Information security analyst jobs in Knoxville, TN

Immediate need for a talented Information Security Analyst - Lead . This is a 09+ months contract opportunity with long-term potential and is located in Atlanta,GA(Hybrid). Please review the job description below and contact me ASAP if you are interested. Job ID:25-93807 Pay Range: $68 - $68.61/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Act as a liaison between cybersecurity metric owners, data engineers, and governance teams to ensure accurate and timely metric development. Facilitate metric working sessions to define metric name, definition, calculation, system of record, and critical data elements (CDEs). Support the documentation and validation of metric logic and data lineage. Coordinate and lead standing meetings to provide updates, manage timelines, and escalate blockers or data challenges. Review and validate data quality and completeness of metric inputs in coordination with data engineers. Support the development of root cause commentary and trend analysis for metrics that breach established thresholds. Partner with control and process owners to align metrics with applicable frameworks (e.g., NIST CSF, CIS, FFIEC). Prepare clear, concise executive-level summaries and presentations on metric performance and risk trends. Maintain oversight of multiple metrics in different stages of the build lifecycle, ensuring governance and consistency. Contribute to continuous improvement of the metrics program, including standardization, automation, and data quality enhancements. Key Requirements and Technology Experience: Key Skills;Metrics governance/Risk Metrics/Performance Metrics . Bachelor's degree or five years of related experience or an equivalent combination of education and experience In-depth knowledge of principles, practices, theories, and/or methodologies associated with the professional discipline (e.g., information technology, project management, finance, risk management, etc.) Understands foundational concepts of other related professional disciplines. Experience managing small projects Ability to interpret and explain complex information to a range of audiences and build consensus among different stakeholders. Ability to provide direction and mentor less experienced teammates Strong organizational skills with the ability to manage multiple priorities simultaneously. Excellent written and verbal communication skills, including experience drafting executive summaries. Proficiency in Microsoft Excel, PowerPoint, and collaboration tools (e.g., Teams, SharePoint). 5-7 years of experience in cybersecurity, risk management, technology project coordination, or data analytics. Familiarity with cybersecurity domains (e.g., vulnerability management, DLP, IAM, cloud security, incident management). Working knowledge of risk and performance metric design, including KRIs, KPIs, and operational indicators. Experience gathering and documenting business requirements and translating them into actionable data or metric logic. Basic understanding of SQL or ability to read data dictionaries and data mappings. Exposure to cyber control frameworks such as NIST CSF, ISO 27001, or CIS. Exposure to Agile or iterative project delivery methods. Cybersecurity/Risk management Vulnerability management Stakeholder engagement . Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration. Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

Role: Information Security Analyst/IAM Analyst Duration: 12+ months Interview: PH/MS Teams This position supports the Central Access Provisioning team within IAM Operations. Resources will assist during a transition from manual access processes to increased automation, flexing across IAM functions to address capacity gaps and operational needs. Required Experience 2+ years in IAM / Information Security / Access Management Hands-on experience with at least one IAM tool (SailPoint, Okta, CyberArk, Ping, Microsoft Entra ID) Working knowledge of authentication standards (LDAP, SAML, OAuth, OpenID, SCIM) Experience supporting access provisioning, deprovisioning, and identity lifecycle activities Exposure to security frameworks such as NIST, ISO, SOX, or PCI What We're Looking For Strong IAM operations background (not architect-level) Ability to work onsite and interact with business and security stakeholders Candidates who can start quickly and operate in a high-volume IAM environment Best Regards, Shubhangi Pokhriyal Technical Recruiter Sibitalent Corp 118 Carolynn Lane, Murphy, TX 75094 ****************** Email: *************************

WorkForce Unlimited is searching for a proactive Security Analyst to analyze vulnerabilities, optimize security tools, and help our client stay ahead of emerging threats. The Security Analyst is responsible for independently managing third-party vulnerability data sources, executing scans using proprietary tools, and collaborating with IT teams to prioritize mitigation efforts. The role involves leveraging vulnerability management tools to generate metrics and reports that track progress and effectiveness. Additionally, the Security Analyst may contribute to reviewing project scopes to recommend security benchmarks, optimizing security tool alerts and policies, and integrating logs and large data sets into existing systems. Role Responsibilities Analyze vulnerabilities from various sources and input them into the vulnerability management tool using approved methods to ensure a complete overview of exposures. Evaluate existing vulnerabilities to identify problem areas or opportunities for mass-mitigation. Communicate with cross-functional teams to explain risks, opportunities, or required actions. Escalate vulnerabilities that exceed defined time-to-resolve thresholds. Configure vulnerability scanning tools and manage ongoing scan schedules. Collect and maintain departmental metrics and KPIs. Identify opportunities to apply AI technologies to improve vulnerability management processes. Technical Qualifications Strong familiarity and prior experience with: HTTP, PKI, digital signatures/encryption, SMTP, DNS, CWEs, CVEs, and related security frameworks. Vulnerability and security scanning tools such as Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei, or similar. Web application scanning and web application firewalls (WAFs). Containers and associated security considerations. CIS Benchmarks, STIGs, or other security hardening standards. Additional desirable skills or experience: Authentication and identity protocols: SAML, Kerberos, OAuth, OIDC, LDAP. Scripting and automation using PowerShell and Python. CI/CD tools such as Jenkins. Splunk data onboarding (indexes, sourcetypes, data models, forwarders, apps, HECs). Log ingestion and transport technologies: Azure Event Hubs, Kafka, syslog. EDR/XDR tools such as Microsoft Sentinel, Microsoft Defender, CrowdStrike, or similar. General Qualifications Ability to conduct independent research, analyze data, and produce clear plans of action. Strong systematic thinking and troubleshooting skills. Ability to create clear and detailed documentation of designs and processes for diverse technical audiences. Excellent communication skills, including the ability to clearly articulate requirements, priorities, and project status. Education Requirements Bachelor's Degree in Information Technology or a related field is preferred but not mandatory.

