of what life is like at Freedom before joining the team. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, sex, age, marital status, disability or veteran status Applicant Federal & E-Verify Postings VEVRAA Federal Contractor Accessibility: If you need an accommodation as part of the employment process, please contact Human Resources at Phone: ************ Email: ********************* Equal Opportunity Employer, including disabled and veterans. If you want to view the EEO Law poster, please choose your language: English - Spanish - Arabic - Chinese If you want to view the EEO Law Supplement poster, please choose your language: English - Spanish - Chinese If you want to view the Pay Transparency Policy Statement, please click the link: English

**Job Opportunity is actually with a company called Western Farmers Electric Cooperative (WFEC)** Under the general supervision of the Supervisor, IT Infrastructure, the Cyber Threat Analyst performs monitoring and analysis of cyber threats to assist in the defense of WFEC cyber systems and operations. The incumbent will curate and triage intelligence from multiple cyber intelligence sources and will inform the security operations with timely and relevant TTPs, IOCs, and context. The incumbent will generate reports for upper management based on data, information, and intelligence. The incumbent must understand the MITRE ATT&CK framework and be able to integrate the framework in the reporting. The Cyber Threat Analyst will develop and document threat hunt activities based on intelligence, scenarios, and observations. The incumbent develops, maintains, and supports systems that provide collection capabilities and telemetry information to the organization. In addition, the incumbent performs troubleshooting, installation, and maintenance on equipment and software systems related to NERC CIP. The incumbent performs change management and configuration activities, security controls testing, system baseline activities, vulnerability testing and analysis, and network traffic analysis to ensure system reliability and security. The incumbent participates in in-house, regulatory, and industry teams, including working groups, committees, incident response teams, and business continuity teams as required. Also, the incumbent participates in exercises that test policies, procedures, and skills which are required by business and critical operations. The incumbent responds to anomalous events that will require analysis and will have to synthesize and correlate complex events to ensure operational security.

Kanshe Infotech is Consulting Firm Which Provides World online training. Online Training (Remote Training + Real-time exp) available. Our training is more than just hours of lecture, we believe in student engagement, motivation and knowledge sharing as tools for success and we do it with great dedication and precision. We offer online training that clearly stands out of the group, sign up for a demo session. Job Description Our Training Features: · You will receive top quality instruction that Kanshe Infotech is famous for Online IT training. · Trainees will receive immediate response to any training related queries, either technical or otherwise. We advise our trainees not to wait till the next class to seek answers to any technical issue. · Training sessions are conducted by real-time instructor with real-time examples. · Every training session is recorded and posted to the batch after each weekend class. · We are offering online training on Cyber Security. . Provide OPT Stem Ext.: Guidance and support for applying for the 24-month OPT STEM extension Help with OPT Employment letter: Help with drafting and obtaining OPT employment letters that meet USCIS requirements. · We provide training in technology of your choice. · Good online training virtual class room environment. · Highly qualified and experienced trainers. · Professional environment. · Special interview training · Training for skill enhancement. · Study material and Lab material provided. · E-Verified company. If you are interested or if you know anyone looking for a change, please feel free to call or email me for details or questions. I look forward to seeing resumes from you or your known and highly recommended candidates. Thanks Additional Information All your information will be kept confidential according to EEO guidelines.

