Information security analyst jobs in Newnan, GA

Immediate need for a talented Information Security Analyst - Lead . This is a 09+ months contract opportunity with long-term potential and is located in Atlanta,GA(Hybrid). Please review the job description below and contact me ASAP if you are interested. Job ID:25-93807 Pay Range: $68 - $68.61/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Act as a liaison between cybersecurity metric owners, data engineers, and governance teams to ensure accurate and timely metric development. Facilitate metric working sessions to define metric name, definition, calculation, system of record, and critical data elements (CDEs). Support the documentation and validation of metric logic and data lineage. Coordinate and lead standing meetings to provide updates, manage timelines, and escalate blockers or data challenges. Review and validate data quality and completeness of metric inputs in coordination with data engineers. Support the development of root cause commentary and trend analysis for metrics that breach established thresholds. Partner with control and process owners to align metrics with applicable frameworks (e.g., NIST CSF, CIS, FFIEC). Prepare clear, concise executive-level summaries and presentations on metric performance and risk trends. Maintain oversight of multiple metrics in different stages of the build lifecycle, ensuring governance and consistency. Contribute to continuous improvement of the metrics program, including standardization, automation, and data quality enhancements. Key Requirements and Technology Experience: Key Skills;Metrics governance/Risk Metrics/Performance Metrics . Bachelor's degree or five years of related experience or an equivalent combination of education and experience In-depth knowledge of principles, practices, theories, and/or methodologies associated with the professional discipline (e.g., information technology, project management, finance, risk management, etc.) Understands foundational concepts of other related professional disciplines. Experience managing small projects Ability to interpret and explain complex information to a range of audiences and build consensus among different stakeholders. Ability to provide direction and mentor less experienced teammates Strong organizational skills with the ability to manage multiple priorities simultaneously. Excellent written and verbal communication skills, including experience drafting executive summaries. Proficiency in Microsoft Excel, PowerPoint, and collaboration tools (e.g., Teams, SharePoint). 5-7 years of experience in cybersecurity, risk management, technology project coordination, or data analytics. Familiarity with cybersecurity domains (e.g., vulnerability management, DLP, IAM, cloud security, incident management). Working knowledge of risk and performance metric design, including KRIs, KPIs, and operational indicators. Experience gathering and documenting business requirements and translating them into actionable data or metric logic. Basic understanding of SQL or ability to read data dictionaries and data mappings. Exposure to cyber control frameworks such as NIST CSF, ISO 27001, or CIS. Exposure to Agile or iterative project delivery methods. Cybersecurity/Risk management Vulnerability management Stakeholder engagement . Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration. Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

Role: Cybersecurity Engineer III Contract Job Responsibilities / Typical Day in the Role Implement design reviews to evaluate security controls Identify and communicate opportunities to enhance the security posture of Client Build and / or manage enterprise security platforms effectively Communicate effectively across all levels of management to articulate Client security goals and vision. Identify and communicate opportunities to enhance the security posture of Client Build and / or manage enterprise security platforms effectively (SAAS, on premise or in Cloud) Communicate effectively across all levels of management to articulate Client security goals and vision. Have a team player mentality; strive to contribute to team cohesion however can work independently if the need arises Plan, design, engineer and implement security-related technologies Understanding technical security issues, their implications within Client business units and able to effectively communicate them to management and other business leaders. Configure, troubleshoot, and maintain security infrastructure - including software and hardware in cloud environments, as well as on-premises. Conduct security audits and assessments to regularly determine the effectiveness of security platforms and identify areas of improvement. Host and operating systems hardening, auditing, monitoring and logging with appropriate security controls and best practices while meeting security best practices and business goals Research and explore emerging security technologies and determine their appropriate use within the company. Prepare, document, and create standard operating procedures and protocols. Crosstrain and mentor other team members as needed Must Have Skills / Requirements Implementing advanced cyber security technology in a complex environment 5+ years of experience; Hands-on experience in security engineering, hands-on experience in building, designing, and maintaining enterprise security tools. Scripting experience (using Python, Go, or other equivalent languages) 5+ years of experience. Hands-on Experience with automation technologies 3+ Years of experience; Terraform, Ansible, CloudFormation, etc. Linux Experience. 5+ years of experience; Ability to construct and maintain complex network infrastructures. Technology requirements: Engineer and administer security platforms including SIEM/SOAR systems, endpoint detection and response, vulnerability management, anomaly detection, and cloud analysis. Experience in managing the Brinqa vulnerability management platform and experience with Groovy programming language Must have 5+ years of scripting experience (using Python or other equivalent languages) Hands-on Experience in public cloud infrastructures like AWS (Amazon Web Services) Nice to Have Skills / Preferred Requirements Security and Cloud certifications are a plus. (CISSP, Splunk Admin, AWS Solution architect). Media/entertainment or distributed global network experience. Soft Skills Hands-on technical experience with networking and computing system architectures, specifically, the security aspects thereof. Thorough understanding of information security principles, techniques, principles, policy frameworks, and best practices Hands-on technical experience with compliance and regulatory frameworks and how they affect architecture designs and review