Role Responsibilities Daily access reconciliation control monitoring, application administrator support, and follow up the remediation effort. Must Have Skills / Prior Experiences The Cybersecurity Analyst should have a high level of knowledge and understanding least one IGA platform solution (OIG, SailPoint, Saviynt, ForgeRock). Strong analytical skills for understanding complex datasets. Ability to write SQL queries/Python/Shell scripts and pull relevant data from the database and file systems. Experience is creating strategic performance dashboards and metrics Skills in planning, organizing, and adapting within a multi-tasking environment. Strong interpersonal skills, flexibility, and customer service orientation. Ability to evaluate emerging technologies and identify their potential impact within the existing environment. Plus / Nice to Have Skills / Prior Experiences An understanding of regulatory requirements and experience supporting internal and external audits but gathering evidence is a significant advantage. EEO: “Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of - Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”

In this contingent resource assignment, candidate may: Participate in low to moderately complex initiatives and identify opportunity for process improvements within Information Security Analysis. Review and analyze basic or tactical Information Security Analysis assignments or challenges that require research, evaluation, and selection of alternatives, related to low-to-medium risk deliverables. Present recommendations for resolving low to moderately complex situations and exercise some independent judgment while developing understanding of function, policies, procedures, and compliance requirements. Provide information to client personnel in Information Security Analysis. Required Qualifications: 2 plus years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work or consulting experience, training, military experience, education. Desired Qualifications: Hands-on experience with IAM Tools (SailPoint, Okta, CyberArk, Ping, Microsoft Entra ID) Experience with authentication standards (LDAP, SAML, OAuth, Open ID, SCIM). Experience with security compliance frameworks (ISO, NIST, SOX, PCI) Ability to interact with various layers of leadership Ability to prioritize work, meet deadlines, and achieve deliverables Strong organizational, multi-tasking, and prioritizing skills Customer service focus with the ability to respond to requests in a timely manner Intermediate Microsoft Office (Word, Excel, Outlook, PowerPoint, Access, and Project) skills Pay Range: $40- $45 The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits including medical, dental, vision and 401K contributions as well as any other PTO, sick leave, and other benefits mandated by appliable state or localities where you reside or work.

ABOUT THE ROLE Individual is able to work without assistance; provides leadership for others; able to manage highly complex work efforts; may have advanced education; has extensive industry experience. The IT Security Analyst monitors and advises on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinates and executes IT security related projects for the agency. Coordinates response to information security incidents. Develops and publishes Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance with Commonwealth IT Security policies, standards, and guidelines. Conducts campus-wide data classification assessment and security audits and manages remediation plans. Collaborates with IT management, Internal Audit, and VITA to manage security vulnerabilities. Creates, manages and maintains user security awareness. Conducts security research and keeps abreast of latest security issues. Prepares IT security documentation, including department policies and procedures, agency notifications, Web content, and alerts.

Knoxville, TN | Cybersecurity Engineer | Full-time We are actively recruiting a Cybersecurity Engineer for our client in Knoxville, TN. This is a hybrid direct placement opportunity that will require some onsite work in Knoxville. The successful candidate will be responsible for the design, implementation, and ongoing management of advanced cybersecurity measures to protect sensitive data, systems, and networks. This role involves hands-on work with a wide range of security technologies, development and enforcement of security protocols, and proactive risk mitigation. The engineer collaborates with cross-functional IT teams to integrate security solutions into enterprise projects and ensure compliance with applicable regulatory requirements, including HIPAA. Must have a minimum of five years' experience in cybersecurity engineering, with a proven track record in designing and implementing security solutions within an enterprise environment. Due to client request, candidates must be eligible to work in the United States without sponsorship. Equal Opportunity Employer/Veterans/Disabled

