Information security analyst jobs in Portland, ME

Senior Security Engineer (US) New York & Boston candidates: Office-based Other listed states: Remote employees considered Contract: Full-time, Hybrid / Flexible | 35-hour week Salary: $175,000 base + 15% bonus Overview We are seeking a hands-on, senior security engineer to proactively strengthen our security posture across cloud-native and hybrid environments. This highly technical, strategic role will lead security platform integration, governance, threat detection, and mentoring, while influencing security-first practices across the organisation. Key Responsibilities Security Architecture & Engineering Lead integration and optimisation of Zscaler, Wiz (EDR/CSPM/CNAPP), and endpoint protection (EDR/XDR) to maximise prevention, detection, and response. Develop detection rules and manage analytics in Microsoft Sentinel and Wiz. Conduct proactive threat hunting, posture management, and remediation validation. Administer Zscaler Internet Access (ZIA), including policy tuning, SSL inspection, forwarding profiles, and authentication flows. Troubleshoot traffic flows and collaborate with DevOps, IT, and R&D to integrate security into CI/CD pipelines and infrastructure-as-code. Compliance, Audit & Governance Ensure compliance with NIST SP 800-53, NIST SP 800-171, SOC 2, ISO/IEC 27001:2022, and client-specific requirements. Lead audits, penetration testing, and maintain continuous audit readiness. Security Operations & Incident Response Develop, tune, and manage detection rules and playbooks across Wiz, Zscaler, and other platforms aligned with MITRE ATT&CK. Hunt threats, triage alerts, and lead incident investigations. Manage advanced email security with Microsoft Defender for Office 365. Drive automation and orchestration initiatives to improve operational efficiency. Stakeholder Engagement & Leadership Act as a technical advisor on Zero Trust, cloud security, and operations. Mentor junior staff and foster a security-first culture. Communicate complex security concepts clearly to technical and non-technical stakeholders, including senior leadership. Mandatory Platform Expertise GitGuardian CyberHaven Wiz Advanced & Defend Zscaler Email Security (various platforms) Education & Preferred Certifications Master's degree in Information Security, Computer Science, or related field. GIAC certifications: GCIA, GCED, GCIH, GDAT, GDSA, GMON Microsoft Cloud Security certifications: AZ-500, AZ-305, SC-300

Immediate need for a talented Cloud Security Engineer. This is a 12 months contract opportunity with long-term potential and is located in Westlake, TX/ Merrimack, NH(Onsite). Please review the job description below and contact me ASAP if you are interested. Job Diva ID: 25-95092 Pay Range: $70 - $75 /hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Designing, scaling, and deploying various cloud security controls and services Building processes and workflows along with a consolidated and collaborative integration of IaaS, SaaS, and PaaS cloud services Ensuring seamless user experience with advanced security and compliance of our cloud infrastructure Maintaining and containing business risk as it pertains to the Azure cloud infrastructure Working across teams and Business Units to define requirements and deliver solutions Building comprehensive security controls to enforce policy Supporting business unit technologists deploying to the public cloud Key Requirements and Technology Experience: Key skills; Azure Policy Exp Azure Security Services - Security Center, Key Vault, Log Analytics Identity and Access Management Exp Prior Software Engineering background, any language is fine but someone coming from a Sys Admin/Devops background won't be the right fit here. 6-9 years of experience in IT infrastructure, security, compliance A strong understanding of Azure services and security capabilities Solid hands-on experience with at least two of the following: Engineering/operational support of cloud account configuration in AWS or Azure Software Development, Linux Systems Administration, Data Networking Hands-on configuration of CI/CD pipelines for cloud-native deployments Very strong with scripting languages, including integration with CSP APIs; python preferred Azure Networking Identity and Access Management - RBAC Azure Policies Azure Security Services - Security Center, Key Vault, Log Analytics Azure ARM/PowerShell Ability to work with application and security teams to promote a secure posture in the cloud You can mentor and train other team members to work effectively in the cloud You are a self-starter who can independently by reading technical documentation Advanced Azure Certifications Our client is a leading financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. By applying to our jobs, you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

The Company Privately held company headquartered Northern Massachusetts (Rt 495) the company operates an integrated light manufacturing and distribution center, with two third-party overflow warehouses in the U.S. With approximately $150 million in annual revenue, over 450 employees. The Position The company is seeking a Director of Information Technology & Security to be responsible for leading the company's technology foundation across IT operations, infrastructure, cybersecurity, and software engineering. This senior leader will oversee the day-to-day performance, reliability, security, and efficiency of all IT systems and services, while ensuring the successful delivery of custom software solutions that support manufacturing and broader business operations. Reporting to the Chief Technology Officer, this role will also serve as a member of company's Senior Leadership Team. The Director will partner closely with the Director of Digital Transformation and the Director of the Project Management Office (PMO) to drive innovation and digital transformation initiatives, ensuring that technical execution aligns with business goals. As a senior technology leader, this individual will provide leadership continuity and support executive decision-making when needed, helping to keep operations and strategic initiatives on track. The Director of Information Technology & Security will provide strategic and operational leadership across IT infrastructure, cybersecurity, and software engineering to ensure reliable, secure, and high-performing technology services. This individual will guide the evolution of Company's technology environment, strengthen system reliability and security, and enable scalable digital capabilities that support the needs of a growing manufacturing organization. The Director will also provide strategic guidance to the CTO on operational and technical matters, contributing to long-term IT strategy, technology roadmaps, and budget planning, while championing continuous improvement through analysis of incident trends and service performance. Through cross-functional collaboration and forward-looking leadership, the Director will help ensure Company's technology ecosystem remains robust, efficient, and positioned for long-term success. Principal Responsibilities & Duties: Lead IT operations, including infrastructure, networking, system administration, and the Help Desk, ensuring high availability, performance, security, and timely issue resolution while managing IT assets across their lifecycle. Expand and mature IT service management (ITSM) processes and enforce SLAs/OLAs, driving accountability, continuous improvement, capacity