Information Security Analyst jobs in Peachtree City, GA

Title: Sr. Security Engineer Duration: 12 Months Qualifications: 6+ years' experience with SAP Security Design, Implementation and Administration in SAP ECC required, including production support experience with specific experience with SAP Transportation Management System Proficient in SAP authorization concepts, including authorization reporting, troubleshooting transaction codes, and project implementation Strong understanding of Sarbanes Oxley legislation, risks and mitigating controls (segregation of duties, etc) Responsibilities: Responsible for the design, testing, evaluation, implementation, support, management, and deployment of security systems/devices used to safeguard the organization's information assets. Also responsible for analyzing the information security environment and assisting with the development of security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure. Works with the technical team to recover data after a security breach. Configures and installs firewalls and intrusion detection systems. Develops automation scripts to handle and track incidents. Investigates intrusion incidents, conducts forensic investigations and mounts incident responses. Delivers technical reports and formal papers on test findings. Installs firewalls, data encryption, and other security measures. Maintains access by providing information, resources, and technical support. Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements. Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations. Accomplishes information systems and organization mission by completing related results as needed. Builds, deploys, and tracks security measurements for computer systems and networks. Mitigates security vulnerabilities by implementing applicable solutions and tools. Performs vulnerability testing, risk analyses, and security assessments. Collaborates with colleagues on authentication, authorization, and encryption solutions. Tests security solutions using industry standard analysis criteria. Responds to information security issues during each stage of a project's lifecycle. Performs risk assessments and testing of data processing systems. Establishes system controls by developing framework for controls and levels of access; recommending improvements Establishes computer and terminal physical security by developing standards, policies, and procedures; coordinates with facilities security; recommends improvements. Safeguards computer files by performing regular backups; developing procedures for source code management and disaster preparedness; recommends improvements. Determines the sensitivity of the data in order to recommend the appropriate security needs. Develops proposals for, and consider cost effective equipment options to satisfy security needs. Communicates with the technical team, management team and users companywide if data security is breached. Designs infrastructure to alert the technical team of detected vulnerabilities. Evaluates new technologies and processes that enhance security capabilities. Supervises changes in software, hardware, facilities, telecommunications and user needs. Defines, implements, and maintains corporate security policies. Analyzes and advises on new security technologies and program conformance. Creates, tests, and implements network disaster recovery plans. Recommends security enhancements and purchases. Trains staff on network and information security procedures. Develops security awareness by providing orientation, educational programs, and on-going communication. Recommends modifications in legal, technical and regulatory areas that affect IT security.

Help with Configuration & setup of O9 Enterprise Modeler by creating, constructing, and modifying an Enterprise Planning Model Experience with strategic planning, financial planning, medium-term, and tactical or operational planning within Supply chain management A solid understanding of supply chain planning concepts, including network planning, Optimization, Distribution Planning, Master Planning, and Sales and operations planning (S&OP). Experience with constraint-based planning, infinite planning, and rough-cut capacity planning Experience with the entire lifecycle of a supply chain planning solution implementation, including business requirement gathering, solution design & build, UAT/SIT, go-live/cutover, and value realization. Experience using agile methodology to deliver large-scale enterprise implementations. Experience in integrating multiple ERP systems and implementing an end-to-end supply chain solution Work with cross-functional teams, IT, and business stakeholders to ensure the successful planning and execution of the project. Identify and document data requirements needed to enable aligned to-be business processes, such as network planning, inventory, Optimization, logistics, and other operations/supply chain data. Analysis of necessary data from sources like ERP systems, Data Lake, Excel sheets, and others. Where data is not available, partner with business points of contact to create missing data elements. Support the Integration strategy and workshop sessions for O9 supply planning Collaborate with project managers to document issues, risks, action items, and project team decisions from project meetings. Provide training and support to end-users on the new supply planning tools. Develop and execute projects to optimize supply chain operations and ensure alignment with business goals. Must Have Qualifications: Experience with supply chain planning tools like O9 IBP (preferred), JDA or SAP IBP, or Kinaxis Experience in configuring planning levels, attributes, master data dimensions, and batch job management Experience with gathering requirements and writing or reviewing FSD, KDD, and Solution design documents Experience with expert understanding of demand planning, statistical forecast generation, aggregation, and disaggregation.

America Networks is a leading sensor and networking solutions partner for companies in any Industrial, Manufacturing, and Waste management space. We design and manufacture sensors for storage tanks, water metering, energy metering, gas monitoring, and asset management. Our founders are hardcore telecommunications engineers with combined 200 + years of experience in designing, optimizing and performance engineering; for several mid - large wireless carriers internationally - that saw a need to provide low power, cost efficient sensors to collect data, create alerts, and predict needed actions. We have combined these sensors with low power, wide area (LPWA) networking technologies to provide clients various options to decrease re-occurring costs associated with operating an IoT network of sensors and connected devices. We specialize in design, deployment, optimization, and support of these Networks. Whether an off-the-shelf or custom solution is needed, we'll create a solution and push the data on the best cloud platform to fit your needs, including your own. Job Description The responsibility of this position includes data protection, logging and monitoring for data security of our Big Data and Enterprise Data Warehouse platforms. Tools will be used to classify column level data according to confidentiality categories. This position will also be responsible for development and deployment of advanced data science algorithms to automatically detect and alert data usage anomalies. Encryption, tokenization, data masking, etc. will be applied to data according to confidentiality levels. • B.S. or equivalent work experience • 6+ years in related discipline • Experience with all phases of the Software Development Lifecycle, including system analysis, design, coding, testing, debugging and documentation • Teamwork & collaboration skills to work across organizations and lead cross-functional teams • Communication & stakeholder management skills • Problem solving skills to develop quick yet sound solutions to resolve complex issues • Programming Language(s): KSH, JAVA • Software: SHA 256, MD5, SSH, SSL, TLS, Teradata Tools and Utilities (BTEQ, MLoad, FastExport, FastLoad, TPT, TDCH, Query Grid, etc.), Hortonworks Hadoop software (Sqoop, HIVE, HBASE, SPARK, KAFKA, Kyvos, Ranger, Knox, Kerebos, etc.), Informatica software (Secure@Source, TDM, DDM, PowerCenter, BDM, EIC, IDL, IDQ, IIS, etc.), Aster, Tableau, Cognos, Qlik and other BI tools.. AWS cloud security for Hadoop/Teradata and HPE Voltage. Demonstrated excellent teamwork and also ability to work independently with minimal supervision. Expert knowledge of the wireless industry and data management activities. Must have Hadoop and cloud security expertise with usage logging, monitoring, tokenization/encryption, access controls, and analysis. Additional Information Vivek Salvatore vivek.salvatore(@)americanetworks.com ( *************