Join our dynamic and thriving company as a Data Security Analyst in St. Louis, MO where you'll have the opportunity to make an impact and shape the future of our renowned brands. If you have a passion for fashion, eager to learn and have an eye for detail, this is the perfect role for you! As a member of our team, you'll be part of a company that values results, caring and learning. What You'll Be Doing Monitor security service performance and availability: Provide recommendations on security equipment, software, and services On-going investigation: Inspect information security alarms and events to determine vulnerability and impact Implement processes: Put forth structured risk assessment processes, conducting ongoing threat and vulnerability assessments, and evaluating controls and countermeasures to mitigate risk Participate in architecture reviews: Ensure adherence to information security architecture Develop processes: Create plans for preventing, detecting, identifying, analyzing and responding to information security incidents Design and deliver programs: Create education and training programs on information security and privacy matters The Timberline Group Phone: ************ PO Box 565, Sullivan, Mo 63080 ********************* ************************* "Delivering quality solutions through quality people"

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

The Security Risk and Compliance Analyst is a member of the information security team and works closely with the other members of the team, the business, and other IT staff to develop and manage security for one or more IT functional area (e.g., data, systems, network, and physical) across the enterprise. The candidate will be able to effectively understand standard risk methodologies and the implementation of security controls in an enterprise environment. Key Result Areas: Work as part of a team to maintain security and integrity of corporate data and IT systems through activities including: Develop and maintain enterprise security policies and procedures Assist in the coordination and completion of information security risk assessments and documentation Work with information security management to develop strategies and plans to enforce security requirements and address identified risks Report to management concerning residual risk, vulnerabilities, and other security exposures including misuse of information assets and noncompliance Work with IT department and members of the information security team to identify, select and implement technical controls Provide direct support to the business and IT staff for security related Maintain an awareness of security and control issues in emerging technologies Perform other duties as assigned Knowledge, skills, and experience required: Bachelor's degree in Computer Science, Information Systems, or other equivalent degree or experience Preferred Certifications (CISSP, CISA, CRISC, CRM, GSEC, etc.) Strong analytical and problem-solving skills to enable effective security incident and problem resolution Proven ability to work under stress with the flexibility to handle multiple high-pressure tasks simultaneously Ability to work well under minimal supervision Strong team-oriented skills with the ability to interface effectively with a broad range of people and roles, including vendors and enterprise personnel Strong written and verbal communication skills and attention to detail for board level committee and regulatory reporting Strong customer/client focus with the ability to manage expectations appropriately General understanding of risk management Knowledge of security methodology frameworks and regulatory requirements such as NIST, CIS, HIPAA, PCI, and FFIEC Microsoft Excel, Word, and Visio skillset for the creation, tracking and reporting of security metrics (e. graphs, formatting, basic formulas) Preferred Qualifications: Understanding of enterprise risk management systems and automation platforms Experience with Data Loss Prevention (DLP) and Vulnerability Management solutions *This position is on-site located in Oklahoma City, must reside within the area to be considered. *Position requires a minimum of 3 years of relevant US based experience. #LI-Onsite #LI-DNI

We are seeking an experienced and mission-driven Manager of Information Security to help protect our credit union's systems, safeguard member data, and support our commitment to being the best place our employees have ever worked and the best place our members have ever banked. The ideal candidate holds a current CISSP certification, and has experience in IT Security, Business Continuity, and Vendor Management, demonstrating deep expertise across all cybersecurity domains, and maintains ongoing training to stay ahead of evolving threats and regulatory requirements in the financial services sector. The Manager Information Security responsible for overseeing the Information Security program, Vendor Management program, and the administration of the Business Continuity Plan at WEOKIE Federal Credit Union. Responsibilities include but are not limited to developing and maintaining the information security framework, monitoring and managing vendor risk, and maintaining, enhancing, and testing the Business Continuity Plan. Major Activities: * Develops, maintains, and reviews appropriate information security policies and procedures needed to maintain the integrity of the information security program. * Conducts threat focused business impact analysis to maintain an inventory of business impacting cyber threats. * Organizes and conducts cybersecurity simulation exercises. * Acts as the IT Security, Business Continuity, and Vendor Management central point of contact for the annual NCUA exam and IT Controls Audit. * Ensures proper policies, procedures, risk mitigation activities, and operation controls are followed. Reports gaps in policies, procedures, and operating controls to leadership to ensure member impact and risk is mitigated. * Responsible for performing information security risk assessments on a scheduled basis that focus on ensuring