Information security analyst jobs in OFallon, MO

Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

Freedom Technology Solutions Groups is looking to add a Tier 3 Cyber Security Analyst to the team. The candidate will provide CSOC Tier 3 services, which is 24x7x365 coordination, execution, and implementation of all actions required for the containment, eradication, and recovery measures for events and incidents. CSOC Tier 3 services includes malware and implant analysis, and forensic artifact handling and analysis. When a CIRT is stood up, all contractors in support of CSOC Tier 3 services will be under the direct control of, and take direction from, the Government CIRT Commander. While not in a period of incident response, the Contractor shall conduct continuous exercises and dry runs to improve response outcomes in the event of a cyber-incident. All Contractor personnel performing CSOC Tier 3 services shall have or obtain, within six months of start, a certification that is compliant with DoDD 8140.01 and DoD 8570.01-M IAT Level III and CSSP Incident Responder. Job Duties: Coordinate and implement tasks, performing analysis, and building/documenting response activities required during cyber security incident response, to include but not limited to actions such as implementing containment measures, IP blocks, domain blocks, and disabling user accounts on direction of the Government. Coordinates with Security and Installations Directorate (SI) Office of Counterintelligence (SIC), Insider Threat Office (SIII), in addition to other law enforcement and counter intelligence personnel as required to perform advanced investigation and triage of incidents; Collaborates with appropriate authorities in the production of security incident reports; Categorizes incidents and events; Coordinates with other contracts, organizations, activities, and other services as appropriate to ensure incidents are properly reported, contained, and eradicated; Coordinates with other contracts, organizations, activities, and other services as appropriate to de-conflict blue / red team activity with open incidents/events; Coordinates with other contracts, organizations, activities, and services to ensure NGA recovers from an incident/event; Builds timelines, documents, briefings, and other products as required to inform stakeholders of incident response actions, analysis, and the impact of both adversary activity and blue force response actions. Documents actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed. Develops and when approved by the Government generates and updates reports in the Joint Incident Management System (JIMS), Incident Case Management System (ICMS), and/or other authorized reporting systems as directed; Develops, maintains, sustains, and when properly authorized by the Government executes custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events; Performs digital media analysis on host, server, and network data as required to analyze and respond to an incident, to include but not limited to volatile and non-volatile memory and/or system artifact collection and analysis; Develops and identifies indicators of compromise to send to Cybersecurity stakeholders and other Contract Services; Provides adversary attribution; Performs malware analysis and signature development; Coordinate with CSOC Tier 1 and 2 services to remediate all discrepancies and provide recommendations to prevent reoccurrence. Job Requirements: Bachelors Degree and or 6 years' experience in Cyber Security (CSOS) Active security clearance. DoDD 8140.01 and DoD 8570.01-M IAT Level II and CSSP Incident Responder. Provides input to and coordinates with all applicable stakeholders to develop and deliver the daily CSOC Significant Activity Report, the daily CSOC Operations Update, and the Weekly CSOC Status Report; Serve as C-IRT members as required and serve under the direct control of, and take direction from, the Government C-IRT Commander; Develop and coordinate courses of action with various Government and contract stakeholders, and when properly authorized by the Government, execute Defensive Cyberspace Operations-Internal Defensive Measures on behalf of the NGA on NGA networks and systems; Performs digital media analysis and malware reverse engineering on host, server, and network data as required to analyze and respond to an incident, to include but not limited to volatile and non-volatile memory and/or system artifact collection and analysis. When properly authorized by the Government, execute custom scripts, tools, and capabilities to collect and analyze data, and to respond to incidents/events; Develops, documents, and provides to the Government incident investigation reports which include sufficient information to document the entire lifecycle of the incident and the response, including but not limited to adversary and friendly forces activity, host and network analysis, timelines, and recommendations for corrective actions, recommendations for new Tactics, Techniques, and Procedures (TTP) and other recommendations as appropriate, within 30 days of C-IRT stand-down; Conduct Quality Control reviews of a percentage closed CSOC Tier 2 tickets each week to ensure proper analysis, categorization, documentation, and notification Preferred Qualifications: Masters degree IAT III Qualifications that are nice to have: Juniper certification What's in It for You? Flexible work environment A team mentality - work with friendly, like-minded professionals Work with innovative, cutting edge technologies Enjoy extremely competitive compensation and benefits A work-life balance you can count on Opportunities to grow and advance your career on our dime The Benefits You Get with Freedom Amazing benefits including matching 401k, fully paid medical, and more Generous paid time off - including paid site closure days Competitive salary offerings Paid training and tuition reimbursement Referral bonuses Fully paid life and disability Annual logo wear allowance Company sponsored events (game nights, holiday party, summer party, happy hours) Interested in learning more about Freedom and our culture? Contact us today! We're constantly hosting hiring events in our office and elsewhere, to help you get a sense of what life is like at Freedom before joining the team. As an Equal Opportunity Employer, we do not discriminate on the basis of race, color, religion, sex, age, marital status, disability or veteran status Applicant Federal & E-Verify Postings VEVRAA Federal Contractor Accessibility: If you need an accommodation as part of the employment process, please contact Human Resources at Phone: ************ Email: ********************* Equal Opportunity Employer, including disabled and veterans. If you want to view the EEO Law poster, please choose your language: English - Spanish - Arabic - Chinese If you want to view the EEO Law Supplement poster, please choose your language: English - Spanish - Chinese If you want to view the Pay Transparency Policy Statement, please click the link: English