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations. Technical Implementation: Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points. Configure, administer, and secure Active Directory and Azure AD environments. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture. Security Operations: Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts. Lead technical response efforts during security incidents or breaches in coordination with the incident response team. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access. Conduct routine vulnerability assessments and threat analysis to support continual improvement. Perform digital forensics and incident response activities as needed. Compliance: Ensure adherence to HIPAA and all applicable regulatory and security standards. Design and implement technical safeguards that protect sensitive information and support organizational objectives. Collaboration: Partner with IT and business teams to embed security controls into systems, applications, and workflows. Educate and support staff on cybersecurity awareness, best practices, and evolving threats. Documentation: Create and maintain accurate documentation for security configurations, procedures, and incident activity. Remain informed on current cybersecurity trends and recommend enhancements to existing controls. Security Audits: Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards. Security Standards and Policies: Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements. Security Infrastructure Maintenance and Monitoring: Configure, troubleshoot, and maintain security-related hardware and software. Implement and manage monitoring tools to detect intrusions and potential security breaches. Security Strategy Development: Support the planning, execution, and ongoing refinement of the organization's information security strategy. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives. Perform additional duties as assigned. Minimum Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required. Minimum Experience: Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment. Certifications: Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.

Data Intelligence LLC is seeking an experienced Senior Security Systems Engineer to support one of our premier Navy customers in Dahlgren, VA. This role provides advanced cybersecurity engineering and systems security support to U.S. Navy tactical and strategic weapons programs. The successful candidate will lead efforts related to Assessment & Authorization (A&A), Risk Management Framework (RMF) implementation, vulnerability management, and secure systems design for complex afloat and shore-based systems. This position is fully on-site in Dahlgren, VA. This position is contingent upon winning contract award. Key Responsibilities Lead cybersecurity engineering and systems security integration for U.S. Navy programs, with specific focus on tactical combat and Submarine-Launched Ballistic Missile (SLBM) systems. Perform system security engineering in accordance with DoD, DON, and NIST cybersecurity policies, standards, and best practices. Execute the full lifecycle of the Systems Engineering Technical Review (SETR) process, including design, review, and validation activities. Conduct and support Assessment and Authorization (A&A) activities under RMF, ensuring systems achieve and maintain Authorization to Operate (ATO). Manage vulnerability analysis and remediation for critical Navy systems and applications. Develop and maintain System Security Plans (SSPs), Cybersecurity Strategy and Evaluation (CSSE) documentation, and related artifacts. Design and evaluate secure network architectures and system boundaries, incorporating cybersecurity technologies such as: Firewalls, Intrusion Detection/Prevention Systems (IDS/IPS) Routers, Switches, and Cross-Domain Solutions (CDS) Host-Based Security Systems (HBSS) Provide cybersecurity guidance for Platform IT (PIT) systems, supporting both land-based and afloat/tactical environments. Contribute to cybersecurity test planning, Model-Based Systems Engineering (MBSE) integration, and secure software/hardware development. Collaborate with multidisciplinary engineering teams and Navy program offices to ensure compliance with DoD cyber and safety standards. Deliver concise technical presentations and reports to senior leadership and stakeholders. Required Skills/Experience SLBM Programs: Minimum 7 years of direct experience with Submarine-Launched Ballistic Missile (SLBM) systems; OR Other Navy Programs: At least 5 years of program-specific security engineering experience with Navy afloat/tactical combat systems (e.g., Aegis, SSDS, Zumwalt); OR General Experience: 10+ years of general security engineering experience supporting DoD systems. Minimum 5 years of engineering experience on Aegis, SSDS, Zumwalt, or other Navy tactical combat systems (for at least six senior positions on this contract). Demonstrated experience in: Cybersecurity engineering and risk management DoD/Navy Assessment & Authorization (A&A) Vulnerability management across complex networked systems Proven understanding of DoD Cybersecurity policies, RMF, and Platform IT (PIT) implementation. Experience with the SSP Validator Handbook (for SLBM programs). Familiarity with combat weapons systems and afloat/tactical environments. Hands-on experience designing and assessing secure network architectures, cyber boundaries, and defense-in-depth strategies. Experience with cyber testing, test analysis, and secure computing system development. Strong written and verbal communication skills with the ability to brief senior leadership. Certifications (Required) IAT II, IAM II, or higher (e.g., Security+, CASP+, CISSP, or equivalent) NQV certification (desired, if applicable) Security Clearance Active Top Secret Clearance required; eligibility for higher-level access may be necessary based on program needs. Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