policies and procedures are consistently applied. * Attends/makes presentations to the WEOKIE Board of Directors and various Board Committees as assigned. * Assist with development of company wide information security training materials for computer-based training modules and build company wide information security awareness materials. * Support technology/systems that enable all vendor management activities by administering the Tandem platform. * Responsible for vendor risk assessment and execution of other vendor management activities as needed. This includes administration, processing risk acceptance documentation, and maintaining the schedule of vendor management activities. * Maintain, develop, update, and test WEOKIE's Business Continuity Plan. * Write reports to summarize testing activities, including results and recommendations. * Act as Business Continuity Coordinator in the event of an incident, to ensure that WEOKIE's Business Continuity Plan is implemented. Critical Results: * WEOKIE's information security program is a core part of its culture and is integrated into all of its lines of business, support functions and third-party management programs. * Information Security risks and threats are clearly identified, measured and remediated timely. * The Board of Directors and Senior Management receive timely and credible reporting and recommendations that lead to effective decision-making in both strategic and tactical contexts. * Members and credit union information security assets are protected from unauthorized access and when necessary, reacts timely and effectively to manage incidents or vulnerabilities. * WEOKIE receives favorable results from key reviews, audits, and exams from audit and exam sources. * WEOKIE's information security program is seen as independent from the IT line of business and also seen as supportive and collaborative to all stakeholders. * Risk assessments are completed annually and deficiency are quickly addressed and/or remediated. * Security incidents are properly documented, tracked, and escalated in a timely fashion when deficiencies are presented. * New quality control activities are developed and presented to leadership that correspond to the information security program. * Vendor Management risk assessments, reporting results, and conclusions are thoroughly documented, completed timely and accurately. * Vendor Management is collaboratively managed with fellow team members. * Vendor Management risks are controlled and mitigated by adhering to all applicable policies and procedures. * WEOKIE's Business Continuity Plan is up-to-date, regularly tested, thoroughly communicated, and ready for immediate implementation in the event of an incident. Qualifications: * Specialized or Technical Knowledge and Skills: The Manager Information Security is a data security professional skilled at managing IT security activities in a complex, multi-system/multi-vendor computing environment. A strong, practical working knowledge of information security concepts and technical architecture are necessary along with an ability to take technical concepts and translate them into business impact. * A bachelor's degree is required, preferably in Information Technology or Computer Science. * A minimum of three years of experience in the information security field. * A Certified Information System Security Professional (CISSP) certification is required; additional certifications such as a Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) are preferred. * Demonstrated experience in managing and working with third party vendors. * Demonstrated ability to research and implement innovative solutions that have improved security, operational efficiency, quality, and service levels. * In-depth understanding of the financial services or highly regulated business, and the applications systems and technical infrastructures needed to support them. B. Behavioral Competencies: Behavioral competencies are the skills and personal characteristics that an individual should possess in order to be successful in this position. * Core Competencies: Core competencies are consistent for all positions across the organization and are aligned with WEOKIE's core values. * Member Focus (internal and external): Builds member confidence, is committed to increasing member satisfaction, sets achievable member expectations, assumes responsibility for solving member problems, ensures commitments to members are met, solicits opinions and ideas from members, responds to internal members. * Dependability: Meets commitments, works independently, accepts accountability, handles change, sets personal standards, stays focused under pressure, and meets attendance/punctuality requirements. * Integrity/Ethics: Deals with others in a straightforward and honest manner, is accountable for actions, maintains confidentiality, supports company values, conveys good news and bad. * Job Specific Competencies: The position requires a well‐rounded and level‐headed individual who is able to maintain composure in a variety of situations. The following stand out among a long list of behavioral competencies for this position: * Managing Vision and Purpose: Communicates a compelling and inspired vison of core purpose; talks beyond today; talks about possibilities, is optimistic, creates mileposts and symbol to rally support behind the vision; make the vision sharable by everyone; can inspire and motivate entire units or organizations. * Strategic Agility: Sees ahead clearly, can anticipate future consequences and trends accurately; has broad knowledge and perspective; is future oriented; can articulately pain credible pictures and visions of possibilities and likelihoods; can create competitive and breakthrough strategies and plans. * Oriented Towards Serving Others: Is predisposed to servant leadership and excited towards improving conditions for others. * Command Skills: Relishes leading; takes unpopular stands if necessary; encourages direct and tough debate but isn't afraid to end it and move on; is looked to for direction in a crisis; faces adversity