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

Company: The Boeing Company The Boeing Company is looking for a highly motivated Cybersecurity - Information System Security Officer (ISSO) to join our Classified Operations Cybersecurity team based in Hazelwood, MO. This position supports Boeing's Enterprise Wide Area Network (eWAN). The selected candidate will rely on cyber security and Information Assurance (IA) background to support Enterprise activities and Boeing customers throughout multiple classified computing domains. The ISSO is responsible for maintaining and enforcing all Information System Security policies, standards, and directives to ensure assessment and authorization of information systems processing classified information. Position Responsibilities: Perform security analysis of operational and development environments, threats, vulnerabilities, and internal interfaces to define and assess compliance with accepted industry and government standards Support and implement the Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF) for new and existing information systems Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL) and support Continuous Monitoring (CONMON) Perform configuration management of assigned systems; auditing systems to ensure security posture integrity Conduct risk assessments and investigations, execute appropriate risk mitigations, and participate in incident response activities Conduct periodic hardware/software inventory assessments Interface with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements Basic Qualifications (Required Skills/Experience): IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification (i.e. CAP, Security+ CE, CISSP, CASP, CISM, GSLC) 1+ years of experience in cybersecurity 1+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs Preferred Qualifications (Desired Skills/Experience): 3+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS 3+ years of experience assessing and documenting test or analysis data to show cyber security compliance Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies . Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary pay range: $92,650 - $125,350 Language Requirements: Not Applicable Education: Bachelor's Degree or Equivalent Relocation: Relocation assistance is not a negotiable benefit for this position. Export Control Requirement: This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee. Safety Sensitive: This is not a Safety Sensitive Position. Security Clearance: This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) Visa Sponsorship: Employer will not sponsor applicants for employment visa status. Contingent Upon Award Program This position is not contingent upon program award Shift: Shift 1 (United States of America) Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. EEO is the law Boeing EEO Policy Request an Accommodation Applicant Privacy Boeing Participates in E - Verify E-Verify (English) E-Verify (Spanish) Right to Work Statement Right to Work (English) Right to Work (Spanish)

Join our dynamic and thriving company as a Data Security Analyst in St. Louis, MO where you'll have the opportunity to make an impact and shape the future of our renowned brands. If you have a passion for fashion, eager to learn and have an eye for detail, this is the perfect role for you! As a member of our team, you'll be part of a company that values results, caring and learning. What You'll Be Doing Monitor security service performance and availability: Provide recommendations on security equipment, software, and services On-going investigation: Inspect information security alarms and events to determine vulnerability and impact Implement processes: Put forth structured risk assessment processes, conducting ongoing threat and vulnerability assessments, and evaluating controls and countermeasures to mitigate risk Participate in architecture reviews: Ensure adherence to information security architecture Develop processes: Create plans for preventing, detecting, identifying, analyzing and responding to information security incidents Design and deliver programs: Create education and training programs on information security and privacy matters The Timberline Group Phone: ************ PO Box 565, Sullivan, Mo 63080 ********************* ************************* "Delivering quality solutions through quality people"

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Information Security Operations Analyst IIOverview The Security Awareness team is looking for an Information Security Operations Analyst II to drive continued improvements to the education and training offerings we have for our Mastercard colleagues. Our award winning SecurIT First program must continue to remain relevant and effective in how we keep security awareness top of mind for all employees and contingent staff. The ideal candidate is passionate about the internal customer experience, is highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In this Security Awareness position, you will: • Liaise between the Security Awareness team and all others at Mastercard. • Build new content and design awareness events to positively impact the security behaviors of Mastercard staff. • Partner with external providers to deliver effectives solutions with quality and integrity. • Manage our collaboration with the M&A Team and manage all Audit and Regulatory requests that come into our team. All About You The ideal candidate for this position should: • Possess advanced knowledge in security awareness concepts and principals. • Be comfortable meeting with business leaders to discuss and educate their teams about the desired security behaviors and how to influence and improve those behaviors. • Be able to identify appropriate security awareness solutions to further reduce the human risk at Mastercard. • Analyze, recognize and escalate trends in security behaviors and identify ways to improve our offerings. • Lead vendor relationships with those providers of contract solutions for the Security Awareness program. • A professional certification in Security Awareness is not required but highly encouraged. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard's security policies and practices; • Ensure the confidentiality and integrity of the information being accessed. • Report any suspected information security violation or breach. • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $76,000 - $127,000 USD