STRATEGIC STAFFING SOLUTIONS HAS AN OPENING! This is a Contract Opportunity with our company that MUST be worked on a W2 Only. No C2C eligibility for this position. Visa Sponsorship is Available! The details are below. “Beware of scams. S3 never asks for money during its onboarding process.” Job Title: Information Security Engineer- Automation (Cisco ISE) Location: Charlotte, NC 28262/ Raleigh, NC 27607 Onsite Work Contract Length: 24+ Months Pay: 75-80 an hr on W2 About the Role We are seeking a highly motivated Information Security Engineer to design and implement automation solutions that streamline and enhance management of the Cisco Identity Services Engine (ISE) platform. This role is ideal for a proactive, self-directed engineer who thrives in complex environments and enjoys building scalable, secure automation that reduces manual effort and improves operational efficiency. You will play a key role in developing automation workflows, integrating systems via APIs, and collaborating with cross-functional teams to translate business and security requirements into reliable, maintainable solutions. Key Responsibilities Design, develop, and implement automation workflows to support Cisco ISE configuration, policy updates, and operational tasks Build and maintain Python-based automation scripts and Ansible playbooks aligned with business and security requirements Develop application and system integrations using RESTful and/or SOAP APIs, including authentication mechanisms (OAuth, JWT), data transformation, and error handling Create secure, scalable API integrations with internal systems and third-party services Utilize API testing tools such as Postman and Swagger to validate functionality, performance, and security compliance Integrate automation solutions with external platforms (e.g., HashiCorp Vault) for secure credential and secrets management Develop custom tooling to simplify administrative processes and reduce manual day-to-day operational tasks Collaborate with internal stakeholders to gather requirements and deliver scalable automation solutions Document automation architecture, workflows, and usage guidelines to support maintainability and knowledge transfer Troubleshoot, optimize, and enhance automation scripts for reliability, scalability, and performance Required Qualifications Strong experience managing network infrastructure as code Advanced Python development skills Proven experience building Ansible playbooks based on business and operational requirements Hands-on experience creating and maintaining technical documentation (automation architecture, READMEs, runbooks) Ability to work independently, adapt to evolving requirements, and navigate complex or ambiguous processes with minimal supervision Nice-to-Have Qualifications Experience with Cisco Identity Services Engine (ISE) Background in network engineering or network security Work Location & Schedule This is a hybrid role requiring 3 full days per week onsite (8 hours per day) at one of the following locations:

Jr. Security Analyst Our client is currently looking for a Jr. Security Analyst to join their team in a long term contract capacity focusing on an increase in compliance and audit work heading into the new year. This person will be brought on to support an established information security and compliance team. This role is ideal for someone looking to grow in TPA (Third Party Assessment), audit support, compliance operations, NIST frameworks, and GRC practices. Below is a breakdown of what our enterprise client is looking for in their potential candidate! Key Responsibilities Support Third Party Assessments (TPAs) by gathering evidence, tracking documentation, and helping review vendor security controls. Participate in internal and external audit readiness tasks including evidence collection, control testing preparation, remediation tracking, and audit log review coordination. Assist with vulnerability scan reporting, ticket creation, and follow-up with technical teams on remediation tasks. Support intake, documentation, and status tracking of new compliance and security projects. Help maintain dashboards, risk registers, and compliance reporting metrics within the GRC tool. Participate in annual assessment activities including contingency plan exercises, incident response tests, access reviews, and other required security program tasks. Assist with audit log reviews and routine monitoring processes as assigned. Maintain structured, accurate documentation to support continuous compliance efforts. Minimum Qualifications 1-3 years of experience in security, IT, audit, or compliance support roles (internships or rotational experience accepted). Foundational knowledge of NIST frameworks, FISMA requirements, or other security compliance standards (HIPAA, SOC 2, ISO 27001 a plus). Experience with GRC platforms (ServiceNow, Archer, OneTrust, ZenGRC, etc.) OR strong interest in learning. Strong attention to detail with the ability to create, edit, and maintain structured documentation. Proficiency with Microsoft Office and basic workflow tracking tools (Excel, SharePoint, Confluence, Smartsheet, etc.). Familiarity with basic cybersecurity terminology and frameworks (e.g., CIS Controls). Experience supporting compliance evidence collection or policy documentation. Interest in security governance, risk, and compliance as a long-term career path.

Greensboro, North Carolina Contract Key Responsibilities: Zscaler Implementation: Design, implement, and manage ZPA and ZIA solutions to secure OT assets and ensure seamless access for authorized users. Security Configuration: Configure and optimize Zscaler policies to protect OT environments from external threats while maintaining operational efficiency. Collaboration: Work with internal teams (e.g., Identity and Access Management, Network Operations, Firewall, etc.) to fulfill access requests and enhance functionality of Zscaler components Stakeholder Engagement: Present to non-technical teams to explain the benefits of Zscaler Private Access, addressing concerns and demonstrating how it enhances security and accessibility. Integration Support: Collaborate with various teams to design and implement strategies for integrating Zscaler solutions into their existing environments. Monitoring and Reporting: Monitor Zscaler performance and security incidents, providing regular reports and insights to stakeholders. Training and Support: Provide training and support to team members and stakeholders on Zscaler best practices and usage. Continuous Improvement: Stay updated on the latest Zscaler features and cybersecurity trends, contributing to the continuous improvement of security processes and policies. Requirements Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. Expert-level knowledge and experience with Zscaler solutions, specifically ZPA and ZIA, in securing OT environments. Deep knowledge of network integrations, firewall traffic and rule analysis, identity management, and zero trust network access. Experience working in manufacturing environments is a plus. Excellent communication skills, with the ability to engage effectively with diverse cultures and present complex concepts to non-technical audiences. Strong analytical and problem-solving skills. A proactive attitude and a strong willingness to learn and adapt to new challenges. Thanks, Vikas. ************************