Essential Duties and Responsibilities: Working with security tools and API integration work including writing scripts and development of automation around detection and remediation activities. Given the growing nature of the organization, you will work closely with other internal and external groups and may also assist in other security activities as necessary in response to assessments and/or audits. Implementing and operating vulnerability management and security log collection and monitoring tools, analyzing data from those tools and providing recommendations for security improvements to existing processes and technology, and participating in and leading incident response efforts. Identification and remediation of OS and network security weaknesses and vulnerabilities Respond to internal and/or external reports, events, and incidents (e.g. scanning, hacking, phishing) Qualifications: Bachelor's in computer science (or equivalent) degrees Minimum of 5+ years of documented information security work experience At least 5+ years of system/network security experience, including threat modeling, threat assessments, risk identification techniques, penetration testing Detailed knowledge of network and Web related protocols (e.g., TCP/IP, IPSec, HTTP, SSL, routing protocols) Atalla HSM experience (knowledge of transaction encryption) and Imperva, SecureSphere, WAF, and DB experience. Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, MDM etc. Demonstrated experience with malware remediation. Experience in one or more technical forensic tools Experience with Splunk from systems deployment and endpoint configuration to log analysis and interpretation. Ability to identify signs of intrusion or infection on a variety of systems. Expertise in administration of enterprise OS's Ability to move seamlessly between a hacker / attacker mindset and a security engineer / defender mindset Hands on experience with Nmap, vulnerability scanners, ZAP, Kali, MetaSploit, Wireshark, Kismet, Aircrack-ng Penetration testing experience Application and database security experience, including code reviews Network and security engineering experience, including log and network traffic capture analysis IT security certifications (SANS GIAC, CISSP, CCNA Security, CCNP Security, RHCSA or RHCE, MCP or MCSE ) are a plus Experience with advanced malware technologies is a plus. MerchantE does not provide visa sponsorship for this position. Candidates must be legally authorized to work in the United States without current or future sponsorship.

Apex Systems is looking to hire a Application Security Engineer for our financial client we support. Qualified candidates will have the following experience and skills: Strong experience with application security tools: DAST (e.g., Burp Suite, OWASP ZAP), SAST (e.g., Checkmarx, Veracode), and SCA (e.g., Black Duck, Snyk). Hands-on experience with container security and deployment of scanning tools (e.g., Wiz, Prisma, Aqua Security). Proficiency in scripting languages (Python, Bash, or PowerShell) for automation and tool integration. Deep understanding of secure software development lifecycle (SDLC) and common vulnerabilities (OWASP Top 10). Ability to troubleshoot complex scanning issues and optimize configurations for accuracy and performance. Strong analytical skills for vulnerability triage and risk prioritization. Excellent communication skills for consulting with development teams and explaining technical findings. Locations: MUST BE LOCATED IN ONE OF THE FOLLOWING STATES TO BE CONSIDERED - NC, SC or GA Onsite expectation: REMOTE Pay range: $80-$85/HR w2 Note: We are unable to consider C2C or third-party submissions. If you are interested, please apply here or email an updated copy of your resume to ************************ Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our ‘Welcome Packet' as well, which an Apex team member can provide. EEO Employer Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at ******************************** or ************. Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.

Prominent is looking for an Azure Cloud Security Architect for a contract to hire in Marietta/Alpharetta, Georgia. The successful Candidate will have senior level experience around design, build and deployment of technology initiatives to secure key government client's cloud environment. The selected candidate will be accountable for assisting in strategic planning and architecture and securing enterprise information by identifying network and application security requirements, implementing and testing security controls and procedures. Additionally, this role collaborates with other teams to embed security into the entire lifecycle, integrating DevSecOps principles and automation into the pipeline. No visa sponsorship is available for this opportunity! C2C or 1099 not available for this opportunity! Experience Required: 5+ years firsthand working with multiple Azure security tools and platforms such as Entra ID, Sentinel, Defender, Monitor, Key-Vault, or similar in other platforms. 5+ years managing security policies and initiatives in Azure. Identity Access and Management (IDAM) concepts, multifactor authentication, SSO/Federation Privileged Access Management (PAM) and Privileged Identity Management (PIM) key concepts Demonstrated ability to Define, Design, and configure the Azure security platforms, and function as an overall lead managing end to end security on the Azure GovCloud regions. Experience automating security baselines and policy enforcement in enterprise Azure environments. Experience automating “Policy-As-Code” using Terraform and ARM templates, with a focus on reusable module design, policy enforcement, and secure CI/CD integration. Demonstratable understanding of Information Security and Risk Management capabilities related to cloud computing across Windows and Linux, with demonstrated direct experience with the following domains: o Identity, Credential and Access Management (ICAM) o Authentication and Authorization including SSO and Identify Federation o Zero-Trust Model o Defense-In-Depth o Governance and Compliance o Securing Data o Securing the Operating System o Protecting the Network Layer o Continuous Diagnostics and Mitigation, Alerting, Audit Trail, and Incident Response o Cloud Core Platform: Compute, Storage, Networking Prior experience supporting federal, defense, or highly regulated commercial clients helpful along with the following skills: Familiarity with compliance frameworks such as FedRAMP, CMMC, FISMA and NIST 800-53. Certifications: CISSP, CCSP, Azure/AWS/Google Training and Certification Crowdstrike Falcon EDR for Azure Experience with secure baseline configurations (CIS Benchmarks, DISA STIGs) for Azure environments. Managing/maintaining FISMA compliance for a government information system in accordance with requirements from NIST. Demonstrated experience collaborating directly with external clients, business leadership, and auditors. Direct technical background, to include familiarity with servers, network devices, and security systems.