Compunnel Software Group is a New Jersey based premier information technology consulting & services company into this market for nearly two decades now; with close to two decades of experience in IT Industry which includes consulting, development, e-learning etc. Our company is going through a tremendous growth spurt and we are now interested in personnel like you to augment the work force in the company. We have several projects starting that we are staffing for. If you think you would like to become a consultant for Compunnel Software Group Inc ., please send me an updated copy of your resume along with a detailed summary of your work experience. I need a phone number to contact you. I look forward to possibly working with you on these positions. We offer specialized services to our clients to meet their business objectives. Successful solutions that are valued by our clients are in industry areas such as pharmaceuticals, telecommunications, banking, finance, manufacturing, publishing and consumer products. Job Description Position: Cloud Security Engineer Duration: 6+ months Location: St. Louis, MO, 63167 Must Have: Cloud Security Security Patches Cloud Security Automation Engineer Client is seeking a Cloud Security Automation Engineer with deep technical experience in securing cloud technologies. The successful candidate possesses out of the box thinking, the ability to collaboration with development team members, and experience with automation and solving end to end application/infrastructure security problems. Our mission is to design and build a highly secure cloud environment without sacrificing our developers' ability to quickly innovate and deliver world class software solutions. Responsibilities: • Define security best practices for our cloud platform and provide guidance to development teams. • Build tools to monitor for compliance of security policy and automate the resolution process. • Evangelize security throughout the enterprise and collaborate to help architect secure applications. • Research emerging technologies and build proof of concepts to investigate better ways of meeting our control objectives. • Collaborate with incident response, risk and compliance, product security and development teams to solve critical security problems. • Develop an AppSec pipeline and integrate it into the agile software development process. Required Qualifications: • BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field or equivalent experience. • At least 3 years of experience in Information Security and/or infrastructure engineering. • An accomplished security practitioner with a strong understanding of industry trends in all areas of security. • Experience with building IaaS cloud based solutions including AWS, Azure, etc.. and knowledge of their network security and IAM models. • Experience working with security vendors including evaluating and implementing new products. Desired Qualifications: • Expertise in common AWS services (CloudFormation, Route53, VPC, EC2, Lambda, etc...) and their security best practices. • Programming experience in JavaScript, Java, Scala, Python, Perl, Ruby, etc.. and their use in automating security and compliance. • Strong understanding of security technologies including host and network based protection and detection technologies. • Experience with vulnerability management (including: running vulnerability scans, creating reports, communicating with asset owners and giving remediation guidance). • Experience with continuous integration and automation tools (e.g. Jenkins, Chef, Puppet, Ansible). • Experience writing security white papers and/or presenting security products and technologies to diverse audiences. • CISSP or CSSLP (Certified Secure Software Lifecycle Professional) certification. Qualifications Must Have: Cloud Security Security Patches Additional Information All your information will be kept confidential according to EEO guidelines.

At Kelly Services, we work with the best. Our clients include 99 of the Fortune 100TM companies, and more than 70,000 hiring managers rely on Kelly annually to access the best talent to drive their business forward. If you only make one career connection today, connect with Kelly. Job Description MUST have IT Audit experience MUST have CISA (Certified Information Systems Auditor Certification) SOX Audit and compliance experience on systems / infrastructure is preferred Open to candidate that is willing to relocate to St. Louis, MO US Citizen, Green Card holder, EAD OPT only Senior IT Audit Analyst The successful candidate, will have the opportunity to work with our client whom is a reputable global provider in integrated pharmacy benefit management, cost management as well as patient-care services worldwide. 6 months contract with possibility of renewal and/or contract to hire. Position is based in St. Louis, MO. General Summary: The Senior IT Audit Analyst will be responsible of: · Carrying out audit of IT infrastructure and systems within the organization. · Perform risk assessments for sensitive internal and external systems · Ensures that the security of information systems assets is in compliance with company policies, SAS70, Sarbanes Oxley, Payment Card Industry, HIPAA, NIHB and DIACAP · Ensures that user community understands and adheres to necessary procedures to maintain security Qualifications: · Bachelor's Degree in computer related field desired · Minimum 5 years' experience in IT audit experience, preferable in IT Systems. · Must be a Certified Information Security Auditor (CISA) · Familiarity with external regulations, e.g., DIACAP, HIPAA, Sarbanes-Oxley · Strong understanding of information security principles · Excellent organizational skills and ability to communicate with internal/external entities and executives a must Additional Information Why Kelly? As a Kelly Services candidate you will have access to numerous perks, including: Exposure to a variety of career opportunities as a result of our expansive network of client companies Career guides, information and tools to help you successfully position yourself throughout every stage of your career Access to more than 3,000 online training courses through our Kelly Learning Center Group-rate insurance options available immediately upon hire* Weekly pay and service bonus plans