*****NO C2C OR THIRD PARTY INQUIRIES***** Senior Security Engineer 3x Per Week Onsite Minimum if Hybrid Top skills/tools, etc. that are MUST haves: Recent Palo Alto experience Palo Alto SME Nice to haves: Prisma Access Job Summary You will provide guidance and technical support to clients deploying our security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success. Your thorough understanding of our product integrations contributes to the development of new principles and concepts - providing detailed analysis around what's working, what's not, and what could be better. You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You're creative, innovative, and you love a challenge - learning how integrations might work better around new products and technologies. Responsibilities Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating Platform Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall Test and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Some travel may be required, dependent on customer request You work with the customer's security & network teams to build confidence across the business units impacted by the change to Palo Alto Networks Experience High level of experience with Panorama and log collectors NGFW Global Protect BS in Computer Science, MIS, business, or equivalent education/training/experience Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching) Minimum of 3 years' experience leading security solutions in large environments) Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products You're experienced in internetworking, LAN, and WAN technologies You have a good understanding of Internet protocols and applications Possess the following industry certifications: CISSP, CCNA, CNSE, JNCIE-SEC You effectively handle multiple projects and work calmly in high pressure

Title: Application Security Engineer Clearance Required: Public Trust Position Type: Full-Time About the company: At VivSoft, we aim to solve complex federal problems using emerging and open technologies in a collaborative and rewarding environment. VivSoft is a diverse team of strategists, engineers, designers, and creators experienced in building high performance effective softwares, with impactful organizational design and organizational dynamics for software delivery. We build secure Software Factories based on DoD reference designs and NIST Frameworks for Cloud and DevSecOps. These factories deliver AI/ML Applications, Data Science Platforms, Blockchain and Microservices for DoD, Healthcare and Civilian Agencies Job Summary: We are seeking an Application Security Engineer to support the modernization of a large-scale enterprise software development platform. This role focuses on securing CI/CD pipelines, enforcing DevSecOps best practices, and implementing automated security testing throughout the SDLC. The engineer will work closely with development and platform engineering teams to embed security into reusable templates, GitHub Actions, and deployment workflows, ensuring applications are built and deployed securely across environments. Key Responsibilities: Using GitHub Advanced security, review security findings of the organization. Review, validate, and approve request to remediate security findings. Review, validate, and approve request to dismiss security findings. Collaborate with Federal POC and FDIC security team to create and implement application security processes and standards. Identify gaps and design solutions to improve application security at the FDIC. Provide guidance to FDIC developers in regard to remediating findings when needed. Required Skills: Bachelor's degree in Computer Science, Engineering, Information Technology, or related field, or equivalent professional experience. Proficiency in at least one or two major enterprise languages (e.g., Java, .Net, C#, JavaScript) to effectively review code and understand development context. Experience integrating security tools (SAST/DAST/SCA) into CI/CD pipelines to automate vulnerability scanning. Proficient in conducting and interpreting results from SAST (Static Analysis Security Testing) DAST (Dynamic Analysis Security Testing) Manual Code Review for security flaws Deep understanding of the OWASP Top 10 and other common application security attack vectors (e.g., injection, XSS, broken access control). Knowledge of security considerations for large, complex enterprise architectures, which may include Cloud Security (AWS, Azure, or GCP), API security, and microservices.

Infosec Engineer - GRC Focus Hybrid - Atlanta, GA Contract - 6-month + extensions We're looking for a hands-on Information Security Engineer with deep GRC expertise to join a leading financial organization. This role combines technical security engineering with governance, risk, and compliance, supporting enterprise-wide compliance initiatives and automation programs. About the Role: You'll work across security and compliance domains, implementing and automating controls, integrating GRC platforms, and embedding compliance into enterprise systems. You'll support ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, and HIPAA programs while collaborating with security, IT, and business teams. Responsibilities: Lead implementation and automation of GRC platforms (RSA Archer, ServiceNow GRC, BitSight, ProcessUnity, Vanta) Develop and maintain integrations, scripts, and automation using Python, PowerShell, JavaScript, SQL, or other relevant tools Support SIEM monitoring, incident response, and technical controls aligned with compliance frameworks Embed risk and compliance controls into enterprise systems and IT processes Assist with audits, regulatory assessments, and reporting to demonstrate governance effectiveness Drive improvements in risk management processes through technology and automation Requirements: 5+ years' experience in information security engineering or technical GRC roles Hands-on experience with GRC platforms and automation (RSA Archer, ServiceNow, BitSight, etc.) Coding/scripting experience (Python, PowerShell, JavaScript, SQL) for integrations and automation Solid understanding of regulatory and compliance frameworks (ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, HIPAA) CISSP or equivalent security certification preferred Proven track record of embedding compliance into enterprise systems and leading automation initiatives If you're an experienced Infosec Engineer with a GRC background, this is a unique opportunity to combine hands-on engineering with compliance and risk leadership.