*****NO C2C OR THIRD PARTY INQUIRIES***** Senior Security Engineer 3x Per Week Onsite Minimum if Hybrid Top skills/tools, etc. that are MUST haves: Recent Palo Alto experience Palo Alto SME Nice to haves: Prisma Access Job Summary You will provide guidance and technical support to clients deploying our security integrations. You'll act as the technical partner, providing strategic guidance around complex systems to secure a digital environment. Interacting directly with the client, you'll partner closely with client personnel to guide and suggest integrations to better serve their success. Your thorough understanding of our product integrations contributes to the development of new principles and concepts - providing detailed analysis around what's working, what's not, and what could be better. You enjoy implementation work, are proactive about resolving potential concerns, and operate well around strict best practices that enable our clients on their road to a more secure digital world. You're creative, innovative, and you love a challenge - learning how integrations might work better around new products and technologies. Responsibilities Communicate with the customer(s), sales teams, peers, engineering and support teams as appropriate Understand the customer environment, requirements, and security roadmap to implement the appropriate security solution Configure, implement, and maintain Security Operating Platform Optimize and migrate policies and objects from the existing environment to our Next-Gen Firewall Test and validate the migration environment Coordinate and execute cutover to production Provide guidance on code upgrades Facilitate the development of new application and threat signatures Interact with our Technical Assistance Center (TAC) to understand and diagnose support cases Some travel may be required, dependent on customer request You work with the customer's security & network teams to build confidence across the business units impacted by the change to Palo Alto Networks Experience High level of experience with Panorama and log collectors NGFW Global Protect BS in Computer Science, MIS, business, or equivalent education/training/experience Minimum of 5 years' experience with network/security solutions and technologies (BGP, SD-WAN concepts, VXLAN and general routing and switching) Minimum of 3 years' experience leading security solutions in large environments) Detailed technical experience in the installation, configuration, and operation of high-end firewall appliances, ideally Palo Alto Networks products You're experienced in internetworking, LAN, and WAN technologies You have a good understanding of Internet protocols and applications Possess the following industry certifications: CISSP, CCNA, CNSE, JNCIE-SEC You effectively handle multiple projects and work calmly in high pressure

Infosec Engineer - GRC Focus Hybrid - Atlanta, GA Contract - 6-month + extensions We're looking for a hands-on Information Security Engineer with deep GRC expertise to join a leading financial organization. This role combines technical security engineering with governance, risk, and compliance, supporting enterprise-wide compliance initiatives and automation programs. About the Role: You'll work across security and compliance domains, implementing and automating controls, integrating GRC platforms, and embedding compliance into enterprise systems. You'll support ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, and HIPAA programs while collaborating with security, IT, and business teams. Responsibilities: Lead implementation and automation of GRC platforms (RSA Archer, ServiceNow GRC, BitSight, ProcessUnity, Vanta) Develop and maintain integrations, scripts, and automation using Python, PowerShell, JavaScript, SQL, or other relevant tools Support SIEM monitoring, incident response, and technical controls aligned with compliance frameworks Embed risk and compliance controls into enterprise systems and IT processes Assist with audits, regulatory assessments, and reporting to demonstrate governance effectiveness Drive improvements in risk management processes through technology and automation Requirements: 5+ years' experience in information security engineering or technical GRC roles Hands-on experience with GRC platforms and automation (RSA Archer, ServiceNow, BitSight, etc.) Coding/scripting experience (Python, PowerShell, JavaScript, SQL) for integrations and automation Solid understanding of regulatory and compliance frameworks (ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, HIPAA) CISSP or equivalent security certification preferred Proven track record of embedding compliance into enterprise systems and leading automation initiatives If you're an experienced Infosec Engineer with a GRC background, this is a unique opportunity to combine hands-on engineering with compliance and risk leadership.