The position is in the Strategy, Planning and Execution (SPE) team, in the Information Risk Management (IRM) department. IRM is responsible for managing the Information Security risk for the organization. The SPE team leads the creation of the multi-year strategy and IRM roadmaps, and manages the execution of the plans. SPE also defines the corporate security standards, performs risk assessments, and measures organizational security performance. ESSENTIAL FUNCTIONS •Perform application and system risk assessments and security audits of internal and external facilities against established standards •Provides consultative advice to information security customers that enables them to make informed risk management decisions •Contribute in establishing policies and procedures necessary to ensure the security of information system assets, and to protect them from intentional or inadvertent access, disclosure, or destruction •Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., Sarbanes Oxley, HIPAA •Weigh business needs against security concerns and articulate issues and options to management •Maintains appropriate security documentation for applications and systems •Ensures that user community understands and adheres to necessary procedures to maintain security •Communicates risk assessment findings to information security “customers,” or business partners •Active participation in strategic initiatives in accordance to the IRM roadmap Qualifications QUALIFICATIONS •At least 5 years of IT experience with a Bachelor's Degree in computer related field or equivalent •At least 3 years of experience in Information Security •PC skills including knowledge of Microsoft Office •Excellent organizational skills and ability to communicate with internal/external entities and executives a must •Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities •Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve •Certification in information security (CISSP, CISM, GIAC, or equivalent) preferred Additional Information All your information will be kept confidential according to EEO guidelines.

Significance is a woman-owned consulting firm serving the federal government. We are known for building trusted relationships within our teams and with our clients and hiring the highest-level experts who implement innovative solutions. We also like to have fun! Our focus on culture has contributed to Significance being named a Washington Business Journal Best Place to Work each of the last seven years. We are seeking an IT Audit Analyst to join our program in support of USTRANSCOM at Scott AFB. Work will be performed on a hybrid basis with onsite work expected 3 days per week. In this role you will: • Conduct reviews of a designated critical feeder and core accounting systems for compliance with applicable standards, ensuring compliance with: o DoD Instruction 8510.01 o NIST 800-53 RMF o FMFIA o Federal Information System Controls Audit Manual (FISCAM)• Support with the execution of test plans to evaluate design and operating effectiveness of IT controls. As findings are addressed, the Contractor shall assist in the development of a CAP.• Provide support in reviewing and mapping the Statement on Standards for Attestation Engagements 18 reports, reviewing and testing Complimentary User Entity Controls (CUEC), and providing the test results. • Support the development of CAPs and support remediation testing for CAPs that have been implemented by the programs. The results of the CUEC reviews are reported in the timeframe and format provided by OSD.• Support with FISCAM training as requested to program managers.Required Skills/Experience Interim Secret security clearance with ability to get a fully active secret security clearance 0-3 years experience in a related position, preferably supporting DoD agencies Bachelor's Degree (Information Systems, Accounting or relevant field) Must be currently located in the St. Louis metro area and able to report to Scott AFB at least 5 days/week Desired Skills Experience (can include internships) with IT audit or internal audit in the Federal Government At Significance, your base pay is one part of your total compensation package and is determined within a range. Our pay ranges are based on the local cost of labor benchmarks for each specific role, level, and geographic location. We carefully consider a wide range of factors when determining compensation, including but not limited to experience; job-related skill sets; relevant education or training; and other business and organizational needs. The salary range listed is for the level at which this job has been scoped. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for a comprehensive and generous benefits package. We are an E-Verify Employer********************************************** Contents/E-Verify_Participation_Poster.pdf**************************************************************************************

Job Description Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Information Security Operations Analyst II Overview The Security Awareness team is looking for an Information Security Operations Analyst II to drive continued improvements to the education and training offerings we have for our Mastercard colleagues. Our award winning SecurIT First program must continue to remain relevant and effective in how we keep security awareness top of mind for all employees and contingent staff. The ideal candidate is passionate about the internal customer experience, is highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In this Security Awareness position, you will: * Liaise between the Security Awareness team and all others at Mastercard. * Build new content and design awareness events to positively impact the security behaviors of Mastercard staff. * Partner with external providers to deliver effectives solutions with quality and integrity. * Manage our collaboration with the M&A Team and manage all Audit and Regulatory requests that come into our team. All About You The ideal candidate for this position should: * Possess advanced knowledge in security awareness concepts and principals. * Be comfortable meeting with business leaders to discuss and educate their teams about the desired security behaviors and how to influence and improve those behaviors. * Be able to identify appropriate security awareness solutions to further reduce the human risk at Mastercard. * Analyze, recognize and escalate trends in security behaviors and identify ways to improve our offerings. * Lead vendor relationships with those providers of contract solutions for the Security Awareness program. * A professional certification in Security Awareness is not required but highly encouraged. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard's security policies and practices; * Ensure the confidentiality and integrity of the information being accessed. * Report any suspected information security violation or breach. * Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: * Abide by Mastercard's security policies and practices; * Ensure the confidentiality and integrity of the information being accessed; * Report any suspected information security violation or breach, and * Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $76,000 - $127,000 USD