Vulnerability Management Specialist will perform the following: Defines, maintains, and enforces application security best practices Conduct vulnerability assessment and manual/automated code reviews Demonstrate vulnerabilities to application owners and provide mitigation recommendations Proficient in any SAST, DAST, and OSA tools. In depth knowledge with any programming language like Java, .NET, C#, etc. Performs and conducts penetration tests and manual/automated code reviews. Writes comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement In depth Knowledge of Secure Coding best practices and OWASP top 10, SANS 25, CVE, etc. Identify AppSec related tools/conduct tool analysis, and provide recommendations Vulnerability Management Specialist will have at least five years of working knowledge and hands-on experience with five or more of the following tools: BurpSuite, SonarQube, OWASP/Maven, Fortify, Tenable, STIG Viewer, AWS Security Hub, AWS Inspector, ePO, ServiceNow, Jira, ADO, eMASS or equivalent GRC Tools. Experience in infrastructure and container scanning Minimum Qualifications Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline and a minimum of 5 years of working knowledge and hands-on equivalent relevant experience. Candidates must have a Security+ certification or similar Candidates must have an active secret security clearance. Position requires on-site work in Alexandria VA 2-3 days/week. Other Job Specific Skills Working knowledge and hands-on experience with the following: BurpSuite SonarQube OWASP/Maven Fortify, Tenable STIG Viewer AWS Security Hub AWS Inspector ePO, ServiceNow Jira ADO eMASS or equivalent GRC Tools

Come Forge the Future of Machine Identity Security for Operational Technology & Industrial Control Systems Where: Tysons, VA (Hybrid) Supporting: Our CTO At Corsha we're not just selling software; we're fundamentally reshaping how the most critical industrial and operational technology (OT) systems are secured. We're a cyber startup in the DC area, driven by a mission to bring trust, resilience, and identity to the operational systems that power our world - from factories to power grids. We're building the future of machine identity security, and we need a dynamic technical evangelist to join our front lines. Tired of the Status Quo? Ready to Secure the Unseen? Here's your Opportunity: If you're an engineer who thrives on solving hard problems, isn't afraid to get your hands dirty with industrial control systems and sees the immense potential of cybersecurity in unconventional environments, then read on. We move fast, we build for impact, and we need a security visionary to help us secure the machines that matter most. Your Mission: Secure the Industrial Edge We're looking for an OT Security Engineer to be a foundational engineer for our Machine Identity Platform (mIDP), specifically tailored for the unique and challenging landscape of OT systems. Your mission: implement, integrate, and defend the security infrastructure that underpins our cutting-edge solutions, with a heavy emphasis on industrial control systems and OT networks. This isn't just about keeping the lights on. It's about building security architectures that are inherently secure, highly available, and resilient against the most sophisticated threats, often in environments where traditional IT paradigms simply don't apply. You'll be bridging the gap between cutting-edge cybersecurity technologies and the operational realities of factories, power plants, and critical infrastructure. What You'll Be Forging: Architect and Implement OT Security Solutions: Design, deploy, and manage secure architectures for our mIDP, specifically tailored for OT environments. This includes network segmentation, routing, switching, firewall configurations, and intrusion detection systems. ICS/OT System Integration: Be the subject matter expert for integrating our mIDP with industrial control systems. This involves understanding and working with common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). Machine Identity Integration: Collaborate closely with our product and engineering teams to integrate security configurations with our mIDP, ensuring seamless and secure authentication and authorization for OT devices and applications. OT Network Hardening: Implement and enforce robust security best practices, including vulnerability management and access control for OT networks. Troubleshooting and Optimization: Proactively monitor, troubleshoot, and resolve complex security issues across ICS and OT environments. Identify and implement optimizations to enhance system performance, reliability, and security. Automation and Tooling: Develop and implement automation scripts and tools (e.g., Python, Ansible) to streamline provisioning, configuration management, and operational tasks. Documentation and Knowledge Sharing: Create comprehensive documentation, runbooks, and contribute to internal knowledge sharing to ensure maintainability and scalability of our infrastructure. Stay Ahead of the Curve: Continuously research and evaluate new cybersecurity technologies, security trends, and best practices, particularly as they relate to OT and industrial control systems. Collaborate and Mentor: Work closely with cross-functional teams (software engineers, security analysts, product managers) and provide mentorship to junior team members. What You'll Bring: 5+ years of intense experience in OT security or a related role, with a proven track record in complex, high-performance, and high-stakes environments. Deep, demonstrable expertise in industrial control systems and OT environments. You've implemented security products and solutions in real-world ICS/OT environments. Strong proficiency in network security principles: Firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), network access control (NAC), and secure communication protocols. Extensive hands-on experience with OT network architectures and protocols. You're comfortable with physical hardware and understand the nuances of industrial networks. Rock solid understanding of cybersecurity principles: vulnerability management, threat modeling, and incident response. Empathy for OT/ICS environments: You totally get the unique security challenges of Operational Technology, and understand common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). This isn't just a "nice-to-have"; it's critical. Proficiency in scripting and automation: Python, Ansible, or similar languages for automating security provisioning and operations. A relentless problem-solver: You thrive on diagnosing and resolving intricate security issues under pressure, with an unwavering focus on root cause analysis. Exceptional communication and collaboration skills: You can articulate complex technical concepts clearly and work seamlessly with cross-functional teams. Bachelor's degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience. Self-starter with an insatiable curiosity: You're eager to learn, adapt, and drive solutions in a rapidly evolving, high-impact startup environment. Bonus Points For: Experience with specific machine identity solutions (PKI, certificates, secrets management). Hands-on experience with Kubernetes Knowledge of software-defined networking (SDN) solutions. Relevant industry certifications (e.g., CISSP, GICSP, CISM). Experience in a fast-paced startup environment. Why Forge your Path with Corsha? Real-World Impact: Your work won't just sit on a server; it will actively defend the critical operational systems that underpin our society. This is an opportunity to make a tangible, immediate difference. Bleeding Edge: Be at the forefront of securing the intersection of cybersecurity, machine identity, and OT. We're defining the future, not just following trends. Growth & Ownership: This is a startup - your contributions will directly shape our product, our culture, and our success. You'll work with incredible people that care and have impact. Culture of Innovation: Join a team of brilliant, passionate engineers dedicated to solving the hardest problems. We foster a collaborative, intellectually stimulating, and supportive environment. Competitive Compensation & Benefits: Wellness days, Generous PTO, Company-covered healthcare, 401k matching, paid parental leave, and of course snacks, lunches, and sustenance. Ready to step up and secure the critical future of identity? Join Our Mission Today. Reach out to us with your resume and why you think you'd make a stellar Corshian to *****************. We are an Equal Opportunity Employer and reasonable accommodations may be made to enable individuals with disabilities.