Are you passionate about the changing threat landscape, love the challenge of understanding how the latest malware works, and can evangelize the risks and issues across a broad organization? Are you looking for a challenging leadership position that will allow you to shape the future of security across the internet? Do you thrive on working with a close-knit, highly-motivated team? Come join Lancope's threat intelligence team to help protect Lancope's customers against cyber-attacks. The successful candidate will join a global team of senior security analysts focusing on the changing threat landscape and effect on Lancope's customers. This position requires a professional with a strong security software and threat analysis background that is capable of identifying and establishing the relationships and processes within and external to Lancope to build an investigative threat research structure and flow. The team will source data across Lancope, i.e. internal product and traffic monitoring groups, as well as through external partner and qualified third-party relationships. Lancope is looking for a full time Information Security Analyst for Lancope's Threat Intelligence Team. Analysts in this role will have experience in threat research and a desire to own innovative ideas from invention, through proof-of-concept, and to deployment. Primary Responsibilities Conduct literature reviews and keep abreast of state of the hack, data sources, data analysis techniques and big data Invent and/or apply new techniques to telemetry data on a global scale and identify new security threats Develop and document proofs-of-concept (POCs) to demonstrate the efficacy, performance, and scalability of new techniques Publish and present research findings, including methodology and measured efficacy improvements Help guide the development by working with product teams Partner to turn successful POCs into product features and actionable intelligence. Education and Experience The ideal candidate for this role brings considerable experience, motivation, and organization along with both intense curiosity and desire to make an impact in internet security. Researchers in this role enjoy considerable latitude and work hands-on to complete all phases of applied research. The successful applicant will have demonstrable skills in some of the below areas: At least 2 years relevant experience Network administration, System administration (Windows or Unix) IT security with a focus on computer forensics, incident response, malicious code/exploits, anti-virus, etc. Knowledge of the current security threat landscape, especially network and web-based threats Familiar with Windows exploits, malware and malicious code trends Knowledge of TCP/IP and application in securing systems, investigating security incidents Solid understanding of computer science fundamentals, software engineering Knowledge of one or more programming/scripting languages Web application and script development Log and data analysis Strong written and verbal communication Self-motivated and highly ambitious Creative problem solving skills and excellent troubleshooting/debugging skills Excellent teamwork and people skills Ability to manage multiple tasks and work towards long-term goals Incident response experience a definitive plus

about the role Orange Cyberdefense specializes in the design, implementation and support of the most reliable and innovative security solutions and services - we are seeking a SOC Analyst to join our global team for a major account. As a SOC Analyst you are responsible for the detection, investigation and defense against cyber-attacks. In our SOC, you will work with security experts and use the latest technologies to analyze potential security incidents. As the team is working based on FTS (follow-the-sun) model involving Brazil, France & Malaysia teams, shift work is required for this role. Your key responsibilities as a SOC Analyst will include to: * Ensure that customer environments are always protected against cyber-attacks * Triage and investigate alarms generated by SIEM tools, endpoint protection tools, network anomaly detection tools, etc. by performing in-depth analysis * Undertake threat hunting investigations and campaigns * Escalate relevant threats to customers and providing advice based on these threats * Detect anomalies and attack patterns along the entire cyber-kill chain as described by MITRE ATT&CK * Support our customers during a security incident and ensure effective defense against attacks * Continuously develop improvements and detection methods to optimize detections * Report monthly on the status of customer environments * Advice customers on cyber trends. about you What you bring to the table * Cybersecurity needs to be your passion, securing the customers assets your mission. As security is often a tradeoff between different aspects, you need to be pragmatic and result driven to get your message delivered while reducing the risk for the customer. * Excellent English written/verbal and communication skills. * Minimum of 2 years of experience in a similar role * Experience using SIEM and/or EDR/XDR security tools - Knowledge in SPLUNK technology is a plus. * A degree in Computer Science, Cyber Security, Digital Forensics or Engineering - or equivalent industry recognized certification/experience * Ideally have experience with penetration testing, incident detection, incident response and malware analysis * Broad knowledge on threat analysis and experience in intelligence reporting. * Ideally have experience with penetration testing, incident detection, incident response and malware analysis. * Ideally have certifications such as CySA+, CEH, OSCP, OSDA, Splunk Power * Ideally have experience working within a SOC, if not then any experience within an IT Department providing customer support Experience in reversing malware is a plus Industry certifications like CISA, CISM, CISSP is a plus additional information Our Competitive Benefits Package Includes: * Comprehensive health coverage (medical, dental, vision) for you and your family * Financial protection: life, disability, AD&D, and business travel insurance * 401(k) plan with company match * Pre-tax savings through HSA and FSA accounts * Employee assistance program, tuition reimbursement, and adoption support * Healthy living and wellness reimbursements * Group-rate insurance options: home, auto, pet, and more * Generous PTO and paid volunteer days * Legal assistance, critical illness, hospital indemnity, and ID theft protection plans department Global Delivery & Operations Orange Business manages and integrates the complexity of international communications, freeing our customers to focus on the strategic initiatives that drive their business. Our extensive experience and knowledge in global communication solutions, together with our understanding of multinational business and local support in 166 countries and territories, ensure that our customers receive a consistent, global solution wherever they do business contract Regular