Security analysts are responsible for analyzing system and application security and making recommendations that optimize the protection of our computer systems and information resources. Security analysts develop, test, implement and maintain security policies and programs. They are responsible for staying current on security best practices and identifying security procedures to support business objectives and regulatory compliance. Responsibilities: The Information Security Office (ISO) Regulatory Compliance team is seeking a Security Analyst 2 to actively contribute to our organization's compliance efforts. This role calls for someone who can work closely with various business units, conduct thorough assessments, and assist in crafting effective remediation plans. Key Responsibilities: As a Security Analyst 2 on the Regulatory Compliance Team, you will: Coordinate audits with external assessors (QSA) and internal stakeholders to streamline assessment process related to collecting evidences Lead the validation of PCI requirements testing results and drive compliance gap remediation efforts Create and maintain documentation to support PCI program Conduct comprehensive internal compliance assessments, identify compliance gaps, and actively participate in developing remediation plans. Collaborate closely with different business units to ensure alignment with relevant regulations and standards. Support automation efforts across the compliance function. Regularly review policies and procedures to ensure ongoing compliance with regulatory requirements. Effectively manage and prioritize multiple projects related to regulatory compliance. Stay vigilant in monitoring and tracking regulatory changes, providing teams with guidance on updating policies and procedures as needed. Be a source of guidance and support for fellow members of the compliance team. Qualifications: Required: Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future Must be committed to incorporating security into all decisions and daily job responsibilities 3+ years with leading, planning and execution of PCI assessments which includes review of control design with a focus on payment card compliance and security. Demonstrate the ability to work both independently with a strong sense of ownership and collaboratively within a team to achieve departmental and project objectives. Ability to maintain a high degree of confidentiality. Detail-oriented with strong project management skills, including project planning, directing project activities, and leading project teams. Proficient in documentation, communication skills, and a proven ability to deliver formal and informal presentations to a diverse audience. Ability to organize and prioritize multiple complex assignments and tasks for self and team members, ensuring deadlines are met. Excellent problem-solving and analytical skills, with the ability to define problems, collect data, establish facts, and draw valid conclusions. Demonstrated leadership, collaboration, and relationship management skills, representing goals within the team and outside the department. Ability to be flexible and adaptable to changing requirements and responsibilities while delivering high-quality results. Commitment to incorporating security into all decisions and daily job responsibilities. Proficiency with Microsoft Office applications, including Outlook, Word, PowerPoint, and Excel. Preferred: Bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Management Information Systems, or extensive security-related experience, or an equivalent combination of education and experience. Functional knowledge of productivity, documentation, and collaboration tools such as SharePoint, Jira, Confluence, and Jive. The Timberline Group Phone: ************ PO Box 385, Lebanon, MO 65536 ********************* ************************* "Delivering quality solutions through quality people"