Job Posting Title: Cloud Security Engineer - SRE Job Profile: Technical Project Management - Advisor II We are seeking a skilled and motivated Cloud Security Engineer - SRE to join our dynamic team. The ideal candidate will possess a strong technical background in systems administration, cloud computing, and infrastructure as code, with a particular focus on solution engineering/site reliability. This role will involve collaborating with cross-functional teams to enhance our security posture and streamline processes through automation. Technical Skills • Programming and Scripting: Strong proficiency in languages like Python, Go, Bash, or Ruby. SREs often need to write automation scripts and build tooling. • Systems Administration: Deep understanding of operating systems (Linux/Unix), file systems, processes, and system configurations. • Infrastructure as Code (IaC): Experience with IaC tools like Terraform, Ansible, or Chef to manage infrastructure. • Cloud Computing: Knowledge of cloud platforms such as AWS, Azure, or Google Cloud Platform, including services like EC2, S3, Kubernetes, and serverless functions. • Containers and Orchestration: Expertise in containerization (Docker) and container orchestration (Kubernetes, OpenShift). • Networking: Understanding of networking concepts, including DNS, firewalls, load balancing, and VPNs. • Monitoring and Observability: Experience with monitoring and observability tools like Prometheus, Grafana, Datadog, or New Relic. Ability to set up and maintain monitoring dashboards, alerts, and logs. • Continuous Integration/Continuous Deployment (CI/CD): Familiarity with CI/CD tools like Jenkins, GitLab CI, GitHub Actions, or CircleCI. • A strong understanding of HashiCorp Vault and Terraform will make you stand out. 2. Problem-Solving and Troubleshooting • Incident Management: Ability to manage and respond to incidents, perform root cause analysis, and implement post-mortem reviews. • Automation: Focus on automating repetitive tasks to improve efficiency and reduce human error. • Performance Tuning: Skills in identifying and resolving performance bottlenecks in systems and applications. 3. Collaboration and Communication • Teamwork: Ability to work closely with cross-functional teams, including software engineers, product managers, and DevOps teams. • Documentation: Skill in creating clear and comprehensive documentation for systems, processes, and incident reports. • Communication: Effective communication skills for interacting with stakeholders and explaining technical concepts to non-technical audiences. 4. Reliability and Scalability • Service-Level Objectives (SLOs) and Service-Level Agreements (SLAs): Understanding of setting, monitoring, and maintaining SLOs and SLAs for system reliability. • Scalability: Knowledge of best practices for designing and scaling systems to handle increased loads and demands. • Redundancy and Resilience: Experience in designing systems with redundancy and fault tolerance to minimize downtime. 5. Security and Compliance • Security Best Practices: Understanding of security principles, such as access control, data encryption, and secure coding practices. • Compliance: Familiarity with compliance standards like GDPR, HIPAA, or PCI-DSS, depending on the industry. Minimum Job Qualifications: • Bachelor degree in business or equivalent work experience • 10 years of previous program leadership and/or relevant consulting experience • Knowledge of and demonstrated experience in program management framework, knowledge groups & life cycle • 5+ years' experience in driving large scale data center consolidation efforts • Minimum 5 years' experience with matrix management of cross-functional processes and teams • Proficient with Project Management tools