planning, availability management, and disaster recovery aligned with business continuity goals. Serve as the senior cybersecurity leader, overseeing policies, controls, incident response, and compliance to protect company systems and data. Provide strategic direction and leadership for software engineering, managing development projects, automation, systems integration, and the Software Development Manager while fostering a high-performance, collaborative culture. Partner with the Directors of Digital Transformation and PMO to align IT operations and development with innovation priorities, including AI adoption, factory floor automation, advanced analytics, process optimization, and timely project delivery The Candidate The company is seeking an experienced and strategic Director of Information Technology & Security to lead and evolve their technology foundation in support of our growing manufacturing organization. The ideal candidate will be an experienced and strategic technology leader with a strong background in IT operations, cybersecurity, infrastructure management, and software engineering. The company seeks a collaborative, proactive, and adaptable leader who can drive operational excellence while fostering innovation and cross-functional alignment. This individual will have a proven track record of leading high-performing IT teams, navigating both operational and project-based work, and influencing stakeholders across departments to deliver measurable results. This role requires a hands-on, customer-focused, and risk-conscious leader with excellent communication and collaboration skills. A successful candidate will bring strong problem-solving abilities, curiosity, accountability, and a stakeholder-centric mindset, while integrating IT operations with digital transformation initiatives, manufacturing systems, and ERP platforms. This is a flexible hybrid role, with an expectation of at least three days per week in office. During the initial six months, on-site presence will be required four to five days per week to support onboarding and integration. Summary of Requirements: Bachelor's degree in Information Technology, Computer Science, or a related field; advanced or security-related certifications (CISSP, CISM, CSSM, CompTIA Security+, ITIL Foundation or higher) a plus. 15+ years of progressive IT operations leadership experience, including infrastructure, cybersecurity, and software engineering. Proven ability to expand and optimize ITIL-based processes and leverage ITSM platforms to drive process maturity and operational excellence. Strong understanding of manufacturing systems, ERP platforms, and IT/OT integration. Hands-on experience leading software engineering teams, managing development projects, automation, and systems integration initiatives. Skilled in capacity planning, disaster recovery, and business continuity aligned with organizational growth. Experience managing IT assets, Help Desk operations, and SLAs/OLAs to ensure high availability, performance, and service reliability. Hybrid role but must be in office at HQ three days per week and four-to-five during first six months of employment.

Job Role: IT Project Analyst Key Responsibilities Manage IT and business automation projects from planning through implementation Collaborate with clients and internal stakeholders to define project goals, gather requirements, and deliver successful outcomes Build process automations using Microsoft Power Platform tools such as Power Automate, SharePoint, Lists, and Power Apps Design and maintain dashboards and reports in Power BI and Microsoft Fabric Support database-related work, ensuring proper design, data integrity, and relational structure Apply AI fundamentals to improve workflows and analytics Track project timelines, budgets, and communications MUST HAVES: · 3-5 years of proven experience managing IT projects and working cross-functionally with technical teams · Proficiency with Power BI and Power Automate strongly preferred · Working knowledge of SQL Server and database structures strongly preferred NICE TO HAVES: · Familiarity with SharePoint, Lists, Power Apps, and Microsoft Fabric preferred · Understanding of AI concepts and how to apply them in business environments preferred

Fiber Materials Inc. | solutions for the most extreme places in the universe FMI's manufacturing facility has been a leading solutions provider of high temperature materials and composites for more than 50 years, serving the Department of Defense and NASA. The focus in Maine is on multidirectional reinforced Carbon/Carbon (C/C) and Ceramic Matrix Composites (CMCs) that enable high-temperature components such as: thermal protection systems, re-entry vehicle nose tips as well as rocket motor throats and nozzles. Our materials are being used on ground-breaking space initiatives such as the Orion Multi-Purpose Crew Vehicle and the heat shield for NASA's Mars 2020 mission, important missile programs, airfoils in commercial and military jet engines, and as lightweight armor for U.S. military ground vehicles. Your role: FMI is seeking an Information Security Specialist to support a small, stand-alone classified information system(s) in support of a U.S. Government contract(s). As the Information Security Specialist, you will encompass the responsibilities of an Information System Security Officer (ISSO) and Information System Security Engineer (ISSE). To be successful, you will be responsible for compliance, operations, and technical security engineering of the classified environment. Please keep in mind this role is NOT remote. Job Responsibilities: Operational Security (ISSO Duties): Perform continuous monitoring and day-to-day security administration of the system. Manage user access, account creation, and audit log reviews. Conduct security training and briefings for system users. Document and report security incidents, vulnerabilities, and mitigation actions. Engineering & Technical Security (ISSE Duties): Design, implement, and maintain technical security controls for the system. Evaluate, recommend, and integrate security solutions for classified IT environments. What we need from you: Associate's degree in Cybersecurity, Information Technology, or related field; equivalent experience considered 1-3 years of experience in information system security Active or ability to obtain and maintain an U.S. Government security clearance (Secret or above) Effective time management Technical proficiency Detail oriented Strong listening skills Customer focus Self-motivated Strong interpersonal skills Ability to work independently and as part of a team in a fast-paced environment Knowledge of NIST and or CMMC cybersecurity frameworks and standards Understanding in cyber security assessment tools and methodologies Understanding network and system security, intrusion detection and prevention, and incident response Excellent analytical and problem-solving skills Commitment to continuous learning and staying current with industry developments Excellent communication and documentation skills What you'll get from us: 16 ETO days 12 paid holidays (including Winter Closure!) Medical / Dental / Vision 401k Company Match Tuition Reimbursement $1000 Sign-On Bonus