Company: The Boeing Company Boeing's Proprietary Programs in the Advanced Weapons portfolio are seeking motivated and talented Mid-Level (Levels 3 or 4) Product Security Engineers in St. Charles, Missouri! These positions will support the performance of product security and cybersecurity engineering for specialized Advanced Weapons Proprietary Programs which defend the United States homeland and its regional allies all over the world. Be a part of our passionate and highly motivated team who are excited to be on the forefront of defense of our nation. Boeing offers a comprehensive benefits package including generous Paid Time Off (PTO), flexible work schedules, paid parental leave for mothers and fathers, 401k matching, tuition assistance for earning advanced degrees, and paid medical leave programs. Come Join Us and Build the Future! Primary Responsibilities: Team members will work with other industry partners in the development and execution of a comprehensive assessment program supporting the specialized Advanced Weapons Proprietary Programs in the Space, Intelligence & Weapons Systems (SIWS) organization. These individuals will act as the primary product security engineers on the program for assessing, updating, and maintaining the security posture of the programs. This team will be supporting the program's systems by interacting continuously with the cyber team compliance team to remediate any vulnerabilities found during automated or manual cyber scans. A detailed oriented individual with a strong leadership skillset is a must for this position. Assess organization-wide security and privacy risk and update assessment results on an ongoing basis. Perform system analysis and develop system test for cyber threats, cyber test activities, and the cybersecurity of large-scale events. Ensure product security engineering development lifecycle is followed, with an emphasis on clear requirements development/verification (using CAMEO). Perform criticality analysis to include the ability to work with suppliers, identify critical components, and integrating them into the overall system Perform cyber risk assessments and develop risk mitigation plans (i.e., POA&Ms, SCRM, etc.) using a variety of tools including but not limited to CAMEO. Support and facilitate various ATO/IATT packages including processing IAVMs and CTOs for the same. Perform software assurance tasks, including but not limited to software assurance risk reports. Support proposal development efforts, including but not limited to: BOE generation, GR&A development, trade study analysis. Support the engineering installation & analysis of patches and various system updates and upgrades to determine system consequence of these changes. Attend, collect data from, out brief, and facilitate collaboration and project management from various program boards. Applying Security Technical Implementation Guides (STIGs) Managing and addressing any Cyber Tasking Orders (CTOs) related to the Cyber Tools. Documentation and verification of all installation and configuration steps for the labs and operations deliveries. Providing feedback to Cyber Leadership and engineers to improve the cybersecurity tools and processes. Collaborating with local Information System Security Officers (ISSOs) to ensure compliance with relevant cybersecurity standards and regulations. Support cyber threat intelligence activities. Support the development and maintenance of cyber scanning, patching, remediation, tools and applications Support, as required, TEMPEST, DFARS, COMSEC, CNSSI, and other compliance drivers as needed. Perform and/or support the development of tools for cyber forensics Develop, define efficiencies and improvements to tools to improve team productivity Perform system analysis trade studies to define technical concepts and solutions This position is expected to be 100% onsite. The selected candidate will be required to work onsite at one of the listed location options. (St. Charles, MO.) This position requires an active Secret U.S. Security Clearance. (A U.S. Security Clearance that has been active in the past 24 months is considered active.) Basic Qualifications (Required Skills/Experience): Bachelor or Master of Science degree from an accredited course of study, in Engineering, Computer Science, Mathematics, Physics, or Chemistry. Active Secret clearance Experience using analytical, collaboration, communication and organizational skills 5 years+ experience in product security / cybersecurity engineering 5 years+ experience with industry standard cybersecurity frameworks (NIST, OWASP, DFARS) Preferred Qualifications (Desired Skills/Experience): Current DoD 8570 certification at IAT Level II / IAM Level I or higher (e.g., Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA) Experience using CAMEO (proficiency preferred) 5 years+ experience in Windows/RHEL System admin experience, installing, tuning & troubleshooting Cyber Tools to include ESS/HBSS, ConfigOS, Splunk, etc. 5 years+ experience in configuring, running, and scripting audit tools 5 years+ experience using knowledge of Software Assurance (SwA) static and/or dynamic code analysis (e.g. Fortify) Experience with Federal Information Security Management Act (FISMA)/RMF and National institute of Standards and Technology (NIST) 800-53 requirements Experience leading system and component level cyber test and evaluation, including threat and security assessments, and tabletop exercises Experienced self-starter with strong written and oral communication skills, and a focus on translating technically complex issues into simple, easy to understand concept Growing understanding of DoD defense systems architectures and communications system concepts, mission, and common system test and data analysis techniques Typical Education/Experience: Mid-Level (3): Education/experience typically acquired through advanced technical education from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), computer science, engineering data science, mathematics, physics or chemistry (e.g. Bachelor) and typically 5 or more years' related work experience or an equivalent combination of technical education and experience or non-US equivalent qualifications. In the USA, ABET accreditation is the preferred, although not required, accreditation standard. Senior Level (4): Education/experience typically acquired through advanced technical education from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), computer science, engineering data science, mathematics, physics or chemistry (e.g. Bachelor) and typically 9 or more years' related work experience or an equivalent combination of technical education and experience or non-US equivalent qualifications. In the USA, ABET accreditation is the preferred, although not required, accreditation standard. Relocation: This position offers basic relocation based on candidate eligibility. Shift: This position is for 1st shift. Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies. At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Please note that the salary information shown below is a general guideline only. Salaries are based upon candidate experience and qualifications, as well as market and business considerations. Mid-Level (3) Summary pay range: $123,250 - $166,750 Mid-Level (4) Summary pay range: $153,000- $207,000 Referrals to this job are not eligible for a monetary employee bonus. Language Requirements: Not Applicable Education: Bachelor's Degree or Equivalent Relocation: This position offers relocation based on candidate eligibility. Export Control Requirement: This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee. Safety Sensitive: This is not a Safety Sensitive Position. Security Clearance: This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) Visa Sponsorship: Employer will not sponsor applicants for employment visa status. Contingent Upon Award Program This position is not contingent upon program award Shift: Shift 1 (United States of America) Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. EEO is the law Boeing EEO Policy Request an Accommodation Applicant Privacy Boeing Participates in E - Verify E-Verify (English) E-Verify (Spanish) Right to Work Statement Right to Work (English) Right to Work (Spanish)