Our technology organization is transforming how we work at Smurfit Westrock. We align with our businesses to deliver innovative solutions that: * Address specific business challenges, integrate processes, and create great experiences * Connect our work to shared goals that propel Smurfit Westrock forward in the Digital Age * Imagine how technology can advance the way we work by using disruptive technology We are looking for forward thinking technologists that can accelerate our focus areas such as building stronger foundational technology capabilities, reducing complexity, employing digital transformation concepts, and leveraging disruptive technology. Location and/or Business/Division Details (if applicable) Title Principal Security Architecture, Atlanta, Georgia Position Summary: The opportunity: A Principal Security Architect plays a critical role in designing, implementing, and overseeing security strategies for enterprise environments. Responsibilities include: * Security Framework Design-establishing security architectures that align with business objectives and regulatory requirements. * Risk assessment and Mitigation-identifying vulnerabilities and developing risk mitigation standards * Enterprise security governance-Defining security policies, standards, and best practices. * Technology Selection and Implementation-evaluating and deploying security technologies such as SIEM, encryption, and identity management * Threat Modeling -Anticipate attack vectors and collaborating with the rest of IT organization * Security Analysis and advisory to the business How you will impact Smurfit Westrock: * Demonstrate a deep knowledge of all security domains. * Actively engage and lead strategic engagements with regards to both technical and business values. * Lead technical presentations with key stakeholders. * Active contributor to the internal Cloud Architecture Review Board (CARB)by participating in calls, publishing reference architectures, and creating decks and other reusable assets for technical topics. * Build relationships and establish key internal partnerships. * Monitor industry trends and recognize opportunities for new and emerging technologies. * Translate business requirements into well-architected solutions. * Document technical solutions that are aligned with critical business objectives. What you need to succeed: MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES Primary Responsibilities / Tasks: * Promotes security and privacy as a business enabler through effective partnership with product, strategy and engineering teams. * Works closely with project teams to fully understand business priorities and strategy. * Reviews solution designs and identifies opportunities for security integration. * Assigns risk-based security and privacy requirements to project teams. * Ensures solutions are secure through participation in all phases of the lifecycle, from requirements gathering to design, then implementation, followed by validation. * Works with project teams to identify and mitigate security and privacy risks. * Leads cost-risk tradeoff discussions with the project teams, helping to decide how important and at what increased cost each security requirement can be justifiably implemented. * Documents status of projects assigned security and privacy requirements including risks and exceptions. * Influences product selection and negotiates security and privacy requirements with teams and vendors. * Identifies security trends and relates to current and future needs of project teams as well as security and privacy standards. * Establishes functional goals for improving security and privacy operations and then initiates and drives team members toward achieving those goals. Delivery & Execution: * Drives configuration, debugging, and support for infrastructure * Drives field and corporate rollouts of security solutions * Drives the stand up of necessary system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs Support & Enablement: * Collaborates with product and project teams to understand needs and enable them with infrastructure * Supports technology architecture design review efforts for project and product teams * Leverages tooling and custom applications to monitor the operational status of applications, infrastructure, networks, databases, and security; optimizes and tunes performance as appropriate * Drives root cause analysis, debugging, support, and post-mortem analysis for security incidents and service interruptions * Maintains, upgrades, and supports existing systems and infrastructure to ensure operational stability * Opens and manages vendor problem tickets to resolution * Drives the production of in-house documentation around solutions * Monitors tools and proactively help teams struggling with systems issues * Provides application support for software running in production * Creates scripts and tools that drive automation and enables product teams and end users to move towards self service Learning: * Keeps abreast of innovations and industry trends as well as changes to internal systems and determines how they impact tools, training, and support necessary to keep systems up, running, and secure * Participates in and contributes to learning activities around modern systems engineering core practices (communities of practice) * Proactively view articles, tutorials, and videos to learn about new technologies and best practices being used within other technological organizations * Bachelor's Degree or in related field of study, including any of the following but not limited to: Information Systems, Network Engineering, or Information Security. * Certifications in related field, including any of the following but not limited to: CISSP, AWS Certification, Agile Certification. * Exposure to design pattern and application architecture * Ability to interpret additional computer languages and learn new ones as needed Minimum: * 5+ years of experience working in security architecture, operations, design, or development. * Strong experience across multiple security domains related to Data Protection, IT Risk, Network Security, Application Security, Security Operations, and Identity and Access Management. * Working knowledge of encryption concepts and implementation methods. * Working knowledge of remote access technologies and implementation best practices. * Knowledge of security operations including change management, incident management, configuration management, and vulnerability management. * Ability to manage multiple engagements and prioritize workload. * Expert level understanding of identity management and lifecycle, privileged access, access governance, contextual access, authorization, authentication and next generation authentication signals, access delegation, directory services, certificate lifecycle management, immutable vs mutable identifiers, and interoperability between the components * Experience with identity standards and protocols including SAML, OAuth, OIDC, SCIM * Experience with best-practice and implementation frameworks for zero trust, SSO, MFA, adaptive and risk-based authentication, ephemeral credentials, secrets management, role/attribute/policy-based access controls, and cloud native identity and access solutions * Experience implementing and integrating with enterprise-grade systems that are highly scalable, performant, reliable, and secure in global environments * Experience with published standards, guidance, best practices, profiles, and frameworks related to IAM and cyber security and practical implementation in an enterprise (NIST, ISO, SANS CIS Critical Security Controls) * Experience with at least one of the major cloud providers (AWS, Azure, GCP), cloud-native architecture, data security and integration services * Strong problem-solving skills. * Strong oral and written communication skills. Preferred: * BS/BA in a related discipline (i.e., Computer Science, Information Systems, Engineering, Business, etc.); and/or 5 years of experience in related field. * At least one relevant industry certification - CISSP, CISM, CISA, etc. * Knowledge of IT and security frameworks, such as NIST or CIS. * Experience with public cloud security architecture and solutions. * Experience with container security architecture and solutions. * Experience with integrating security with agile development teams. What we offer: * Corporate culture based on integrity, respect, accountability and excellence * Comprehensive training with numerous learning and development opportunities * An attractive salary reflecting skills, competencies and potential * A career with a global packaging company where Sustainability, Safety and Inclusion are business drivers and foundational elements of the daily work.

Role Value Proposition: The Incident Response Analyst will be a member of UpTime365's Global Cyber Incident Response Team. In this role, an analyst will use cutting edge tools and solutions, and collaborate with global team members across the organization to perform cyber incident response and protect UpTime365's partners against cyber threats. Key Responsibilities: Response to cyber security events and incidents by analyzing forensic data, logs, and threat intel to validate security threats, assess impact, determine root cause, and help coordinate remediation actions. Maintain awareness of emerging threats. Willingness and self-motiviation to learn and take advantage of all training opportunities provided. Perform proactive threat hunting to identify potential threats to UpTime365 and its partners. Partner with global incident response teams to coordinate global incident response. Eventual participation on a rotating on-call roster for off hour escalations. Requirements Essential Business Experience and Technical Skills: A bachelor's degree in cyber security or computer science, or 2-4 years of combined IT and Cyber Security related work experience. 1-3 years of experience analyzing logs (e.g. endpoint, network, identity), performing data correlation, and using SIEM or log management tools. Basic understanding of the Windows operating system and command line tools, network fundamentals, and cyber security concepts and frameworks. Scripting experience for analysis and automation of repeatable processes. Security specific certifications from SANS and other industry recognized organizations are desirable. Benefits Dental insurance Medical insurance Vision insurance 401K Paid vacation and sick leave Tuition fee reimbursement Students loan assistance