Odyssey Systems is seeking a Cybersecurity Compliance Specialist to ensure system and application deliverables meet all Department of Defense (DoD) and Air Force cybersecurity requirements. This role requires strict adherence to DoD and Air Force policies, frameworks, and certification standards throughout the contract period, including RMF and PKI implementation. This is a full time on-site position located at Hanscom AFB, MA. Responsibilities In this Advisory and Assistance Services (A&AS) role, you will provide expert-level support to Department of Defense (DoD) programs by assisting government leadership with decision-making, planning, and execution throughout the acquisition lifecycle. You will apply your technical and/or professional expertise to ensure compliance with applicable policies and regulations, contribute to mission success, and help deliver critical capabilities to the warfighter. Duties include, but not limited to: Ensure 100% of personnel delivering cybersecurity services are certified per DoD 8570.01-M standards. Ensure all system and application deliverables comply with DoDI 8500.01 (Cybersecurity) and AFI 33-200 (Air Force Cybersecurity Program Management). Support implementation and compliance with DoDI 8510.01 and AFI 33-210 regarding the Risk Management Framework (RMF) for DoD Information Technology. Support activities in accordance with DoDI 8520.02 to enable PKI-supported capabilities (biometrics, encryption, digital signatures, identification, and authentication). Qualifications Citizenship: Must be a US citizen Minimum Required Qualifications Clearance: Must have and be able to maintain a Secret clearance Education: Bachelor's degree Years of Experience: 10+ years of experience, five of which must be in the DoD Certifications: Preferred Qualifications Education: Master's degree Technical Skills Working knowledge of DoDI 8500.01, DoDI 8510.01, DoDI 8520.02 Hands-on experience implementing RMF in DoD environments Expertise in PKI/PK enabling capabilities and compliance Familiarity with cybersecurity-related CDRLs and documentation standards Interpersonal Skills Excellent written and verbal communication skills Ability to interpret and apply complex DoD policies and regulations Strong organizational skills and attention to detail Ability to collaborate effectively with technical and non-technical stakeholders Additional Information Location: Hanscom AFB, MA Onsite #LI-SB1 Company Overview Odyssey Systems is a world-class technical, engineering, and integration company serving the warfighting ecosystem with airborne integration, ISR, C2, and warfighter readiness capabilities. Odyssey meets the military's operational needs by integrating layered defense systems from equipment, technology, and services to data, information, and business operations. We streamline defense acquisition and sustainment, engineering the technical battlefield with domain-specific proficiency to ensure lethality. Odyssey is dedicated to excellent contract execution, peak organizational performance, and fostering a workplace built on employee care. Odyssey is proud to live out our core values of commitment, ambition, and respect in our work and communities through OdysseyCares, a philanthropic group focused on giving back through direct donations, an employer match program, and volunteering events. Please note: Final compensation for this position will be determined by various factors such as the Federal Government contract labor categories and contract wage rates, relevant work experience, specific skills and competencies, geographic location, education, and certifications. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

Join our global Cyber team as a Wordings Analyst supporting the Global Cyber Wordings Manager in the strategic development and governance of our Cyber and Tech policy suite, including Liberty Cyber Resolution and Liberty Tech Resolution. This role is a hands-on business enabler: you will help translate complex legal and regulatory requirements into clear, market-ready wordings, maintain our global clause library, support manuscript negotiations, and produce practical tools that empower underwriters and strengthen broker confidence. It's an excellent opportunity for an early-career insurance wordings or legal professional to build expertise in a fast-moving, global specialty line and make a visible impact on growth, innovation, and client experience. Key responsibilities: Wording library and drafting support Maintain and expand the global wording library centered on Liberty Cyber Resolution and Liberty Tech Resolution, including endorsements, exclusions, and guidance notes. Redline and prepare first drafts of standard clauses and endorsements; ensure consistency with definitions, coverage intent, and plain-language standards. Track version control, change logs, approvals, and archiving; Assist with localization for different jurisdictions, coordinating translations and filing documentation with Legal/Compliance. Commercial enablement Build practical tools (playbooks, FAQs, objection-handling guides, coverage summaries) to help regional teams position our products and close deals efficiently. Prepare broker/client comparison decks and battlecards; support pitches, RFP/RFI responses, and manuscript negotiations with clause comparisons and recommended alternatives. Triage wording queries from regions; track SLAs and referral approvals per the global governance framework. Partner closely with Underwriting, Product, Global Cyber Engagement, Claims, Legal/Compliance, and regional leaders to deliver accurate, timely support and uphold governance standards. Regulatory and legal stewardship Monitor and synthesize global regulatory and market developments (e.g., Lloyd's cyber war/systemic guidance, GDPR, DORA, NIS2, sanctions) into succinct briefs and recommended wording actions. Maintain audit-ready documentation; assist with regulatory filings or attestations where required. Claims partnership and feedback loop Collaborate with Claims to capture lessons from disputes and litigation trends; draft guidance notes and propose clarifications to improve coverage certainty. Support coverage position letters and documentation packs with research, citations, and clause histories. Innovation and product development support Help draft prototype wordings for new propositions Check alignment between underlying policy wordings and reinsurance treaty/facultative clauses. Administer wording management tools, ensuring robust version control, approval workflows, and usage analytics. Build dashboards and trackers for adoption of standard forms, deviation rates, SLA performance, disputes, and audit findings; provide monthly reporting to stakeholders. Qualifications Bachelor's degree in business, economics, or other quantitative field. Minimum 3 years, typically 4 years or more of relevant work experience. 2 - 5 years of experience in insurance wordings, legal/paralegal support, underwriting support, or product documentation; cyber specialty experience preferred. Strong drafting, redlining, and proofreading skills with a plain-language mindset and exceptional attention to detail. Working knowledge of insurance policy structures, endorsements, exclusions, and coverage interpretation; familiarity with cyber war/systemic language, sanctions, and privacy regulations is advantageous. Research and synthesis skills to translate complex regulatory/legal topics into practical guidance and actionable updates. Proficiency with MS Word (advanced track changes/redlining), Excel (trackers and dashboards), PowerPoint (training/pitch materials), and document/enablement tools. Collaborative, service-oriented approach; comfortable operating in a global matrix and meeting defined SLAs. Curiosity about cybersecurity risks and the incident response ecosystem; willingness to learn common threat scenarios to inform practical drafting. About Us Pay Philosophy: The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as employees grow and develop within the role. Some roles at Liberty Mutual have a corresponding compensation plan which may include commission and/or bonus earnings at rates that vary based on multiple factors set forth in the compensation plan for the role. At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve. We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: *********************** Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law. Fair Chance Notices California Los Angeles Incorporated Los Angeles Unincorporated Philadelphia San Francisco We can recommend jobs specifically for you! Click here to get started.