head on; energized by tough challenges. * Intellectual Horsepower: Is bright and intelligent; deals with concepts and complexity comfortably; described as intellectually sharp, capable, and agile. * Innovation Management: Is good at brining the creative ideas of others to market; has good judgement about which creative ideas and suggestions will work; has a sense about managing the creative process of others; can facilitate effective brainstorming; can project how potential ideas may play out in the marketplace. * Composure: Is cool under pressure; does not become defensive or irritated when times are tough; is considered mature; can be counted on to hold things together during tough times; can handle stress; is not knocked off balance by the unexpected; doesn't show frustration when resisted or blocked; is a settling influence in a crisis. * Political Savvy: Can maneuver through complex political situations effectively and quietly; is sensitive to how people and organizations function; anticipates where the land mines are and plans his/her approach accordingly; views corporate politics as a necessary part of organizational life and work to adjust to that reality. C. Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to stand; walk; sit; use hands to finger, handle, or feel; reach with hands and arms; climb or balance; stoop, kneel, crouch, or crawl and talk or hear. The employee must occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include color vision, peripheral vision, depth perception and ability to adjust focus. D. Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The worker is not substantially exposed to adverse environmental conditions. The noise level in the work environment is usually moderate. WEOKIE does not and shall not discriminate on the basis of Protected Status, marital status, and political belief or any other status or condition protected by applicable federal and/or state law. Bona fide occupational qualifications will be applied impartially. These activities include, but are not limited to, hiring of staff, selection of volunteers and vendors, and provision of services. We are committed to providing an inclusive and welcoming environment for all our members, our staff, clients, volunteers, subcontractors, vendors, and clients.

Make a direct impact on protecting the Bank's people, systems, and customers! As an Information Security Analyst, you'll play a hands-on role in strengthening the Bank's security posture while working closely with Compliance, Risk Management, and IT Security. This position offers visibility across the organization, meaningful responsibility, and the opportunity to influence how security awareness and risk management are practiced every day. You'll be trusted to monitor critical system access, investigate and respond to real-world phishing threats, and lead the Bank's security awareness and social engineering programs. From training employees to advising leadership on security risks, your work will directly reduce risk and improve the organization's security culture. What You'll Do * Protect critical systems by monitoring access changes and advising on best practices * Investigate suspicious emails and manage phishing response and testing programs * Lead engaging security awareness training and new-hire education * Plan and report on phishing and social engineering exercises * Support key information security risk assessments and control reviews * Partner with IT and business leaders to identify and mitigate security risks What You Bring * 5+ years of experience in IT security, risk management, audit, or compliance CapFed is an equal opportunity employer.

Our Mission To improve the health of the communities we serve through contemporary, innovative, quality healthcare solutions. Schedule: Full Time (40 hours per week) What You'll Do Training Analyst are the primary support for Epic, Workday, 3rd party applications and IT Operational training. They coordinate all scheduling for training and conduct training sessions that arise during the project for their areas and must be very knowledgeable about the organization's policies, procedures, and business operations. Responsibilities * Acting as the primary training contact for Epic, Workday, 3rd party application's end-users * Creating training materials as needed to support applications assigned. * Attending workflow design, building decision workgroups, recording notes, and then creating education/communication as required. * Identifying and creating updates to training materials based on requested changes to the system * Serving as a liaison between analysts and end users' education needs. * Maintaining regular communication with Training Manager, Application Managers, and Project Managers regarding training material needs. * Developing an understanding of operational needs to set the direction for the organization's communications by attending site visits, workgroup meetings, and other integrated sessions * Leading in training and working with end users * Reviewing the status of projects and issues on an ongoing basis with leadership holding weekly communications with team members to discuss the status of deliverables, shared issues, end-user concerns, budget, and upcoming milestones * All other duties as assigned Requirements * Clean driving record * Two (2) years of professional experience directly related * Must obtain required vendor certifications for support within 3 attempts Freeman Perks and Programs * For eligible full time and part time employees Freeman offers a wide variety of career opportunities, a great work culture and generous benefits, most starting day one! * Health, vision, dental insurance * Retirement with employer match * Wellness program with discounts to Health Insurance or Cash Bonus with Participation * Milestone payments with longevity of employment * Paid Time Off (PTO) or Flex time off (FTO) * Extended Sick pay * Learning Center designated only for Freeman Family members * Payroll deduction at different locations such as The Daily Grind, Freeman Gift Shop, Cafeteria, etc.