The use of IT (Information Technology) infrastructure in the company is vital for daily operation. The IS (Information Security) Specialist should Provide secure Information Technology infrastructure service to the company as well as companywide employees and staff. Role Description. Define and implement Macro (Servers, Groups and Shared resource) and Micro (Personal and Single) IT infrastructure. Analyze, Plan, Design, Develop and Implement IT Infrastructure and IT Security solutions to support company IT requirements. Analyze and prevent any Information risk ensuring the companys information integrity. Define, maintain and monitor the execution of IS and IT policies. Execute and monitor company IT/IS Compliance. Essential Duties and Responsibilities -Monitoring and maintaining computer systems and networks -Responding in a timely manner to service issues and requests -Providing technical support across the company -Support equipment repair and replacement service -Testing Benchmarking new technology -Maintain and execute IT Training program for new employs -Monitor IT/IS Infrastructure (including servers and network devices) to ensure data integrity -Reporting of daily system issues. -Analyze and propose system improvements. -Documentation related to IT/IS policies, issues, and procedures. -Participation and active analyst, designer, and developer in IT projects. -Monitoring of IT/IS infrastructure-related expenses. -Other duties as assigned. Requirements Qualifications: Listed below are the minimum and/or desired qualifications of the position including education, work experience, and knowledge & skills that are required to perform satisfactorily in the position: Education and Work Experience: -Vocational or undergraduate degree in information systems and computer science or related field. -One (1) to three (3) years of information systems, computer science and/or IT-related experience. Knowledge and Skills: -PC and Server management -IT Hardware and Software installation -Initiative skills -Problem-solving skills -Understanding of IT infrastructure and application architectures -Great Social and Communication Skills -Great Oral and Written Communication Skills -System process analysis and design capabilities/experience -Server Operating systems (Windows Server, Linux, HP-UX, Unix, Sun Solaris) -Antivirus, NAC, DLP, MDM and other IS Solutions -IS Related definition and policies (ex. ISO 27001) -Networking (Cisco/HP) and network devices (Routers and Switch) -VPN -TCP/IP, UDP, Network standards -LDAP, Active Directory and Exchange -Access Control -Security Cameras -Firewall, Web Filter and other network security appliance solutions -Database systems (SQL Server/MySQL/Oracle) and programming skill (is a plus) -MS Office skills (especially Excel skills) Physical Demands: -Position requires sitting at a desk working on a computer for at least 2/3 of time. -Position requires regular and reliable attendance. -Position requires local travel up to 10% of the time.

Location: Ideal candidates will be able to report to our Pulse Point location at 740 W. Peachtree St NW, Atlanta, GA 30308 Work Hours: Monday to Friday, 8:00 am to 5:00 pm The Security Analyst Senior coordinates and prepares the security scanning for database technologies to identify potential vulnerabilities in compliance with policy and best practice. How you will make an impact: * Work with database subject matter experts to understand database infrastructure, identify database technologies, and establish routine scanning to ensure compliance with company policy. * Represent infrastructure security support in significant projects and perform the most complex operations and administration tasks. * Oversee and serve as the technical escalation of results of preventative maintenance. * Design and analyze vendor services meeting business and information security requirements and maintain vendor relationships. * Certify that recently created databases and/or migrated databases from previous instance are scanned within enterprise service level agreement (SLA) timeline. * Document standard operating procedures (SOP), maintain and update runbook. * Report monthly certified databases, number of scans, report on the business-critical databases to enterprise. * Validate report data to ensure accuracy. * Create process flows and metrics for internal review. * Run vulnerability scans on databases before releasing to production to eliminate potential vulnerabilities and validate proper controls are in place. * Administer vulnerability and secure configuration scanning for databases and servers on premise and in the cloud. * Analyze vulnerabilities with available exploits to identify opportunities to mitigate or remediate vulnerability exposure on impacted systems. * Administer vulnerability risk assessment methodology based on Common Vulnerability Scoring System (CVSS) utilizing Qualys, Guardium and Prisma vulnerability assessment technologies. * Communicate with system owners to help support remediation of identified vulnerabilities. Minimum Requirements: Bachelor's degree in Information Systems, Computer Science, or a related field. Additional Requirements: * Three (3) years of experience working in related occupation(s). * Three (3) years of experience must include: * Three (3) years of experience with administration of database vulnerability management assessment tools. * Three (3) years of experience with performance of vulnerability assessment utilizing the Common Vulnerability Scoring System (CVSS). * Three (3) years of experience in administration of database technologies, including SQL, Oracle, and DB2. * Three (3) years of experience operating and administering infrastructure or applications with Cloud environments. * Three (3) years of experience executing activities in alignment with compliance and contractual requirements, AICPA SOC 2, Payment Card Industry Data Security Standard (PCI-DSS) and HiTrust. Alternate Education/Experience Requirements: * Employer will accept a Master's degree in Information Systems, Computer Science or a related field plus 1 year of related experience. * Must have skills listed above. SALARY: $130,105.16 per year APPLY: ********************************** Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Location: Ideal candidates will be able to report to our Pulse Point location at 740 W. Peachtree St NW, Atlanta, GA 30308 Work Hours: Monday to Friday, 8:00 am to 5:00 pm The Security Analyst Senior coordinates and prepares the security scanning for database technologies to identify potential vulnerabilities in compliance with policy and best practice. How you will make an impact: * Work with database subject matter experts to understand database infrastructure, identify database technologies, and establish routine scanning to ensure compliance with company policy. * Represent infrastructure security support in significant projects and perform the most complex operations and administration tasks. * Oversee and serve as the technical escalation of results of preventative maintenance. * Design and analyze vendor services meeting business and information security requirements and maintain vendor relationships. * Certify that recently created databases and/or migrated databases from previous instance are scanned within enterprise service level agreement (SLA) timeline. * Document standard operating procedures (SOP), maintain and update runbook. * Report monthly certified databases, number of scans, report on the business-critical databases to enterprise. * Validate report data to ensure accuracy. * Create process flows and metrics for internal review. * Run vulnerability scans on databases before releasing to production to eliminate potential vulnerabilities and validate proper controls are in place. * Administer vulnerability and secure configuration scanning for databases and servers on premise and in the cloud. * Analyze vulnerabilities with available exploits to identify opportunities to mitigate or remediate vulnerability exposure on impacted systems. * Administer vulnerability risk assessment methodology based on Common Vulnerability Scoring System (CVSS) utilizing Qualys, Guardium and Prisma vulnerability assessment technologies. * Communicate with system owners to help support remediation of identified vulnerabilities. Minimum Requirements: Bachelor's degree in Information Systems, Computer Science, or a related field. Additional Requirements: * Three (3) years of experience working in related occupation(s). * Three (3) years of experience must include: * Three (3) years of experience with administration of database vulnerability management assessment tools. * Three (3) years of experience with performance of vulnerability assessment utilizing the Common Vulnerability Scoring System (CVSS). * Three (3) years of experience in administration of database technologies, including SQL, Oracle, and DB2. * Three (3) years of experience operating and administering infrastructure or applications with Cloud environments. * Three (3) years of experience executing activities in alignment with compliance and contractual requirements, AICPA SOC 2, Payment Card Industry Data Security Standard (PCI-DSS) and HiTrust. Alternate Education/Experience Requirements: * Employer will accept a Master's degree in Information Systems, Computer Science or a related field plus 1 year of related experience. * Must have skills listed above. SALARY: $130,105.16 per year APPLY: ********************************** Job Level: Non-Management Exempt Workshift: Job Family: IFT > IT Security & Compliance Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and JQuery mobile. Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us. We make sure that we deliver performance driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change. Job Description The candidate will be a member of the Application Security Assessment (ASA) Team enforcing Global Cyber Security & Fraud at First Data. This includes automated vulnerability scanning mixed with manual penetration testing against web-based applications, web services, and thick client applications. Job Specific Responsibilities Utilize dynamic and static application security testing tools effectively, including IBM AppScan Standard, Fortify SCA, Burp Suite Pro, and Qualys. Host developer-focused appsec training workshops on topics including secure coding and vulnerability remediation. Coordinate testing objectives, reporting deliverables, and remediation efforts as the liaison between the financial institution(s), First Data, and third-party assessors. Provide documented guidance to development teams that define effective remediation solutions for vulnerabilities. Contribute to maintaining First Data Corporation's PCI-DSS certifications through addressing regulatory requirements. Availability to work occasional off-hours to complete assessments tied to meeting critical business objectives. Interview Required: Yes Information Technology-Info Security Analyst - Information Technology-Info Security Analyst Qualifications Bachelors Degree in Information Security, Computer Science, I.T., I.S., Engineering, Analytics or equivalent. Hands on technical experience with dynamic and static security testing tools, including source code assessments. Deep analytical skills, strong out-of-the-box thinking. Ability to effectively perform detailed-oriented technical information security work on a full-time basis. Excel independently in a fast-paced environment. Effective oral and written communication skills. Preferred Qualifications Masters Degree in Information Security, Computer Science, I.T., I.S., Engineering, Analytics or equivalent. Proficient web-application developer with demonstrable knowledge of HTML, C/C++, Java, VB, Ruby, etc. CEH, Security+, GWAPT Additional Information Regards, Vikas Kumar vikas.kumar(@)360itpro.com