At Kelly Services, we work with the best. Our clients include 99 of the Fortune 100TM companies, and more than 70,000 hiring managers rely on Kelly annually to access the best talent to drive their business forward. If you only make one career connection today, connect with Kelly. Job Description MUST have IT Audit experience MUST have CISA (Certified Information Systems Auditor Certification) SOX Audit and compliance experience on systems / infrastructure is preferred Open to candidate that is willing to relocate to St. Louis, MO US Citizen, Green Card holder, EAD OPT only Senior IT Audit Analyst The successful candidate, will have the opportunity to work with our client whom is a reputable global provider in integrated pharmacy benefit management, cost management as well as patient-care services worldwide. 6 months contract with possibility of renewal and/or contract to hire. Position is based in St. Louis, MO. General Summary: The Senior IT Audit Analyst will be responsible of: · Carrying out audit of IT infrastructure and systems within the organization. · Perform risk assessments for sensitive internal and external systems · Ensures that the security of information systems assets is in compliance with company policies, SAS70, Sarbanes Oxley, Payment Card Industry, HIPAA, NIHB and DIACAP · Ensures that user community understands and adheres to necessary procedures to maintain security Qualifications: · Bachelor's Degree in computer related field desired · Minimum 5 years' experience in IT audit experience, preferable in IT Systems. · Must be a Certified Information Security Auditor (CISA) · Familiarity with external regulations, e.g., DIACAP, HIPAA, Sarbanes-Oxley · Strong understanding of information security principles · Excellent organizational skills and ability to communicate with internal/external entities and executives a must Additional Information Why Kelly? As a Kelly Services candidate you will have access to numerous perks, including: Exposure to a variety of career opportunities as a result of our expansive network of client companies Career guides, information and tools to help you successfully position yourself throughout every stage of your career Access to more than 3,000 online training courses through our Kelly Learning Center Group-rate insurance options available immediately upon hire* Weekly pay and service bonus plans

Job DescriptionSignificance is a woman-owned consulting firm serving the federal government. We are known for building trusted relationships within our teams and with our clients and hiring the highest-level experts who implement innovative solutions. We also like to have fun! Our focus on culture has contributed to Significance being named a Washington Business Journal Best Place to Work each of the last seven years. We are seeking an IT Audit Analyst to join our program in support of USTRANSCOM at Scott AFB. Work will be performed on a hybrid basis with onsite work expected 3 days per week. In this role you will: • Conduct reviews of a designated critical feeder and core accounting systems for compliance with applicable standards, ensuring compliance with: o DoD Instruction 8510.01 o NIST 800-53 RMF o FMFIA o Federal Information System Controls Audit Manual (FISCAM)• Support with the execution of test plans to evaluate design and operating effectiveness of IT controls. As findings are addressed, the Contractor shall assist in the development of a CAP.• Provide support in reviewing and mapping the Statement on Standards for Attestation Engagements 18 reports, reviewing and testing Complimentary User Entity Controls (CUEC), and providing the test results. • Support the development of CAPs and support remediation testing for CAPs that have been implemented by the programs. The results of the CUEC reviews are reported in the timeframe and format provided by OSD.• Support with FISCAM training as requested to program managers.Required Skills/Experience Interim Secret security clearance with ability to get a fully active secret security clearance 0-3 years experience in a related position, preferably supporting DoD agencies Bachelor's Degree (Information Systems, Accounting or relevant field) Must be currently located in the St. Louis metro area and able to report to Scott AFB at least 5 days/week Desired Skills Experience (can include internships) with IT audit or internal audit in the Federal Government At Significance, your base pay is one part of your total compensation package and is determined within a range. Our pay ranges are based on the local cost of labor benchmarks for each specific role, level, and geographic location. We carefully consider a wide range of factors when determining compensation, including but not limited to experience; job-related skill sets; relevant education or training; and other business and organizational needs. The salary range listed is for the level at which this job has been scoped. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for a comprehensive and generous benefits package. We are an E-Verify Employer********************************************** Contents/E-Verify_Participation_Poster.pdf************************************************************************************** We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