Who We Are: From Georgia. For Georgia. Since 1914 Yancey Bros. Co. has proudly served as the authorized Caterpillar equipment dealer for Georgia, providing our customers with the highest quality sales, parts and service. From Caterpillar heavy and compact construction equipment to on-highway trucks, we remain committed to learning more about our customers, offering equipment and support to keep up with their changing needs. This all starts with our greatest asset…our employees. What You Will Be Doing: As a member of IT, you will work closely with the teams of business liaisons, business analysts, and other IT staff as needed for requirements gathering, understanding business priorities, and executing given tasks. This role is pivotal in bridging the gap between business needs and technology solutions, ensuring sales and service processes are optimized and aligned with best practices, and supporting the company's Microsoft Dynamics 365 implementation journey. The individual must work effectively with others and have a team-first attitude. Primary Responsibilities: Collaborate with stakeholders across sales and service teams, procurement, operations, and IT to elicit, analyze, and document business requirements. Map current processes, identify gaps, and recommend improvements leveraging Dynamics 365 capabilities. Translate business requirements into functional specifications. Work closely with technical teams to design, configure, and test Dynamics 365 solutions that meet business objectives. Participate in the end-to-end implementation lifecycle of sales and service projects, including system configuration, data migration, user acceptance testing, and go-live activities. Develop user documentation and deliver training sessions to ensure smooth adoption of new processes and systems. Act as a liaison between business users and IT, facilitating clear communication and managing expectations throughout the project lifecycle. Monitor post-implementation performance, gather feedback, and propose enhancements to maximize the value of Dynamics 365 investments in the sales and service space. Experience with other Dynamics 365 and Azure-related platforms and products, such as Power BI and PowerApps. Additional Responsibilities: Participate in required safety program, and work in a safe manner. Additional duties as assigned by manager. Who We Are Looking For: To be successful in this position you must be highly organized, have proven experience as a Functional Analyst or Business Analyst, and a strong understanding of finance practices and processes. You should be familiar with Dynamics 365 Finance, Supply Chain, and/or Customer Engagement modules, and hands-on involvement in implementation is heavily preferred. The ability to both take direction and work with minimal supervision is required for this position as well. Education/Experience: Bachelor's degree in Business Administration, Information Systems, or a related field Required Qualifications/Skills: Must be highly organized with the ability to set priorities and be a team player with a team-first attitude Proven experience as a Functional Analyst or Business Analyst in sales and service, customer-centric areas or ERP projects Strong understanding of sales and service practices and processes Familiarity or experience with Dynamics 365 Finance and/or Customer Engagement modules is preferred Hands-on involvement in full-cycle Microsoft Dynamics 365 implementation (particularly Customer Engagement, Customer Insights, Supply Chain, Finance, or related modules) is also preferred Familiarity with Microsoft Dynamics 365 platform Proficiency in process mapping, requirements documentation, and solution design Experience with data analysis and reporting tools is a plus Proven abilities to take initiative and be innovative Proactive in learning and highly self-motivated Demonstrates commitment to customer satisfaction and ability to work in a collaborative team environment Excellent organizational and project management abilities Exceptional interpersonal, verbal, and written communication skills along with strong analytical skills required Must be able to comprehend, speak and write the English language Values: At Yancey Bros. Co, we are always looking to add people to our team who share our core values: Safety: We value the lives and health of our team and customers above all else. Integrity: We are ethical and trustworthy, demonstrate respect for others, and communicate truthfully and promptly. Teamwork: We work as one across our organization for the benefit of our customers. Excellence: We strive to be the best, continuously improving our customers' experience and the solutions we provide. Sense of Urgency: We respond quickly to customer needs and hold ourselves accountable for results. Ideal candidates will demonstrate the following values: Acting in a safe manner Exhibiting honesty and integrity Acting in a fair and ethical manner Team mentality Delivering quality results Embraces change / improvement Exhibiting superior customer service skills Exhibiting pride and ownership Working with a sense of urgency Exhibiting a winning attitude What We Offer: Yancey Bros Co offers a full benefits package that includes aggressive compensation levels, technician tool allowances, full medical, vision and dental coverage, employee wellness programs, paid vacations and more. Competitive Pay Structure Competitive Pay Individual Bonus Opportunities Available Technician Tool Allowance 401k Plan Strong Company Match Employee Profit Sharing Financial Wellness Coaching Employee Wellness Program Medical, Vision, Dental Insurance Prescription Drug Coverage Flexible Spending Accounts Short & Long Term Disability Group Life Insurance Personal Time Off Paid Holidays Paid Sick Leave Career Development Tuition Reimbursement Ongoing Training Advancement Opportunities

A Southern Company Security Analyst participates in monitoring, hunting and responding to cyber security events. He or She, provides a front-line role during cyber security incidents, identifying the extent of the threat, business impacts and advising or sometimes performing the most suitable course of action to contain, eradicate and remediate an incident. A Southern Company Security Analyst maintains a good knowledge of the threat landscape, helps enhance visibility and response capabilities by identifying new methods of detecting threats. A Southern Company Security Analyst is proactive and seeks out adversaries determined to negatively impact Southern Companies reputation, financial interest or threatens the safety of our employees and customers. Candidates are expected to discuss and demonstrate they meet required qualifications for applicable roles. Responsibilities Take action on security events presented to Analyst via SIEM, user submissions, dashboards, etc. Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats Remain abreast of emerging threat patterns and provide recommendations to detect threats Assists with patching recommendations and workarounds for zero-day threats. Coordinate mitigation or remediations task with stakeholders or supporting teams Communicates with management on incident updates. Monitors SIEM and analyzes security events to determine appropriate actions Monitors emails containing links/attachments associated with potential phishing attempts to determine appropriate actions Identify and tune false positives associated with current security events Document analytical steps and findings associated with security event investigations Qualifications Required for Cyber Security Analyst 2 years IT security experience Minimum 2 years of experience in performing analysis on Windows and LINUX/UNIX systems Minimum 2 years of experience and/or familiarity in the following areas: Network/Endpoint: analysis tools Scripting languages Windows/Unix command line utilities Reputation analysis associated with IP's, Domains, Email Addresses Ticketing Systems Required to submit to a background examination. Experience operating within a security application such as Kali, Metasploit, and etc. Familiar with and have worked within Cyber Security Frameworks such as: NIST 800 - 61 Attack Life Cycle SANS Security Controls MITRE SANS Security 500 Series or other industry standard equivalent Experience with PCAP analysis Experience investigating endpoint and network security events Experience investigating user reported Phishing events (specifically investigating suspicious links and attachments) Experience analyzing security events utilizing sandbox technology Experience operating within a security application such as Kali, Metasploit, and etc. Oral and written communication skills Experience taking ownership of incidents from acknowledgement to resolution Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies Experience initiating security event investigations Preferred capabilities: Oral and written communication skills Ability to take ownership of incidents from acknowledgement to resolution Ability to initiate security event investigations Ability to comprehend and articulate business impact associated with security events Interacting with vendors to support proof of concepts Proficient in Microsoft Office products: Excel, Word, Outlook and etc. Exposure, experience and/or knowledge of cloud technology Familiar with NIST 800-61 and SANS Critical Security Controls Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies Desired certifications: GIAC Security Essentials (GCIH) GIAC Certified Intrusion Analyst (GCIA) Security+ Other certifications within IT Security Characteristics of an Southern Company Cyber Analyst Self-Motivated - Cyber Analysts do not only act when security tools trigger alerts, we are suspicious by nature and can generate security events based on self-initiated task. Perseverance - Cyber Analysts identify resources that allow us to move through or around barriers as we analyze cyber security events. Dependable - Cyber Analysts work within a team environment and thus, we rely on one another for knowledge-sharing and dependence. Integrity - As Cyber Analysts, our reputation is our code of ethics. We are not perfect. We admit our mistakes. We do the right thing. Sense of Humor - Although this may vary, just have one; I promise we can work with it. We have a lot of fun in what we do, so you will need a sense of humor to keep up. This position falls under the company's Insider Threat Program and will have access to, and control over sensitive data, systems or assets. Enhanced personnel screening, which includes a background review, drug screen and psychological assessment, will be required if you are selected for this position