INFORMATION SECURITY ANALYST SUMMARY: The Information Security Analyst is responsible for contributing, implementing, and maintaining the credit union's cyber security program. Leveraging the required skills and experience, the Information Security Analyst will investigate and respond to security incidents, work closely with internal departments and/or third parties, and provide status updates to management. ESSENTIAL DUTIES AND RESPONSIBILITIES include the following: Review daily log reports generated from information security systems and investigate anomalous behavior. Process reported social engineering attempts to determine if a threat exists and communicate outcomes to involved parties. Monitor, investigate, remediate, and report security incidents as they arise. Work with other members of the Incident Response Team, as needed. Conduct social engineering exercises across the organization and assist with training remediation efforts. Administer the organizations vulnerability management program to identify and prioritize vulnerabilities. Will also work closely with the Information Technology team and product owners to remediate discovered vulnerabilities. Administer the credit union's information security systems and tools. Contribute to the organizations security policies, procedures, and processes. Implements the information security strategy and objectives, as approved by the Chief Information Officer, including strategies to monitor and address current and emerging risks. Participates on the Change Control Board ensuring systems changes are made with appropriate Confidentiality, Availability, Integrity and Cyber Security design and controls Participates in industry collaborative efforts to monitor, share, and discuss emerging security threats. Maintains up-to-date knowledge of the security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Contributes to the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically. Champions security awareness and training programs. Participate in security NIST based incident response process including event handling, process reviews and tabletop exercises. Supervise all investigations into problematic activity and provide on-going communication and reports significant security events to the board, supervisory committee, and management as appropriate. Responds to and complies with audit, regulatory, and credit union policies and procedures. Monitor and respond to security related alerts during non-business hours. QUALIFICATION REQUIREMENTS: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. KEYS TO SUCCESS: Knowledge Of: Experience in enterprise security document creation. Experience in enterprise security architecture design. Experience in NIST based Incident Handling Working technical knowledge of Firewalls, Intrusion Detection, Networking technologies ( LAN / WAN ), Data Loss Prevention (DLP), Network Access Controls (NAC), Security Incident and Event Management Systems (SIEM), Email Security. Vulnerability Management Tools (Nessus, Nexpose, Etc) Command Line Utilities such as Nmap, netcat, etc. Experience with security in cloud environments (Azure preferred) required. Microsoft Windows Server, Active Directory, DNS and DHCP, etc. Microsoft Windows 10 and later Microsoft Office and Visio 2016 and later Ability To: Create and maintain detailed technical documentation Proven analytical and problem-solving abilities. Good written, oral, and interpersonal communication skills. Ability to conduct research into IT security issues and products as required. Ability to present ideas in business-friendly and user-friendly language. Highly self-motivated and directed. Team-oriented and skilled in working within a collaborative environment. EDUCATION, EXPERIENCE, & TRAINING GUIDELINES: Any equivalent combination of education and experience that provides the applicant with the knowledge, skills, and abilities, required to perform the job is acceptable. A typical way to obtain the knowledge and abilities would be: Education/Experience: Bachelor's degree preferably in Information Systems or Computer Science 3-5 years of relevant Information Technology or Information Security experience. License or Certification: Security certifications such as Security+, CySA+, SSCP, etc. Bondable Acceptable Credit History Compensation & Benefits: Salary Range: $62,200 - $93,300 Health, Dental & Vision Benefits Bonus opportunity 401(k) with match and profit sharing Flexible Time Off

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Position Summary: Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank's Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates a global security operations center that monitors, detects and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements. Role Description: This role is primarily responsible for ensuring that relevant Privileged Access Controls are adequately enforced across platforms and applications to comply with IAM Standard. Partner with PAM Governance leads to ensure that Privileged Access Controls are appropriately measured, reported and governed. Apply industry PAM best practices, templates, and documentation while also proposing improvements based on practical knowledge. Document and convey PAM related requirements to technology partners to build/implement enhanced PAM solutions that are efficient, effective, and modern and able to result in material risk reduction in sustainable manner. Collaborate with stakeholders to develop PAM requirements that iteratively support long term PAM modernization and transformation (covers Process, Data and Technology aspects). Provide education to team members and technology partners regarding the proposed changes to PAM controls. Partners with the policy governance team for socialization and publication of proposed changes to the PAM Standard Takes accountability for addressing PAM risks. Proactively identify risk and ways to continuously enhance and improve BAC's PAM controls. Implement and take decisive actions in finding solutions. Drives towards intended outcomes. Engage senior management to provide factual, transparent, and timely reporting on existing and emerging PAM or information security risks. Active participation in GIS IAM/PAM forums including but not limited to Monthly IAM Stakeholder Forum and Control Owner Forum for standard and Single Process Inventory (SPI) enhancements. Supports audit issues for closure and sustainability Required Qualifications: 7 years relevant hands-on experience in PAM in complex and heterogenous technology environment. Deep experience with Linux, Windows, Cloud scale Identity, Access Management (Single Sign-On, Multi Factor Authentication), Authorization services or design and