Who We Are: From Georgia. For Georgia. Since 1914 Yancey Bros. Co. has proudly served as the authorized Caterpillar equipment dealer for Georgia, providing our customers with the highest quality sales, parts and service. From Caterpillar heavy and compact construction equipment to on-highway trucks, we remain committed to learning more about our customers, offering equipment and support to keep up with their changing needs. This all starts with our greatest asset…our employees. What You Will Be Doing: As a member of IT, you will work closely with the teams of business liaisons, business analysts, and other IT staff as needed for requirements gathering, understanding business priorities, and executing given tasks. This role is pivotal in bridging the gap between business needs and technology solutions, ensuring sales and service processes are optimized and aligned with best practices, and supporting the company's Microsoft Dynamics 365 implementation journey. The individual must work effectively with others and have a team-first attitude. Primary Responsibilities: Collaborate with stakeholders across sales and service teams, procurement, operations, and IT to elicit, analyze, and document business requirements. Map current processes, identify gaps, and recommend improvements leveraging Dynamics 365 capabilities. Translate business requirements into functional specifications. Work closely with technical teams to design, configure, and test Dynamics 365 solutions that meet business objectives. Participate in the end-to-end implementation lifecycle of sales and service projects, including system configuration, data migration, user acceptance testing, and go-live activities. Develop user documentation and deliver training sessions to ensure smooth adoption of new processes and systems. Act as a liaison between business users and IT, facilitating clear communication and managing expectations throughout the project lifecycle. Monitor post-implementation performance, gather feedback, and propose enhancements to maximize the value of Dynamics 365 investments in the sales and service space. Experience with other Dynamics 365 and Azure-related platforms and products, such as Power BI and PowerApps. Additional Responsibilities: Participate in required safety program, and work in a safe manner. Additional duties as assigned by manager. Who We Are Looking For: To be successful in this position you must be highly organized, have proven experience as a Functional Analyst or Business Analyst, and a strong understanding of finance practices and processes. You should be familiar with Dynamics 365 Finance, Supply Chain, and/or Customer Engagement modules, and hands-on involvement in implementation is heavily preferred. The ability to both take direction and work with minimal supervision is required for this position as well. Education/Experience: Bachelor's degree in Business Administration, Information Systems, or a related field Required Qualifications/Skills: Must be highly organized with the ability to set priorities and be a team player with a team-first attitude Proven experience as a Functional Analyst or Business Analyst in sales and service, customer-centric areas or ERP projects Strong understanding of sales and service practices and processes Familiarity or experience with Dynamics 365 Finance and/or Customer Engagement modules is preferred Hands-on involvement in full-cycle Microsoft Dynamics 365 implementation (particularly Customer Engagement, Customer Insights, Supply Chain, Finance, or related modules) is also preferred Familiarity with Microsoft Dynamics 365 platform Proficiency in process mapping, requirements documentation, and solution design Experience with data analysis and reporting tools is a plus Proven abilities to take initiative and be innovative Proactive in learning and highly self-motivated Demonstrates commitment to customer satisfaction and ability to work in a collaborative team environment Excellent organizational and project management abilities Exceptional interpersonal, verbal, and written communication skills along with strong analytical skills required Must be able to comprehend, speak and write the English language Values: At Yancey Bros. Co, we are always looking to add people to our team who share our core values: Safety: We value the lives and health of our team and customers above all else. Integrity: We are ethical and trustworthy, demonstrate respect for others, and communicate truthfully and promptly. Teamwork: We work as one across our organization for the benefit of our customers. Excellence: We strive to be the best, continuously improving our customers' experience and the solutions we provide. Sense of Urgency: We respond quickly to customer needs and hold ourselves accountable for results. Ideal candidates will demonstrate the following values: Acting in a safe manner Exhibiting honesty and integrity Acting in a fair and ethical manner Team mentality Delivering quality results Embraces change / improvement Exhibiting superior customer service skills Exhibiting pride and ownership Working with a sense of urgency Exhibiting a winning attitude What We Offer: Yancey Bros Co offers a full benefits package that includes aggressive compensation levels, technician tool allowances, full medical, vision and dental coverage, employee wellness programs, paid vacations and more. Competitive Pay Structure Competitive Pay Individual Bonus Opportunities Available Technician Tool Allowance 401k Plan Strong Company Match Employee Profit Sharing Financial Wellness Coaching Employee Wellness Program Medical, Vision, Dental Insurance Prescription Drug Coverage Flexible Spending Accounts Short & Long Term Disability Group Life Insurance Personal Time Off Paid Holidays Paid Sick Leave Career Development Tuition Reimbursement Ongoing Training Advancement Opportunities