Our technology organization is transforming how we work at Smurfit Westrock. We align with our businesses to deliver innovative solutions that: * Address specific business challenges, integrate processes, and create great experiences * Connect our work to shared goals that propel Smurfit Westrock forward in the Digital Age * Imagine how technology can advance the way we work by using disruptive technology We are looking for forward thinking technologists that can accelerate our focus areas such as building stronger foundational technology capabilities, reducing complexity, employing digital transformation concepts, and leveraging disruptive technology. How you will impact Smurfit Westrock: * Work with mill and plant engineering SMEs and operational staff to design, implement and support the security of ICS networked systems. * Participate in risk assessments, network design reviews, and security testing for networks, systems, and applications. * Evaluate new security technology & emerging threats and provide recommendations to strengthen the OT security environment. * Utilize existing and newly deployed OT security solutions to perform threat assessments, substantiate security incidents, and effectively respond. * Evaluate available vendor security solutions to determine how they should be deployed in the OT environment. * Consult on ICS security matters as needed and liaison between operations and corporate IT security teams. * Respond and participate in ICS security incident response through phases, including investigating computer and network intrusions and remediation support. * Perform proactive research to identify, categorize, and produce reports on new and existing threats. * Monitor industry ICS trends and recognize opportunities for new and emerging technologies. What you need to succeed: * Bachelor\u2019s Degree or equivalent in a related field of study (including any of the following but not limited to): Information Systems, Network or Electrical Engineering, and Information Security. * Certifications are a plus (GICSP, GRID, CISSP, Cisco, Fortinet, Palo, AWS, Azure) * 3+ years of hands-on experience within the Industrial Controls Systems environment. * 3+ years of previous experience developing and deploying mitigation techniques to defend networks. * In-depth understanding of operating systems, network/system architecture, and IT architecture design. * Experience with maintaining documents, policies, and standards governing the security operations for ICS equipment and networks. * Experience with operational technologies such as Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS). * Network and system security architecture expertise. * Experience with common security systems and vendors such as cisco, Fortinet, palo * Understanding IT and OT network communication protocols (including TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, and PROFINET). * Knowledge of IT and OT security best practices and knowledge of the differences. * Understanding threats, vulnerabilities, and exploits in ICS environments and appropriate mitigation techniques. * Superior organization and follow-up skills. * Excellent verbal and written communication skills * Strong oral and written communication skills. * Willingness to travel (up to 50%) What we offer: * Corporate culture based on loyalty, integrity, & respect. * Comprehensive training with numerous learning and development opportunities * An attractive salary reflecting skills, competencies, and potential. * A career with a global packaging company where Sustainability, Safety and Inclusion are business drivers and foundational elements of the daily work. Smurfit Westrock (NYSE:SW) is a global leader in sustainable paper and packaging solutions. We are materials scientists, packaging designers, mechanical engineers and manufacturing experts with a shared purpose: Innovate Boldly. Package Sustainably. Guided by our values of safety, loyalty, integrity, and respect, we use leading science and technology to move fiber-based packaging forward. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by state or federal law.