architecture of PAM services Deep knowledge of bank financial practices and policies and ability to adapt to fast changing environment Working level experience with IAM platforms such as Ping Identity, Active Directory OpenLDAP, OpenDJ Experience in consumption of Web Service APIs such as JSON / XML Hands on experience and involvement in large and complex projects. Expert level knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation. Expert level knowledge of authentication platforms such as Active Directory, LDAP, Kerberos, LDAP, Radius. Expert knowledge of PAM related tools which support session proxy, vaulting, just-in-time provision, integration with service management tool would be an advantage. Deep security knowledge which covers core technology infrastructure (network, storage, servers, databases, etc.) identity management and application security practice. Deep knowledge on Federation platforms or protocols such as Oauth, OpenID, SAML, WS-Fed, etc. Good knowledge and understanding of PAM-specific laws, rules, and regulations within the financial services sector. Proficient in Microsoft Office suite of products with ability to quickly analyze and synthesize large volumes of data. Familiarity with security standards such as NIST, ISO/EC, FFIEC. Understanding and interpreting BAC's established information security Policy, Standards, Procedure and Guides, and applying this knowledge to related PAM decisions and response. Possession of CISSP certification would be an advantage. Knowledge of Compliance Certifications such as SOX, SOC, SOC2. Serve as the Subject Matter Experts in advising BAC business and technology counterparts on effective ways to achieve or exceed compliance with applicable Policy, Standards, Procedures and Guides. Proficient in articulating facts and data-driven plans and to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to PAM standards. Strong attention to detail and advanced analytical skills. Excellent communication and presentation skills. Able to effectively prioritize multiple tasks. Proven track record in delivering outcomes that result in sustainable risk reductions in PAM. Ability to work independently on initiatives with little oversight. Motivated and willing to learn. Confident and effective in delivering messages across a wide spectrum of individuals with varying degrees of technical and business understanding This job will be open and accepting applications for a minimum of seven days from the date it was posted Shift: 1st shift (United States of America) Hours Per Week: 40 Pay Transparency details US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - MA - Boston - 100 Federal St - 100 Federal St Lp (MA5100) Pay and benefits information Pay range$78,200.00 - $137,700.00 annualized salary, offers to be determined based on experience, education and skill set.Discretionary incentive eligible This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.BenefitsThis role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Job Description At OneStudyTeam (a Reify Health company), we specialize in speeding up clinical trials and increasing the chance of new therapies being approved with the ultimate goal of improving patient outcomes. Our cloud-based platform, StudyTeam, brings research site workflows online and enables sites, sponsors, and other key stakeholders to work together more effectively. StudyTeam is trusted by the largest global biopharmaceutical companies, used in over 6,000 research sites, and is available in over 100 countries. Join us in our mission to advance clinical research and improve patient care. One mission. One team. That's OneStudyTeam. We are seeking a Senior Security Compliance Analyst with expertise in Governance, Risk, and Compliance (GRC) to support and enhance our security and compliance programs within the healthcare industry. This role is critical in ensuring adherence to industry regulations, responding to customer audits, and maintaining compliance with ISO 27001, HIPAA, and other security frameworks. The ideal candidate will be a detail-oriented compliance expert who can navigate complex regulatory environments, assist with internal/external audits, and drive continuous improvement in security governance. The ideal candidate must be able to operate independently while delivering on the following duties. What You'll Be Working On: Lead and support customer security audits, responding to security questionnaires and demonstrating compliance with security frameworks. Prepare, coordinate, and manage ISO 27001 audits, including evidence collection, control implementation, and auditor engagement. Ensure ongoing compliance with HIPAA, NIST CSF, and other regulatory requirements applicable to healthcare data security. Develop and maintain policies, procedures, and security documentation to meet regulatory and contractual obligations. Perform gap analyses and risk assessments to identify and remediate compliance risks. Manage and improve security governance frameworks, ensuring alignment with industry best practices and business objectives. Conduct third-party vendor risk assessments, ensuring compliance with security policies and contractual obligations. Monitor security controls, ensuring effectiveness and continuous improvement in alignment with security frameworks. Support security awareness training initiatives, ensuring employees understand compliance responsibilities. Stay current on ISO 27001, HIPAA, NIST 800-53, and other relevant standards, translating them into actionable security controls. Assist in defining security metrics and reporting on compliance status and risk posture to leadership. Work closely with legal, security, IT, and business teams to align compliance requirements with security operations. What You'll Bring to OneStudyTeam: Bachelor's degree in Information Security, Computer Science, Risk Management, or related field (or equivalent experience). 8+ years of progressive experience in GRC, compliance, or security audit roles. Experience in healthcare or regulated industries strongly preferred. Certifications strongly preferred: ISO 27001 Lead Auditor/Implementer, CISSP, CISM, CISA, HITRUST CCSFP, CRISC. Experience leading ISO 27001, SOC2, or HITRUST audits, including ISMS implementation and external audit coordination. Strong understanding of NIST CSF, SOC 2, GDPR, and other security frameworks. Hands-on experience with customer security audits, including responding to security questionnaires and managing security assessments. Ability to perform risk assessments, policy reviews, and compliance gap analyses. Strong written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders. Detail-oriented with excellent organizational and project management skills. Ability to work independently and collaboratively in a remote environment. Familiarity with GRC tools (e.g., OneTrust, LogicGate, Archer, Vanta, Drata) is a plus. We value diversity and believe the unique contributions each of us brings drives our success. We do not discriminate on the basis of race, sex, religion, color, national origin, gender identity, age, marital status, veteran status, or disability status. Note: OneStudyTeam is unable to sponsor work visas at this time. If you are a non-U.S. resident applicant, please note that OneStudyTeam works with a Professional Employer Organization. As a condition of employment, you will abide by all organizational security and privacy policies. This organization participates in E-Verify (E-Verify's Right to Work guidance can be found here).