Headquartered in suburban Atlanta, Georgia, Artivion, Inc. is a medical device company focused on developing simple, elegant solutions that address cardiac and vascular surgeons' most difficult challenges in treating patients with aortic diseases. Artivion has over 1,400 employees worldwide with sales representation in over 100 countries. The Company has manufacturing facilities located in Atlanta, Georgia, Austin, Texas and Hechingen, Germany. Additionally, it has sales and distribution offices in various countries throughout Europe, Asia, and South America. For additional information about Artivion, visit our website, ***************** Position Overview: The objective of the Senior Security Analyst position is to lead the design, implementation, and continuous improvement of enterprise security controls that protect the organization's digital assets, systems, and data. Reporting to the Cybersecurity Team Lead, the role is responsible for proactively identifying threats, mitigating risks, and ensuring the organization's cybersecurity posture aligns with business objectives and regulatory requirements. The Senior Security Engineer acts as a technical expert and key contributor to the development of a resilient, scalable, and secure IT environment while mentoring junior team members and collaborating with cross-functional teams. Responsibilities: * Proactively identify and analyze unauthorized activity (e.g., misuse, malware, intrusion attempts, phishing) on the global network and provide incident documentation. * Perform analysis of security alerts to evaluate true positive malicious risk to the business, determine containment action, and identify required preventative measures. * Perform regular vulnerability scans on network devices & web applications, provide technical & executive reports and assist with the remediation process. * Monitor identity and access management, including monitoring for abuse of permissions by authorized system users. * Assist in the completion of due diligence information security audits from third parties and clients. * Conduct regular vulnerability assessments and penetration tests. * Collaborate with IT and DevOps teams to remediate identified vulnerabilities. * Support audits and assessments related to frameworks such as ISO 27001, NIST, PCI DSS, or SOX. * Ensure security controls align with business objectives, regulatory requirements, and risk management practices. * Contribute to projects that enhance the security posture of the enterprise. * Operationalize actionable Threat Intelligence reports from internal and external sources. * Remain knowledgeable of changes in security technology, industry practices, and state & federal regulatory requirements and serve as an Information Security Subject Matter Expert (SME). * Provide technical assistance to IT staff in the detection and resolution of security incidents. * Manage end-user communication related to security awareness and manage security awareness platform. * Develop and maintain reports and dashboards for reporting on KPIs on security awareness, threats, and events. * Promote activities to foster information security awareness throughout the organization. * Creates and maintains security specific documentation. * Provides additional IT infrastructure support and project assistance as required Qualifications: * Minimum 5-7 years of experience in the field of Cybersecurity * Security Operations Center (SOC) work experience with a Bachelor's degree in computer science, information systems, or related technical discipline. * CompTIA Security+, CEH, CISSP, SSCP, CCSP or equivalent certification required. * Excellent IT skills, including knowledge of computer networks, operating systems, software, and hardware. * Web and email security systems experience required. * Nessus & Tenable.io or equivalent vulnerability management system experience required. * Anti-virus, Endpoint Detection and Response experience required. * Broad knowledge of technical security controls required. * Good oral and written communication skills. * Can effectively translate and accurately communicate security and risk implications at the most senior levels across technical and non-technical stakeholders. * This is a hybrid position that will report to our corporate headquarters in Kennesaw, GA

Headquartered in suburban Atlanta, Georgia, Artivion, Inc. is a medical device company focused on developing simple, elegant solutions that address cardiac and vascular surgeons' most difficult challenges in treating patients with aortic diseases. Artivion has over 1,400 employees worldwide with sales representation in over 100 countries. The Company has manufacturing facilities located in Atlanta, Georgia, Austin, Texas and Hechingen, Germany. Additionally, it has sales and distribution offices in various countries throughout Europe, Asia, and South America. For additional information about Artivion, visit our website, www.artivion.com. Position Overview: The objective of the Senior Security Analyst position is to lead the design, implementation, and continuous improvement of enterprise security controls that protect the organization's digital assets, systems, and data. Reporting to the Cybersecurity Team Lead, the role is responsible for proactively identifying threats, mitigating risks, and ensuring the organization's cybersecurity posture aligns with business objectives and regulatory requirements. The Senior Security Engineer acts as a technical expert and key contributor to the development of a resilient, scalable, and secure IT environment while mentoring junior team members and collaborating with cross-functional teams. Responsibilities: Proactively identify and analyze unauthorized activity (e.g., misuse, malware, intrusion attempts, phishing) on the global network and provide incident documentation. Perform analysis of security alerts to evaluate true positive malicious risk to the business, determine containment action, and identify required preventative measures. Perform regular vulnerability scans on network devices & web applications, provide technical & executive reports and assist with the remediation process. Monitor identity and access management, including monitoring for abuse of permissions by authorized system users. Assist in the completion of due diligence information security audits from third parties and clients. Conduct regular vulnerability assessments and penetration tests. Collaborate with IT and DevOps teams to remediate identified vulnerabilities. Support audits and assessments related to frameworks such as ISO 27001, NIST, PCI DSS, or SOX. Ensure security controls align with business objectives, regulatory requirements, and risk management practices. Contribute to projects that enhance the security posture of the enterprise. Operationalize actionable Threat Intelligence reports from internal and external sources. Remain knowledgeable of changes in security technology, industry practices, and state & federal regulatory requirements and serve as an Information Security Subject Matter Expert (SME). Provide technical assistance to IT staff in the detection and resolution of security incidents. Manage end-user communication related to security awareness and manage security awareness platform. Develop and maintain reports and dashboards for reporting on KPIs on security awareness, threats, and events. Promote activities to foster information security awareness throughout the organization. Creates and maintains security specific documentation. Provides additional IT infrastructure support and project assistance as required Qualifications: Minimum 5-7 years of experience in the field of Cybersecurity Security Operations Center (SOC) work experience with a Bachelor's degree in computer science, information systems, or related technical discipline. CompTIA Security+, CEH, CISSP, SSCP, CCSP or equivalent certification required. Excellent IT skills, including knowledge of computer networks, operating systems, software, and hardware. Web and email security systems experience required. Nessus & Tenable.io or equivalent vulnerability management system experience required. Anti-virus, Endpoint Detection and Response experience required. Broad knowledge of technical security controls required. Good oral and written communication skills. Can effectively translate and accurately communicate security and risk implications at the most senior levels across technical and non-technical stakeholders. This is a hybrid position that will report to our corporate headquarters in Kennesaw, GA