Reliance Worldwide Corporation Junior Cyber Security Analyst - America's Department : Information Technology Reports to: AMER Infrastructure & Operations Manager RWC is a market leader and manufacturer of water solutions for residential, commercial, and industrial applications. RWC's portfolio of brands includes industry-leading brands: SharkBite Push-to-Connect plumbing solutions; HoldRite engineered plumbing and mechanical solutions; Cash Acme control valves; John Guest fittings and fluid dispense products and EZ-FLO™ and Eastman™ appliance connectors, supply lines, stop valves and gas connectors We embrace innovation and people who like thinking outside of the norm. If you are a person who is passionate about technology, loves being innovative and wants to be part of a high growth company that is changing an industry, this could be a perfect position for you. Role Profile An entry-level cybersecurity analyst providing incident response support for a global corporate network. Primary responsibilities are real-time network monitoring, alert investigation & classification, and executing incident response following established procedures. Learn and process a wide range of potential alerts. Quickly absorb incident details to gauge severity and integrate information from multiple sources to spot trends and outliers. Monitor and work alerts in security portals (Office 365/Azure, service desk tools, EDR/XDR, and vulnerability management platforms). Monitor account access and alerts. Conduct reviews of Active Directory and other enterprise platform accounts and changes. Review and communicate vulnerability findings in assets and network devices. Assist in audit review of policies within group and region applications. Monitor, document, and process security service desk tickets and notifications. Analyse IT requirements and provide objective advice on the use of IT security requirements. Assist departments with patch management and other projects. Assist in security awareness, and phishing campaigns, coordinate new and annual video training, and participate in company security tech talks. Strong communication and customer service skills and a teamwork-oriented mindset. Troubleshoot and resolve complex problems spanning multiple infrastructure components working with colleagues around the world. Technical Skills Fundamental knowledge of all Microsoft OS platforms and the OSI model, Linux, and UNIX OS knowledge is a plus. Broad understanding of IT security and general systems infrastructure. Understanding of the TCP/IP protocol suite, networking ports, and network traffic flow. Scripting and some programming knowledge a plus. A self-motivator, willing to learn new technical skills and participate with an experienced global multi-functional IT team. Non-Technical Skills Strong initiative, demonstrated by accomplishing tasks, improving current work processes, and assisting others when necessary. This entry-level position requires curiosity, fast learning abilities, and a desire to help where needed. Willingness and ability to learn new related skills and programs as needed. High-enthusiasm, can-do attitude, creativity, initiative, and innovation. Strong ability to move fast, prioritize, and manage multiple projects at a time. Good written & verbal communication skills. Ability/learn to translate technical issues and concepts into business language. Regular and timely communication of request/incident status. Personal Qualities Multi-tasking: Ability to handle multiple tasks at any one time and prioritize effectively. Accuracy: Ability to ensure information, facts, and figures are accurate and free from mistakes. Sense of Urgency: Ability to respond as needed within an appropriate timeframe. Problem Solving: Analytical thinker with the ability to solve problems and seek support/help when needed. Organization: Ability to organize effectively. Team-Player: Ability to work both within and across teams to ensure work is completed with appropriate input from others. Decision Making: Ability to make decisions on work issues that impact the successful completion of tasks. Focus: Ability to work calmly & effectively under pressure to tight deadlines. Delivery: Delivery focused with a commitment to get the job done. Extra Mile: Going above and beyond to exceed customer expectations. Required Qualifications Education: Completed or soon to be completing tertiary studies in an IT-related field. IT and security certifications are a plus. Experience: Intern work or general IT work experience is a plus but not required. Working Conditions This position will primarily be involved in an office environment. This position is in support of a 24x7 cybersecurity and global IT operation and will be required to action alerts during weekends, and some holidays on occasion. The typical effort during a weekend involves less than one hour ensuring alerts are not malicious. Due to the global aspect of this company, some meetings occur after normal business hours (rotational for each region) to enable collaboration and communication within the IT security function. Travel will be minimal to none.

Role Value Proposition: The Incident Response Analyst will be a member of UpTime365's Global Cyber Incident Response Team. In this role, an analyst will use cutting edge tools and solutions, and collaborate with global team members across the organization to perform cyber incident response and protect UpTime365's partners against cyber threats. Key Responsibilities: Response to cyber security events and incidents by analyzing forensic data, logs, and threat intel to validate security threats, assess impact, determine root cause, and help coordinate remediation actions. Maintain awareness of emerging threats. Willingness and self -motiviation to learn and take advantage of all training opportunities provided. Perform proactive threat hunting to identify potential threats to UpTime365 and its partners. Partner with global incident response teams to coordinate global incident response. Eventual participation on a rotating on -call roster for off hour escalations. Requirements Essential Business Experience and Technical Skills: A bachelor's degree in cyber security or computer science, or 2 -4 years of combined IT and Cyber Security related work experience. 1 -3 years of experience analyzing logs (e.g. endpoint, network, identity), performing data correlation, and using SIEM or log management tools. Basic understanding of the Windows operating system and command line tools, network fundamentals, and cyber security concepts and frameworks. Scripting experience for analysis and automation of repeatable processes. Security specific certifications from SANS and other industry recognized organizations are desirable. Benefits Dental insurance Medical insurance Vision insurance 401K Paid vacation and sick leave Tuition fee reimbursement Students loan assistance