We are seeking a detail-oriented and highly skilled Security Analyst to join our team in Boston and shape the future of Cybersecurity. As a Security Analyst at 7AI, you will leverage your expertise of the security landscape to review and analyze AI Agent investigations, ensuring accuracy and completeness, ultimately helping to build our multi-agent platform. You will be integral in building and maintaining the reliability of our AI Agents, working in tandem with Engineering and Product to inform our roadmap as we build. If you want to build the next generation of Cybersecurity and put AI in the hands of defenders, please apply below. Key Responsibilities: Review and validate alerts and investigations completed by the AI Agents for accuracy and completeness. Collaborate with the Engineering and Product teams to provide feedback and assist in optimizing the AI platform. Develop internal playbooks, standard operating procedures and tools that will guide the AI Agents to perform quality investigations. Stay current with emerging cybersecurity trends, vulnerabilities, and new attack techniques, especially the field of AI-driven attacks. Investigate flagged security incidents, analyzing potential threats and confirming the findings generated by AI. Recommend mitigation strategies and remediation steps to train the AI to reduce the threat surface. Correlate findings from multiple sources, including network logs, endpoint data, and threat intelligence, to validate AI-generated reports. Assist with ongoing threat monitoring, triage, and prioritization of security incidents. Required Qualifications: 4+ years of experience in a Security Analyst or similar role within the cybersecurity field. Hands-on experience with incident response for Cloud and Identity alerts, and at least two of Email, EDR, Threat Intel and Networking alerts. Strong understanding of security monitoring tools and techniques (SIEM, IDS/IPS, IDP, etc.). Experience analyzing and investigating security alerts from multiple sources, including intrusion detection systems, network monitoring tools, and endpoint protection platforms. Familiarity with the latest cybersecurity threats, attack vectors, and vulnerabilities. Strong analytical and problem-solving skills, with the ability to verify AI-driven analysis and make independent security decisions. Scripting experience with languages such as Python Data querying experience with SIEM technologies (SPL, KQL, FQL, SQL, etc).

Basic Qualifications CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position We are seeking a Systems Security Engineer who has experience in the design and development of NSA-certified Cybersecurity devices. Key Responsibilities: Design and develop specifications for mission-critical NSA-certified Cybersecurity devices Collaborate with software and validation engineering teams to deliver high-speed data solutions Develop real-time multi-threaded Embedded System architecture using Model-based Systems Engineering (MBSE) tools and techniques Analyze and maintain system security requirements throughout product development lifecycle Conduct trade studies, perform functional analysis, and design system security. Preferred Skills and Experiences: NSA approved Cryptography/Encryption Security requirements analysis Real-Time multi-threaded Embedded System architecture and development Model-based Systems Engineering (MBSE) CISSP certification or similar INCOSE ASEP, CSEP, or ESEP certification We value candidates who possess: Drive to expand knowledge and experience in designing complex systems Ability to define project scope, schedule, and expected results Initiative to complete assignments and ability to engage in technical direction and leadership Our Commitment to You: An exciting career path with opportunities for continuous learning and development Research-oriented work with award-winning teams Competitive benefits package Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $107,529.00 - USD $114,000.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Are you a Cybersecurity compliance expert ready to take the lead in a dynamic, high-impact role? Join a globally recognized firm where you'll play a key role in shaping and strengthening our cybersecurity strategy. This is your chance to make a difference in a fast-paced, professional environment that values innovation, collaboration, and technical excellence. Why You'll Love This Role: Drive Security Initiatives - Lead firmwide cybersecurity programs, ensuring compliance with ISO 27001 and other industry standards. Be a Decision-Maker - Approve security risks, implement best practices, and enhance policies to safeguard critical systems. Third-Party & Risk Management - Oversee vendor risk assessments, vulnerability management, and client security audits. Lead & Mentor - Supervise a Compliance Analyst and provide strategic guidance across teams. Innovate & Protect - Collaborate with IT leadership to integrate cutting-edge security solutions into firm operations. What You Bring to the Table: 5+ years of cybersecurity experience in a complex IT environment. Strong knowledge of security frameworks (ISO 27001, NIST, etc.). Hands-on experience with security tools, compliance audits, and risk assessments. Leadership experience with a passion for mentoring and developing security professionals. Bachelor's degree in Cyber Security, Computer Science, or a related field. Security certifications (CISSP, CRISC, etc.) strongly preferred. Offer includes: Competitive salary: $145,000 - $170,000 Hybrid work environment Excellent benefits package A culture of excellence, diversity, and professional growth Ready to step into a leadership role where your expertise will make a real impact? Apply today and be a key player in securing the future of a top international firm. Apply to this post or email your resume directly to Dan Gilliam, email: **************************** Tags: Cybersecurity, IT, ISO, Compliance, Security Manager