CompanyFederal Reserve Bank of Kansas CityWhen you join the Federal Reserve-the nation's central bank-you'll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. We invest in contemporary and emerging technology each year to support the Federal Reserve and our economy, and we're building a dynamic and diverse team for our future. Important Information Open to US citizens, Green Card holders or Permanent Residents with at least 3 years of residency, with the intent to become a US citizen. No sponsorship is available. Candidates must have valid work authorization, without an end date, to be considered. This position requires working on-site, in Kansas City, Denver, Oklahoma City, or Omaha, with 5 days per month remote work flexibility. This position is not eligible to be remote and relocation assistance is not available. We are seeking cybersecurity professionals to join our Information Security team as a security specialist focused on operating our DevSecOps program according to standards and policies. This will be done through close partnership with peers in FRB Kansas City and other Reserve Banks across the System. It will also require healthy relationship building and tight integration with development teams. Additionally, you'll partner with business areas, vendors, and our diverse network of professionals to identify, implement, and support security across the organization. Candidates with strong understanding and experience in cloud environment deployments, information security, data management, low-code and no-code solutions, DevSecOps, and artificial intelligence will be ideal. Key Activities Interpret and evaluate policies in order to mature and implement the DevSecOps program. Assess maturity of development teams' DevSecOps practices against an existing framework. Proactively advocate for and drive enhancements into the program. Identify gaps/opportunities for enhancements to workflows and processes for enhancing the software development lifecycle (SDLC). Implement and consults on secure continuous integration and continuous delivery (CI/CD) pipelines, evaluating code and/or applications, or creating code to facilitate the process. Monitors information security policy compliance using security tooling. Evaluate and implement security products and/or processes to enhance productivity and effectiveness for various platforms and initiatives. Provide technical expertise and support to internal teams on security-related matters. Collaborate with cross-functional teams to integrate security measures into existing software applications and infrastructure. Stay current with emerging technologies, industry trends, and best practices in cybersecurity to enhance our security posture. Support leadership decision making through timely analysis and written communications. Qualifications Typically requires 3-6 years of relevant experience. Bachelor's Degree in Technology, Engineering, Computer Science, Information Systems, Cybersecurity or other related field or equivalent work experience. Strong competence in cloud technologies such as AWS, Azure, and other platforms. Expert understanding of DevSecOps practices, frameworks, and tools. Expertise with tool integration for the DevOps pipeline such as Git. Combines and organizes information into meaningful patterns; identifies underlying relationships, causes and effects; and combines pieces of information to form conclusions or general rules. Rapidly acquires new knowledge and learns new skills, and practices agile methodologies to planning and accomplishing work. Conveys complex and technical issues to diverse audiences. Demonstrated competencies with artificial intelligence are beneficial. Working knowledge of Terraform, Ansible, Cloud Formations, AWS Config, AWS Inspector, Guard Duty and others. Strong knowledge of software development languages, tools and techniques such as Python, JSON, YAML, and Java Technical expertise in security tools and knowledge of security practices and procedures. A learning mindset, proactiveness, collaboration, and strong attention to detail. Additional Information How We Work (HWW): On-site: 5 days per month remote work flexibility Locations: Kansas City, Denver, Oklahoma City, Omaha Remote Eligible: No Relocation Assistance: No Salary: $79,100 - $111,500 / Experienced Level $98,600 - $139,000 / Senior Level Final offers are determined by factors including the candidate's qualifications, internal alignment considerations, district assignment, and geographic location. Screening: US citizens, permanent residents with the intent to become a US citizen with at least three or more years of United States residency from the date of legal entry to the United States is required for this position.This position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take up to a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The areas screened may include education/employment verification, criminal history, credit history, and reference checks. Sponsorship: The Federal Reserve Bank of Kansas City will not sponsor a new applicant for employment authorization for this position. Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future. About Us Total Rewards & Benefits Who We Are What We Do Follow us on LinkedIn , Instagram, X (formerly Twitter) , and YouTube #KCFedIT Full Time / Part TimeFull time Regular / TemporaryRegularJob Exempt (Yes / No) YesJob CategoryInformation Technology Family GroupWork ShiftFirst (United States of America) The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences. Always verify and apply to jobs on Federal Reserve System Careers (FRS) or through verified Federal Reserve Bank social media channels. Privacy Notice