Orange Business is here! About us Join us at Orange Business! We are a network and digital integrator that understands the entire value chain of the digital world, freeing our customers to focus on the strategic initiatives that shape their business. Every day, you will collaborate with a team dedicated to providing consistent, sustainable global solutions, no matter where our customers operate. With over 30,000 employees across Asia, the Americas, Africa, and Europe, we offer a dynamic environment to develop and perfect your skills in a field filled with exciting challenges and opportunities. About the role Orange Cyberdefense specializes in the design, implementation and support of the most reliable and innovative security solutions and services - we are seeking a SOC Analyst to join our global team for a major account. As a SOC Analyst you are responsible for the detection, investigation and defense against cyber-attacks. In our SOC, you will work with security experts and use the latest technologies to analyze potential security incidents. As the team is working based on FTS (follow-the-sun) model involving Brazil, France & Malaysia teams, shift work is required for this role. Your key responsibilities as a SOC Analyst will include to: Ensure that customer environments are always protected against cyber-attacks Triage and investigate alarms generated by SIEM tools, endpoint protection tools, network anomaly detection tools, etc. by performing in-depth analysis Undertake threat hunting investigations and campaigns Escalate relevant threats to customers and providing advice based on these threats Detect anomalies and attack patterns along the entire cyber-kill chain as described by MITRE ATT&CK Support our customers during a security incident and ensure effective defense against attacks Continuously develop improvements and detection methods to optimize detections Report monthly on the status of customer environments Advice customers on cyber trends. About you Cybersecurity needs to be your passion, securing the customers assets your mission. As security is often a tradeoff between different aspects, you need to be pragmatic and result driven to get your message delivered while reducing the risk for the customer. Excellent English written/verbal and communication skills. Minimum of 2 years of experience in a similar role Experience using SIEM and/or EDR/XDR security tools - Knowledge in SPLUNK technology is a plus. A degree in Computer Science, Cyber Security, Digital Forensics or Engineering - or equivalent industry recognized certification/experience Ideally have experience with penetration testing, incident detection, incident response and malware analysis Broad knowledge on threat analysis and experience in intelligence reporting. Ideally have experience with penetration testing, incident detection, incident response and malware analysis. Ideally have certifications such as CySA+, CEH, OSCP, OSDA, Splunk Power Ideally have experience working within a SOC, if not then any experience within an IT Department providing customer support Experience in reversing malware is a plus Industry certifications like CISA, CISM, CISSP is a plus What we offer • Global Opportunities: Work in multi-national teams with opportunity to collaborate with colleagues and customers from all over the world. • Flexible Work Environment: Flexible working hours and possibility to combine work from office and home (hybrid ways of working). • Professional Development: training programs and upskilling/re-skilling opportunities. • Career Growth: Internal growth and mobility opportunities within Orange. • Caring and Daring Culture: Health and well-being programs and benefits, diversity & inclusion initiatives, CSR and employee connect events. • Reward Programs: Employee Referral Program, Change Maker Awards. Only your skills matter NA

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and JQuery mobile. Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us. We make sure that we deliver performance driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change. Job Description The candidate will be a member of the Application Security Assessment (ASA) Team enforcing Global Cyber Security & Fraud at First Data. This includes automated vulnerability scanning mixed with manual penetration testing against web-based applications, web services, and thick client applications. Job Specific Responsibilities Utilize dynamic and static application security testing tools effectively, including IBM AppScan Standard, Fortify SCA, Burp Suite Pro, and Qualys. Host developer-focused appsec training workshops on topics including secure coding and vulnerability remediation. Coordinate testing objectives, reporting deliverables, and remediation efforts as the liaison between the financial institution(s), First Data, and third-party assessors. Provide documented guidance to development teams that define effective remediation solutions for vulnerabilities. Contribute to maintaining First Data Corporation's PCI-DSS certifications through addressing regulatory requirements. Availability to work occasional off-hours to complete assessments tied to meeting critical business objectives. Interview Required: Yes Information Technology-Info Security Analyst - Information Technology-Info Security Analyst Qualifications Bachelors Degree in Information Security, Computer Science, I.T., I.S., Engineering, Analytics or equivalent. Hands on technical experience with dynamic and static security testing tools, including source code assessments. Deep analytical skills, strong out-of-the-box thinking. Ability to effectively perform detailed-oriented technical information security work on a full-time basis. Excel independently in a fast-paced environment. Effective oral and written communication skills. Preferred Qualifications Masters Degree in Information Security, Computer Science, I.T., I.S., Engineering, Analytics or equivalent. Proficient web-application developer with demonstrable knowledge of HTML, C/C++, Java, VB, Ruby, etc. CEH, Security+, GWAPT Additional Information Regards, Vikas Kumar vikas.kumar(@)360itpro.com