Woods Hole Oceanographic Institution is searching for a highly skilled and cleared Information System Security Officer (ISSO) / Classified Systems Information Assurance Analyst to join our team, focusing exclusively on the security of classified information systems and networks. This critical role is responsible for ensuring the confidentiality, integrity, and availability of sensitive government information in accordance with stringent U.S. government (USG) security directives. The ISSO will be instrumental in the authorization and accreditation(A&A) process, continuous monitoring, incident response, and the implementation of robust security controls for classified environments. The ideal candidate will possess a deep understanding of relevant security frameworks, policies, and a proven track record of maintaining secure classified systems. This is a regular, full-time, exempt position, and is eligible for full benefits. ESSENTIAL FUNCTIONS Authorization & Accreditation (A&A) / Risk Management Framework (RMF): Lead or support the development, review, and submission of comprehensive security authorization packages (e.g., System Security Plans (SSPs), Risk Assessment Reports, Contingency Plans, Plan of Action and Milestones (POA&Ms)) for classified systems. Ensure all classified systems maintain an Authority to Operate (ATO), Interim Authority to Test (IATT), or Authority to Connect (ATC) in accordance with RMF or legacy A&A processes (e.g., DIACAP). Interpret and apply USG security policies, regulations, and guidelines, including but not limited to: NISPOM, DoD Instruction 8500.01, NIST SP 800-53, DCID 6/3, ICD 503, JSIG, and DISA STIGs. Security Control Implementation & Enforcement: Design, implement, and maintain security controls specific to classified systems, including secure configurations, access controls, auditing, media control, and classified spillage prevention/response. Configure and manage specialized security tools relevant to classified environments (e.g., Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), Data Loss Prevention (DLP) solutions). Perform rigorous hardening of operating systems (Windows, Linux), applications, and network devices based on DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Vulnerability Management & Continuous Monitoring: Conduct vulnerability scans, analyze results, and work with system administrators to remediate security weaknesses on classified systems. Oversee and perform continuous monitoring activities, including reviewing audit logs, security events, and system alerts for anomalous behavior. Track and ensure compliance with Information Assurance Vulnerability Management (IAVM) directives. Incident Response & Classified Spillage: Act as a primary point of contact and lead for security incidents and classified spillage events on assigned systems. Execute incident response procedures, including containment, eradication, recovery, and detailed reporting to relevant government authorities. Participate in forensic investigations as required for classified incidents. Compliance & Audit Support: Maintain meticulous documentation of all security artifacts, configurations, policies, and procedures for classified systems. Support internal and external security inspections, audits, and assessments by government agencies (e.g., DCSA, DSS, NSA). Develop and implement standard operating procedures (SOPs) for the secure operation of classified systems. User Training & Guidance: Provide guidance and training to users on proper handling, marking, and safeguarding of classified information and operation of classified systems. Ensure all personnel accessing classified systems meet training requirements (e.g., security awareness, insider threat). Configuration Management: Manage and control changes to the hardware, software, and firmware of classified systems to maintain their security posture and accreditation. MINIMUM QUALIFICATIONS Security Clearance: Active U.S. Government Security Clearance required at the SECRET level or above. Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or equivalent experience. Experience: 5 years of dedicated experience in Information Assurance/Cybersecurity within classified government or defense environments. Demonstrable expertise in the Risk Management Framework (RMF) or equivalent A&A processes (e.g., DIACAP). Hands-on experience with security tools and technologies used in classified environments (e.g., ACAS, HBSS, SIEM, dedicated firewalls). Proven experience with DISA STIGs and their application to various operating systems and applications. Technical Skills: Strong understanding of network protocols, operating systems (Windows, Linux/Unix), and virtualized environments in a classified context. Experience with encryption technologies and COMSEC devices. Knowledge of scripting languages (e.g., PowerShell, Python, Bash) for automation and auditing is a plus. Desired Certifications: CISSP (Certified Information Systems Security Professional) DoD 8570.01-M IAT Level II (e.g., CompTIA Security+, CySA+, CCNA Security, SSCP) or higher (IAM Level I, II, or III). GIAC Certifications relevant to incident handling, forensics, or security auditing (e.g., GCIH, GCFA, GCCC, GSNA) Additional Job Requirements Salary Range: $114,000 to $148,000 USD The salary range provided for this position reflects the expected minimum and maximum base pay for new hires. Actual compensation will be determined based on factors such as relevant skills, experience, and qualifications, as well as internal equity and market conditions. In addition to base salary, eligible employees also receive a comprehensive benefits package. WHOI accepts applications on a rolling basis - applications will be reviewed as they are received, and we encourage you to submit your application as soon as possible to ensure full consideration. While we will continue to review applications until the position is filled, and early applicants may have an advantage in the selection process. EEO Statement Woods Hole Oceanographic Institution (WHOI) provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Join Allied Universal Technology Services, a global leader in transforming the security industry. We integrate advanced technology - video surveillance, electronic access control, alarm monitoring and augmented solutions with physical security to help people feel safe. Whether you're an installation technician, service technician, engineer, or project manager, you'll discover rewarding opportunities to grow your career as part of a valued team. Apply today and be phenomenal-build a meaningful career while protecting what matters most through innovative security technology. Job Description Allied Universal is looking to hire a Solution Engineer. The Solution Engineer creates all post-sale security systems design, engineering, value engineering, and documentation. The position is part of the Solutions Engineering department, which is responsible for