Responsible for providing digital forensics, monitoring and compliance related to relevant requirements as requested by the CISO or the legal department. Ensure compliance with all relevant internal instructions and external regulatory compliance standards, including the management of operational risk and adherence to Company Code of Conduct and behaviors. **Major Tasks, Responsibilities, and Key Accountabilities** + Oversees and performs computer forensic services including digital evidence collection, preservation, analysis, data recovery, tape back-up and recovery, electronic mail extraction, database examination and address relevant situational requirements. + Performs comprehensive technical analyses and interpretations of computer-related evidence such as e-mail, accounting software, various databases, and information stored on electronic devices. + Communicates effectively with internal customers and stakeholders about investigation status, information security capabilities and counsels requestors on information security guidelines, policies and procedures. + Interviews witnesses who have contravened regulations and generates actionable reports. + Keeps data in correct format, restores files and catalogue data and maintains strict confidentiality at all times. + Maintains detailed written work logs and case documentation following forensic procedures. + Utilizes various monitoring and filtering tools to measure and report on the state of security compliance. + Ensures all lab hardware and software are verified and validated as required by various rules of evidence. **Nature and Scope** + Solutions require analysis and investigation. + Achieves planned results by decisions and actions based on professional methods, business principles, and practical experience. + Manages a group or team of professional individual contributors and/or indirectly supervises support staff. **Work Environment** + Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. + Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. + Typically requires overnight travel less than 10% of the time. **Education and Experience** + Typically requires BS/BA in a related discipline. Generally 7+ years of experience in a related field. May require certification. Advanced degree may offset less experience in some disciplines. **Our Goals for Diversity, Equity, and Inclusion** We are committed to creating a culture that promotes equity, respect, and advocacy for every HD Supply associate. We value the diversity of our people. **Equal Employment Opportunity** HD Supply is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. HD Supply is an Equal Opportunity Minority/Female/Individuals with Disabilities/Protected Veteran and Affirmative Action Employer. HD Supply considers for employment and hires qualified candidates without regard to age, race, religion, color, sex, sexual orientation, gender, gender identity, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law.

THE FIRM As a leading international law firm, we are dedicated to excellence through impactful communication, collaboration, and community involvement. Our company culture has earned us one of the "100 Best Companies to Work For" for 26 consecutive years. This honor, along with many others, highlights our commitment to innovation and professional development. At Alston & Bird LLP, our foundation is made of trust, reliability, and compassion. JOB DESCRIPTION Are you passionate about shaping the future of cybersecurity from a strategic lens? As part of our Information Security Governance team, you'll help steer the ship-not just keep it afloat. Under the guidance of experienced leaders, you'll dive into a variety of impactful initiatives that strengthen our firm's security posture. Your mission? Evaluate and manage third-party vendor risks with a sharp eye for detail. Lead the charge on client security assessments and ensure smooth, transparent communication. Track and support remediation efforts that keep our risk profile in check. Continuously monitor vendor performance and compliance. Expand and evolve our governance program to meet tomorrow's challenges. Design and deliver engaging security awareness education that sticks. This role is all about driving the firm's Information Security Governance, Risk, and Compliance (GRC) program forward-with purpose, creativity, and a touch of fun. Are you ready to take on the challenge and help us stay ahead of the curve? Apply now and make a difference! ESSENTIAL DUTIES 1. Third-Party Risk Management: Conduct comprehensive risk assessments of vendors, focusing on security measures and compliance with information security/cybersecurity frameworks. Evaluate vendors' IT and information security systems to identify potential risks and vulnerabilities. Develop and implement vendor risk management policies and procedures. Collaborate with procurement and legal teams to ensure vendor contracts include necessary risk mitigation clauses. Monitor vendors' performance and compliance with contractual obligations. Prepare reports, summaries, and metrics on third-party security assessments to stakeholders. Analyze and interpret third-party security assessment findings and provide recommendations and remediation plans to mitigate identified risks. Monitor and track third-party risk issues, ensuring timely resolution and appropriate risk mitigation actions. 2. Client Security Assessments: Coordinate responses to client security inquiries. Prepare thorough responses based on details of our technical and policy environment. Collect and/or prepare evidence as necessary. Communicate progress to team members and clients. 3. Governance Program Support: Manage and monitor configurations related to Firm policies, client-specific policies, and/or product-specific policies. Identify and recommend enforcement capabilities. Coordinate establishment of necessary controls. Manage exceptions and exclusions. Support governance initiatives and special projects of other teams as required. Maintain current knowledge of industry-recognized risks, possible security vulnerabilities, and current security solutions. Remain aware of industry standards, compliance, regulation requirements, and best practices. Recommend and/or support certification efforts. Identify, develop, and document policies and procedures. 4. Security Awareness and Education: Assist in the development and delivery of security awareness training. Support the firm's secured File Transfer Protocol (FTP) system. Monitor software installations to ensure compliance with firm policy. SKILLS, EXPERIENCE, AND INTERESTS Governance and Compliance: Thorough understanding of governance concepts, approaches, controls, and frameworks (ISO27000, NIST CSF, SOC 1 and SOC 2 Type I and II, etc.). Familiarity with relevant laws and regulation requirements (HIPAA, state privacy laws, EU privacy, GDPR, etc.). Experience in compliance, risk assessments, investigations, or other forensic reviews. Technical Skills: Strong understanding of IT systems and information security practices, including enterprise IT infrastructure and architecture, operating systems, servers, web applications, endpoint and network security, identity and access management, security protocols, cloud security, cryptography, secure coding, SSDLC, penetration testing, vulnerability management, patch management, SIEM, etc. Solid understanding of cloud vendors and the varying responsibilities between IaaS, PaaS, SaaS, etc. Analytical and Communication Skills: Very strong professional verbal and written communication skills, explaining technical information to clients, vendors, senior management, and staff (both technical and non-technical). Ability to identify and evaluate vendor risks. Ability to analyze complex data to make risk-related decisions. Project Management and Organizational Skills: Ability to multitask and switch focus among multiple different efforts quickly. Excellent organizational and self-management skills. Strong project management skills and experience. EDUCATION AND EXPERIENCE Required: Prior risk, compliance or governance experience. Up to 2+ years of experience in governance, risk or compliance. Prior third-party risk management experience. Preferred: Bachelor's degree in information security governance, risk, compliance, or IT-related majors. Applicable certification (CISA, Security+, CISSP, CGEIT, or similar). Prior technical experience. Experience in heavily regulated industries. EQUAL OPPORTUNITY EMPLOYER Alston & Bird LLP is an Equal Opportunity Employer does not discriminate on the bases of any status protected under federal, state, or local law. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law on the basis of race, color, religion, sex, age, sexual orientation, gender identity and/or expression, national origin, veteran status or disability in relation to our recruiting, hiring, and promoting practices. The statements contained in this position description are not necessarily all-inclusive, additional duties and responsibilities may be assigned, and requirements may vary from time to time. Professional business references and a background screening will be required for all final applicants selected for a position. If you need assistance or an accommodation due to a disability you may contact **************************. Alston & Bird is not currently accepting resumes from agencies for this position. If you are a recruiter, search firm, or employment agency, you will not be compensated in any way for your referral of a candidate even if Alston & Bird hires the candidate.