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. With a focus on end-to-end managed IT services, including managed mobility, cloud, cybersecurity, network operations, and application development, DMI supports public sector agencies and commercial enterprises around the globe. Recognized as a Top Workplace, DMI is committed to delivering secure, efficient, and cost-effective solutions that drive measurable results. Learn more at ************* About the Opportunity DMI, LLC is seeking a System Security Engineer to join us. Duties and Responsibilities: Security Assessment & Authorization (SA&A) Lead the preparation, submission, and lifecycle maintenance of full Certification & Accreditation (C&A) packages for ISB systems (e.g., Azure, Consolidated Statistical Platform, OCIO ISB Infrastructure Services). Develop and maintain documentation in Archer. Coordinate with CSPO to ensure federal SA&A elements are accurate, complete, and compliant. Enhanced Security Control Evaluation Audits (ESCA) Provide complete and accurate security control evidence for CSPO audits. Resolve findings and update documentation (BSI, BCP, SSP, ATT, PIA, ATO) in Archer based on CSPO review and feedback. Security Evaluation & Approvals Verify and validate security control implementations across ISB managed systems. Track vulnerabilities, remediation plans, and mitigation activities. Review and approve system configuration changes via ServiceNow or similar change control platforms. Ensure alignment with NIST 800-53a assessment procedures. Risk Management Framework (RMF) Apply ITIL processes to document security-related policies and procedures. Maintain accountability, records retention, and documentation consistent with RMF requirements. Physical Security - Data Center Access Manage and maintain Access Control Lists (ACLs) for data center smart card physical security. Federal Regulation & Compliance Ensure compliance with: Federal IT security laws OMB circulars Presidential Decision Directives (PDDs) FISMA requirements Other federal regulations and guidance Monitor CSPO alerts and implement required updates to ISB managed systems Qualifications Years of Experience and Certifications: 3+ years of experience. Proficiencies in Microsoft Word, Excel, and Adobe PDF tools. Certified Information Systems Security Professional (CISSP) is required. Required and Desired Skills: Advanced Information Security experience, including deep knowledge of NIST and/or ISO frameworks. Expertise with NIST 800-53, including control interpretation, assessment, and documentation (this constitutes ~75% of the role). Demonstrated experience writing and maintaining Security Control responses and compliance documentation. Experience with ServiceNow or similar change control systems (can be learned on the job). Experience with Archer governance, risk, and compliance (GRC) tools (can be learned on the job). Clearance Requirements: Successful completion of a Public Trust background investigation and/or a Public Trust clearance. Min Citizenship Status Required: Must be a U.S. Citizen Physical Requirements: No physical requirement is needed for this position. Location: Remote, US Working at DMI DMI is a diverse, prosperous, and rewarding place to work. Our culture is shaped by five core values that guide how we work, grow, and succeed together: Do What's Right - We lead with honesty and integrity. Own the Outcome - We take responsibility and deliver. Deliver for Our Customers - We are relentless about delivering value. Think Bold, Act Smart - We innovate with purpose. Win Together - We collaborate and celebrate our success. These values aren't just ideals-they show up in how we support every part of your well-being: Convenience/Concierge - Virtual health visits, commuter perks, pet insurance, and entertainment discounts that make life easier. Development - Annual performance reviews, tuition assistance, and internal career growth opportunities to help you thrive. Financial - Generous 401(k) matches, life and disability insurance, and financial wellness tools to support your future. Recognition - Annual awards, service anniversaries, referral bonuses, and peer-to-peer shoutouts that spotlight your achievements. Wellness - Healthcare coverage, wellness programs, flu shots, and biometric screenings to support your health. DMI values employees for their talents and contributions, and we take pride in helping our customers achieve their goals. Because when we live our values, we all win together. ***************** No Agencies Please ***************** Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.

Company Cox Automotive - USA Job Family Group Finance Job Profile Audit Analyst I Management Level Individual Contributor Flexible Work Option Hybrid - Ability to work remotely part of the week Travel % No Work Shift Day Compensation Compensation includes a base salary of $49,200.00 - $73,800.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate's knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program. Job Description Cox Automotive is seeking an IT Audit Analyst to support and monitor technology risks to the company's operations and financial statements. This individual would be responsible for gathering assurance and evidence that identified risks are appropriately defined and mitigating controls are designed and operating effectively. The ideal candidate will coordinate with other risk related groups (i.e. Information Security, Technology, etc) to ensure accuracy of financial statements and compliance with regulatory requirements and drive business ownership of internal controls. Primary Responsibilities and Essential Functions * Identify, document, assess and monitor key technology controls supporting the financial environment. * Maintain and prepare detailed and accurate documentation, including system descriptions, control descriptions, risk and control matrices, process flowcharts, and management responses and remediation. * Assess and respond to control design certification changes by updating internal controls documentation, addressing remediation needs, and collaborating with business cycle and process owners to implement effective solutions. * Conduct walkthroughs of processes and internal controls to effectively identify and validate key control activities. * Partner with the Audit team to ensure the operating effectiveness of key control activities. * Define and identify control gaps and provide recommendations (remediation/mitigation) for control process improvements. * Partner with the Information Security team to facilitate the Service Organization Control (SOC) audits and the report issuance * Monitor task status in AuditBoard (governance and risk tool) related to the design and operational effectiveness of key controls. * Effectively communicate results of activities in an accurate and concise manner verbally and in writing. * Support multiple ad-hoc projects (i.e. system implementations, risk-based projects) and tasks, ensuring each engagement is conducted efficiently and effectively. Qualifications: Minimum: * Bachelor's degree in a related discipline (Accounting, Management Information Systems, etc) and up to 2 years' experience in external audit, internal audit, SOX compliance or a related field. * Strong knowledge of Microsoft Word, Excel, and PowerPoint * Solid interpersonal, leadership, and presentation skills Preferred: * Intention of pursuing CISA or CIA certification preferred * Experience in external audit, internal audit, SOX compliance or a combination of relevant experience, education and certification Drug Testing To be employed in this role, you'll need to clear a pre-employment drug test. Cox Automotive does not currently administer a pre-employment drug test for marijuana for this position. However, we are a drug-free workplace, so the possession, use or being under the influence of drugs illegal under federal or state law during work hours, on company property and/or in company vehicles is prohibited. Benefits The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company's needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave. About Us Through groundbreaking technology and a commitment to stellar experiences for drivers and dealers alike, Cox Automotive employees are transforming the way the world buys, owns, sells - or simply uses - cars. Cox Automotive employees get to work on iconic consumer brands like Autotrader and Kelley Blue Book and industry-leading dealer-facing companies like vAuto and Manheim, all while enjoying the people-centered atmosphere that is central to our life at Cox. Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page. Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individual's age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Cox provides reasonable accommodations when requested by a qualified applicant or employee with disability, unless such accommodations would cause an undue hardship. Applicants must currently be authorized to work in the United States for any employer without current or future sponsorship.