The Cyber Security Operations Analyst is primarily responsible for monitoring the front lines of the company's cyber defense program, helping to protect critical systems and data from potential threats, responding to reported security violations, analyzing internet access, connectivity and threats (virus protection, spam, etc.) DUTIES AND RESPONSIBILITIES The following represents the majority of the duties performed by the position but is not meant to be all-inclusive nor prevent other duties from being assigned when necessary. 1. Complies with DOT and OSHA health, safety and environmental requirements and follows safety philosophy and procedures developed by the Company including: applicable environmental, health and safety rules, procedures, and accepted safe work practices, the use of appropriate personal protective equipment and safety systems, and the reporting of workplace hazards and injury or illness arising from workplace activities; observes the workplace to identify conditions or behaviors that should be corrected and takes appropriate action. 2. Monitors Security Information and Event Management (SIEM) alerts, firewall logs, intrusion detection systems, and network activity for suspicious behavior including public and private threat intelligence sources for emerging risks; analyzes internet access, connectivity logs, and alerts related to virus protection, spam, and suspicious behavior including user account activity providing reports on potential anomalies. 3. Conducts daily security log reviews and assists in identifying potential threats; summarizes and shares relevant alerts with the cybersecurity team. 4. Monitors incoming security tickets and alerts; documents and triages security incidents, escalating to senior analysts as needed; assists with evidence collection and incident tracking. 5. Performs scheduled vulnerability scans, analyzes findings, and maintains remediation tracking logs; assists with patch management processes including deployment, tracking, and reporting. 6. Assists with internal and external audits by collecting necessary documentation and evidence. 7. Maintains regulatory compliance documentation as required by TSA, DOT, O SHA, etc.; creates and updates procedural documents, runbooks, security playbooks, and knowledge base articles. 8. Documents all incidents, assessments, and routine checks to support audit readiness and knowledge transfer; manages project tracking logs. 9. Assists with the configuration and maintenance of endpoint protection, firewall settings, and other cybersecurity tools under guidance. 10. Reviews vendor solutions and compiles initial summaries for team consideration; maintains security-related inventories, software licenses, and access lists. 11. Assists with development and dissemination of basic cybersecurity awareness content for end users; tracks completion of required security training and assists with scheduling refresher sessions. 12. Participates in a scheduled on-call rotation for after-hours and weekend security support. REQUIREMENTS · Associate's degree or the equivalent in experience in Cyber Security, Information Technology or related field and a minimum of two (2) years of prior experience in cybersecurity, IT support, or SOC environment. Internship or hands-on training in networking, firewalls, or security systems preferred. Certification such as CompTIA Security+, CASP+, or CEH (preferred or in progress). Knowledge, Skills and Abilities · Ability to actively engage in safe behavior and understand and follow the principles and methods related to pipeline and workplace safety as established by the Company. · Knowledge of emergency and safety procedures, policies procedures, equipment operating parameters, and all applicable DOT, EPA, FERC, DHS, and OSHA requirements. · Knowledge of Active Directory, Exchange, SharePoint, CISCO routing and switching configuration. · Knowledge of firewall and network security and IDS (intrusion detection systems), and network management tools. · Knowledge of TSA security requirements and regulations. · Knowledge of identity management processes and procedures. · Skill in project management. · Ability to manage, track and analyze information. · Ability to effectively work and cooperate with supervisors, co-workers, and vendors. · Ability to follow corporate policies and the directions of supervisors. · Ability to refrain from causing or contributing to the disruption of the workplace.