PurpleBox is the leading technology consulting company that focuses on solving business problems utilizing new technologies. We provide Cybersecurity, Cloud Computing, and DevOps consulting services that help businesses manage their business risk more effectively. Job Description Multiple Information Security Risk and Compliance Positions are available. Entry-level to mid-senior level Internship, Part-Time, Full Time We are seeking to hire multiple Information Security, Risk, and Compliance professionals to work with our customers on risk assessment, compliance, and cybersecurity projects. As part of project delivery teams, these professionals are responsible for the execution, monitoring, and enforcement of the information security governance, risk management, and compliance projects. The successful candidate will oversee day to day execution of operational information security risk and compliance initiatives at PurpleBox and/or our clients. Responsibilities: Manage and execute the day-to-day information security risk and compliance operational activities Develop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organization Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders Communicate regularly with teams and staff as part of risk assessments, follow-up on open issues, status tracking, and other miscellaneous items. Independently design, recommend, plan, develop, and support implementation of project-specific security solutions to meet requirements Manage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituents Provides regular reporting metrics on the current state of the program. Other duties as assigned Qualifications Bachelor's degree in Computer Science, Information Technology, Business Administration, or related field Experience in information security risk assessment, compliance and/or security operations Previous experience in one or more of the areas below is a plus: --- IT Security Strategy and Management --- Risk Management, IT Audit, and Compliance --- Network, System, Database administration, support and/or help-desk experience --- Application Security, Software Development --- Security Monitoring, Data Loss Prevention, Incident Response Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. Strong analytical skills to analyze security requirements and relate them to appropriate security controls. Working knowledge of relevant security regulations, standards and frameworks, including SOC2, ISO27000, PCI, HIPAA, and NIST CSF. Professional certifications such as CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor) or other similar credential is a plus. Additional Information All your information will be kept confidential according to EEO guidelines.

PurpleBox is the leading technology consulting company that focuses on solving business problems utilizing new technologies. We provide Cybersecurity, Cloud Computing, and DevOps consulting services that help businesses manage their business risk more effectively. Job Description Multiple Information Security Risk and Compliance Positions are available. Entry-level to mid-senior level Internship, Part-Time, Full Time We are seeking to hire multiple Information Security, Risk, and Compliance professionals to work with our customers on risk assessment, compliance, and cybersecurity projects. As part of project delivery teams, these professionals are responsible for the execution, monitoring, and enforcement of the information security governance, risk management, and compliance projects. The successful candidate will oversee day to day execution of operational information security risk and compliance initiatives at PurpleBox and/or our clients. Responsibilities: Manage and execute the day-to-day information security risk and compliance operational activities Develop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organization Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders Communicate regularly with teams and staff as part of risk assessments, follow-up on open issues, status tracking, and other miscellaneous items. Independently design, recommend, plan, develop, and support implementation of project-specific security solutions to meet requirements Manage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituents Provides regular reporting metrics on the current state of the program. Other duties as assigned Qualifications Bachelor's degree in Computer Science, Information Technology, Business Administration, or related field Experience in information security risk assessment, compliance and/or security operations Previous experience in one or more of the areas below is a plus: --- IT Security Strategy and Management --- Risk Management, IT Audit, and Compliance --- Network, System, Database administration, support and/or help-desk experience --- Application Security, Software Development --- Security Monitoring, Data Loss Prevention, Incident Response Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. Strong analytical skills to analyze security requirements and relate them to appropriate security controls. Working knowledge of relevant security regulations, standards and frameworks, including SOC2, ISO27000, PCI, HIPAA, and NIST CSF. Professional certifications such as CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor) or other similar credential is a plus. Additional Information All your information will be kept confidential according to EEO guidelines.