**Our Purpose** _Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._ **Title and Summary** Information Security Operations Analyst II Overview The Security Awareness team is looking for an Information Security Operations Analyst II to drive continued improvements to the education and training offerings we have for our Mastercard colleagues. Our award winning SecurIT First program must continue to remain relevant and effective in how we keep security awareness top of mind for all employees and contingent staff. The ideal candidate is passionate about the internal customer experience, is highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In this Security Awareness position, you will: - Liaise between the Security Awareness team and all others at Mastercard. - Build new content and design awareness events to positively impact the security behaviors of Mastercard staff. - Partner with external providers to deliver effectives solutions with quality and integrity. - Manage our collaboration with the M&A Team and manage all Audit and Regulatory requests that come into our team. All About You The ideal candidate for this position should: - Possess advanced knowledge in security awareness concepts and principals. - Be comfortable meeting with business leaders to discuss and educate their teams about the desired security behaviors and how to influence and improve those behaviors. - Be able to identify appropriate security awareness solutions to further reduce the human risk at Mastercard. - Analyze, recognize and escalate trends in security behaviors and identify ways to improve our offerings. - Lead vendor relationships with those providers of contract solutions for the Security Awareness program. - A professional certification in Security Awareness is not required but highly encouraged. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard's security policies and practices; - Ensure the confidentiality and integrity of the information being accessed. - Report any suspected information security violation or breach. - Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. **Corporate Security Responsibility** All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: + Abide by Mastercard's security policies and practices; + Ensure the confidentiality and integrity of the information being accessed; + Report any suspected information security violation or breach, and + Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. **Pay Ranges** O'Fallon, Missouri: $76,000 - $127,000 USD

Company: Tapestry - G0G Tapestry Solutions, A Boeing Company, brings over 30 years of industry experience designing, implementing, training, and supporting high-quality, cost-effective information technology and business intelligence solutions. With a dedicated team of approximately 500 professionals, we proudly serve 75 defense, commercial, and government clients across more than 50 U.S. locations and 9 countries worldwide. As a trusted partner, our employees embody our core values by consistently delivering excellence, taking full ownership, and developing innovative solutions that enable critical missions and ensure the safety of our global customers and team members. Joining Tapestry Solutions means enjoying the best of both worlds: access to the vast resources of Boeing combined with the agility and people-focused, family-oriented culture of a small business where your contributions truly matter. Tapestry Solutions, a part of Boeing Global Services (BGS), is seeking a Product Security Engineer in Hazelwood, MO for the Department of Navy Tomahawk Land-Attack Missile program. The Tomahawk program is expanding to include additional US and foreign customers and will remain relevant for many more years. This position is essential for helping Tapestry Solutions and our customers navigate this expansion. The successful candidate for the role of Product Security Engineer will play a crucial role in supporting the development, deployment, and maintenance of computing and information security requirements for the Tomahawk program, while adhering to strict government regulations. You will have the opportunity to shape and guide compliance, information security, and data protection requirements, ensuring the highest level of protection. Your expertise will be instrumental in assessing the acceptability of unique configurations and implementing robust security controls. Additionally, you will be responsible for investigating and resolving security incidents, actively participating in security policy assessments and audits, and effectively managing regulatory compliance in the dynamic field of cybersecurity. Position Responsibilities: Develops, implements, and sustains product security and resiliency throughout the requirements, design, build, test, production, operations, and support lifecycle Develops and enhances system requirements and architectures for product security to meet all applicable certification and customer requirements Ensures security of facilities, equipment, tools, data, networks, and resources used for product: design, development, build, test, storage, delivery, operations, and support Defines and identifies product security requirements for suppliers of components and subsystems for integration into Boeing products and services Coordinates with governments, customers, suppliers, and industry to identify risks and improve industry and regulatory security standards and requirements for programs and interfacing systems Conducts research and development activities resulting in innovative solutions Advises customers on maintaining product security and certification, including security consequences of modifying products and services Basic Qualifications (Required Skills/Experience): Active U.S. Secret clearance with the ability to obtain a TS/SCI Ability to travel between 10% and 30% of the time to support customers at domestic and international locations Active CompTIA Security+ Experience with the installation, configuration, maintenance, and administration of Microsoft Windows operating systems Working knowledge of PowerShell, Batch, and Bash scripting Experience in all aspects of design and implementation of cybersecurity controls, processes, and procedures Preferred Qualifications (Desired Skills/Experience): Experience with the installation, configuration, and maintenance of RedHat Enterprise Linux Working knowledge of highly available virtualization clusters and Storage Area Networks (SAN) Experience with the DoD Security Technical Implementation Guide (STIG) review process Drug Free Workplace: We are a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies. Pay & Benefits: We strive to deliver a total rewards package that will attract, engage and retain the top talent. Elements of this package include competitive base pay and variable compensation opportunities. We also provide eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location and date of hire. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary base pay range $102,000 - $130,000 Language Requirements: Not Applicable Education: Not Applicable Relocation: Relocation assistance is not a negotiable benefit for this position. Export Control Requirement: This is not an Export Control position. Safety Sensitive: This is not a Safety Sensitive Position. Security Clearance: This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) Visa Sponsorship: Employer will not sponsor applicants for employment visa status. Contingent Upon Award Program This position is not contingent upon program award Shift: Shift 1 (United States of America) Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. EEO is the law Boeing EEO Policy Request an Accommodation Applicant Privacy Boeing Participates in E - Verify E-Verify (English) E-Verify (Spanish) Right to Work Statement Right to Work (English) Right to Work (Spanish)