Join the Team Making Possibilities Happen If you've ever used an ATM, paid a bill through your phone, sent money to a friend or shopped online, chances are your transaction was safeguarded and processed using our software. Now it's your turn to serve the payment needs of organizations and people the world over. This position can be remote but candidates must live and work in the US in Eastern and Central Time Zone only. Job Purpose Serve as Liaison to facilitate ACI's response to external audit/exam/assessment engagements to provide external assurance of ACI's management, operational, and control alignment with applicable regulations, IT security standards, contract requirements, etc. as related to Information Security and Risk Management policies, procedures, and relevant control implementations. Scope of engagements will include but is not limited to global Regulations of Financial Services/Banking and Healthcare sectors, Industry Standards such as ISO (27001, 27017), PCI (DSS, PIN, 3DS), SSAE18 (SOC1/SOC2), and industry best practice related to Information Security, Risk Management, Business Continuity/Disaster Recovery, Privacy, and more. Source of external engagements include but is not limited to Regulators, Customers, Business Partners, and more. Essential Functions and Responsibilities Work collaboratively externally, and internally with many teams across functional areas and geographies to ensure engagements are facilitated professionally and timely. Provide audit/exam/assessment subject matter expertise to ensure engagement achieves its stated goal in a timely manner. Work proactively to reduce impact of engagement and limit duplication of control analysis and testing, by leveraging readily available assurance package of information and relevant reports available for distribution to auditors/examiners. Work closely with team members to identify similar requests and leverage shared knowledge and experience to efficiently facilitate each engagement. Facilitate the completion of all required tasks during the engagement, including but not limited to answering due-diligence questionnaires, providing policy/procedure documentation and control evidence to auditor/examiner, coordinating meetings with relevant SMEs, hosting web-sessions, documenting meeting minutes and audit/exam notes, and more. Utilize all necessary tools to ensure all relevant documentation is gathered and stored during and post engagement. Communicate engagement requests and notices with urgency to management and key stakeholders, escalate engagement risks effectively and drive to resolution in timely manner to ensure minimal impact to engagement. Understand and adhere to all Corporate Policies, including but not limited to ACI Code of Business Conduct and Ethics, and Global Information Security Standards Understand and adhere to all department procedures for facilitation of engagements, tracking and reporting of engagement findings, and escalation procedures as needed. Communicate effectively and professionally in all aspects of the role, internally and externally, representing ACI's Core Values and promoting a positive environment for ACI to maintain and build trust within the context of external engagements. Effectively utilize, and support development and maintenance, of team processes and procedure documentation, tools for tracking and reporting engagements, their status and progress, and any outcome requiring further monitoring and reporting. Contribute to ongoing maturity and development of team to achieve goals outlined by management. Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; benchmarking state-of-the-art practices; participating in professional societies. Other duties as assigned. Qualifications (Education, Experience, Knowledge, Skills, and Abilities) Bachelor's degree or equivalent experience, preferably in Information Systems related field of study, Information Security Risk Management/Third Party Risk Management, or Compliance, Certification Requirements: CISM, CRISC, CISA, CISSP, or CTPRP required. 3+ years' experience in related fields, such as Information Security, Risk Management/Third Party Risk Management, Compliance Certification Requirements: CTPRP or equivalent certification required. Preferred Qualifications (Education, Experience, Competencies) Certification: CISM, CRISC, CISA, CISSP, or CTPRP required. Prior experience in Payments Services industry Benefits: In return for your expertise, we offer growth, opportunity, and a competitive compensation and benefits package in a casual work environment. Are you ready to help us transform the world of electronic payments? To learn more about ACI Worldwide, visit our web site at ******************** Job ID (Requisition #16097) ACI Worldwide is an AA/EEO employer in the United States, which includes providing equal opportunity for protected veterans and individuals with disabilities, and an EEO employer globally #LI-LF1 #LI-Hybrid

+ 8+ years of progressive experience in cybersecurity with at least 3 years in a leadership or management role within a Security Operations Center (SOC). + Proven hands-on expertise with **SIEM platforms** (e.g., Splunk, QRadar, Elastic, Sentinel) including rule creation, alert tuning, and use case development. + Practical experience with **SOAR platforms** (e.g., Palo Alto XSOAR, Splunk SOAR, Swimlane) including playbook design, automation, and orchestration. + Proficiency in **Python** and scripting for automation, data enrichment, and incident response use cases. + Deep understanding of **incident response frameworks** (e.g., NIST 800-61, SANS PICERL) and experience leading complex investigations and coordinated response efforts. + Strong knowledge of **cyber threat intelligence** principles, including threat hunting, IOC management, and integration of threat feeds into SOC tools. + Familiarity with **digital forensics** techniques, tools (e.g., EnCase, FTK, Volatility), and procedures for endpoint, network, and cloud environments. + Experience with **MITRE ATT&CK** framework and applying it to detection engineering, threat modeling, and gap analysis. + Demonstrated ability to build and lead high-performing SOC teams, including analysts, engineers, and threat hunters, across multiple shifts or geographies. + Strong grasp of **security logging and telemetry** best practices across enterprise environments (cloud, endpoint, network, SaaS). + Experience conducting **post-incident reviews** , root cause analysis, and continuous improvement initiatives. + Knowledge of **vulnerability management** processes and how they intersect with detection and response efforts. + Familiarity with **cloud security monitoring** tools and techniques across AWS, Azure, and GCP. + Experience developing and maintaining **runbooks, playbooks** , and standard operating procedures. + Excellent communication skills for cross-functional collaboration with IT, GRC, legal, and executive teams. + Industry certifications such as **CISSP, GCIA, GCIH, GCFA, GNFA, GPEN, OSCP, or Security+** are highly desirable. + Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or related field preferred. **Job Summary** Manage and coordinate a team of Security Managers and Engineers. Ensure tight rigor and control over Security Operations and Audit processes. **Major Tasks, Responsibilities, and Key Accountabilities** + Serves as an internal information security consultant to the organization. Effectively leads and or coordinates all internal dedicated security functions including but not limited to - patching, anti-virus, intrusion prevention, CERT response, log file monitoring, cross division security coordination, systems operational security testing, rule set analysis, threat detection and adaptation, as well as advent security related functions. + Initiates activities to create information security awareness within the organization. + Performs information security risk assessments, and acts as an internal auditor. Evaluates audit findings and drives remediation of identified control deficiencies. + Reviews all system-related security planning throughout the network and acts as a liaison to information systems. + Monitors compliance with information security policies and procedures, addressing problems with the appropriate department manager or data owner. + Oversees the security policy to ensure appropriateness. Provides training and consultation to ensure understanding of and compliance with established security standards and controls. Manages the Computer Security Incident Response Plan. + Manages the Risk Program including coordination and follow-up of the semi-annual risk assessment and development and implementation of business unit policies and standards. + Manages the business unit's audits and examinations. Works with management to put controls in place needed to comply with SOX and PCI regulatory requirements. **Nature and Scope** + Solutions require analysis and investigation. + Achieves planned results by decisions and actions based on professional methods, business principles, and practical experience. May recommend/make decisions regarding new programs/initiatives that have significant impact to the business and carry consequences in unsuccessful endeavors. + Manages a larger team or multiple small teams through direction of subordinate management and/or supervisory staff. **Work Environment** + Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. + Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. + Typically requires overnight travel less than 10% of the time. **Education and Experience** + Typically requires BS/BA in a related discipline. Generally 7+ years of experience in a related field. May require certification. Advanced degree may offset less experience in some disciplines. **Our Goals for Diversity, Equity, and Inclusion** We are committed to creating a culture that promotes equity, respect, and advocacy for every HD Supply associate. We value the diversity of our people. **Equal Employment Opportunity** HD Supply is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. HD Supply is an Equal Opportunity Minority/Female/Individuals with Disabilities/Protected Veteran and Affirmative Action Employer. HD Supply considers for employment and hires qualified candidates without regard to age, race, religion, color, sex, sexual orientation, gender, gender identity, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law.