translating, expanding, finalizing, and documenting pre-sales proposals and technical designs produced by Sales and Solutions Architecture in pre-sale systems architecting and quoting. This position works closely with Sales, Solutions Architecture, Operations, and external customers as required. The primary work products for the Solution Engineer are security system and construction technical drawings, including custom installation drawings and instructions, network design diagrams, riser diagrams, typical installation diagrams, point-to-point system schedules, door hardware schedules, document redlining, functional narratives describing systems operations, and as-built documentation. RESPONSIBILITIES: Creates and updates comprehensive post-sale engineering packages illustrating device locations, IDF/MDF room layouts, SOC/GSOC layouts, console designs, installation diagrams, riser diagrams, network designs, etc. Creates and updates performance-based and product-based specifications Creates and updates pre-fabrication submittal packages as specified by architects and engineers for their approval prior to installation Develops and maintains as-built record documentation over the life cycle of various projects and follow-on MAC work Utilizes and contributes to a comprehensive library of standard post-sale engineering documents, templates, and standards, as well as project-specific and customer-specific submittals Ensures effective value engineering by assuring technical compliance while at the same time reducing Allied Universal Technology Services costs whenever possible Reviews AUTS proposals both pre-sale and post-sale to scrutinize selected products for applicability and specification compliance Collaborates with AUTS's product suppliers to ensure the desired functionality of selected products. Consistently applies AUTS's standards for installation Contributes to AUTS internal guidelines for Solutions Engineering engagement and post-sale systems engineering QUALIFICATIONS (MUST HAVES): A minimum of five (5) years of experience in electronic security systems design / engineering In-depth knowledge of security system design best practices and product applicability, including products like: Video surveillance and related technologies (Analog, IP, Codecs, VMS) Access control and related technologies (card access, biometrics, PIV, FIPS-201, HSPD-12, various processor panels, electric locking hardware, etc.) Physical intrusion detection (Bosch, DMP, etc.) Software House, Lenel, Amag, Brivo, Genetec, and Avigilon systems architectures Computer software skills to include: AutoCAD and associated rendering applications, MS Office, Acrobat Writer, and Visio Ability to read and understand complex architectural and engineering drawings Working knowledge of AC and DC circuitry, voltage drop calculations, and wire sizing Ability to collaborate with diverse teams of technical designers and engineers Ability to simultaneously work on multiple large, complex projects Good written and verbal communication skills Strong analytical decision-making capabilities Self-motivated with the ability to influence others PREFERRED QUALIFICATION (NICE TO HAVES): Manufacture certifications PMP/PSP certifications A bachelor's or associate's degree in electrical engineering or equivalent is considered a plus Ability to plan, size, and design enterprise-class IT network and storage solutions, including products like: Virtualization technologies such as VMware vSphere and View Data-center networking technologies such as Cisco Nexus Storage Area Network technologies such as NetApp or EMC Load balancing / firewalling technologies such as Cisco ACE or Cisco ASA Data-center protocols such as Fibre Channel, NFS, IP, iSCSI, DCE Physical Security Information Management (PSIM) BENEFITS: Salary: $80,000 - 115,000 / annually Medical, dental, vision, retirement plan, basic life, AD&D, and disability insurance Eight paid holidays annually, five sick days, and four personal days Vacation time offered at an accrual rate of 3.08 hours biweekly. Unused vacation is only paid out where required by law #LI-EL1 Closing Allied Universal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: *********** If you have difficulty using the online system and require an alternate method to apply or require an accommodation, please contact our local Human Resources department. To find an office near you, please visit: ***********/offices. Requisition ID 2025-1495451

Overview Join Allied Universal Technology Services, a global leader in transforming the security industry. We integrate advanced technology - video surveillance, electronic access control, alarm monitoring and augmented solutions with physical security to help people feel safe. Whether you're an installation technician, service technician, engineer, or project manager, you'll discover rewarding opportunities to grow your career as part of a valued team. Apply today and be phenomenal-build a meaningful career while protecting what matters most through innovative security technology. Job Description Allied Universal is looking to hire a Solution Engineer. The Solution Engineer creates all post-sale security systems design, engineering, value engineering, and documentation. The position is part of the Solutions Engineering department, which is responsible for translating, expanding, finalizing, and documenting pre-sales proposals and technical designs produced by Sales and Solutions Architecture in pre-sale systems architecting and quoting. This position works closely with Sales, Solutions Architecture, Operations, and external customers as required. The primary work products for the Solution Engineer are security system and construction technical drawings, including custom installation drawings and instructions, network design diagrams, riser diagrams, typical installation diagrams, point-to-point system schedules, door hardware schedules, document redlining, functional narratives describing systems operations, and as-built documentation. RESPONSIBILITIES: Creates and updates comprehensive post-sale engineering packages illustrating device locations, IDF/MDF room layouts, SOC/GSOC layouts, console designs, installation diagrams, riser diagrams, network designs, etc. Creates and updates performance-based and product-based specifications Creates and updates pre-fabrication submittal packages as specified by architects and engineers for their approval prior to installation Develops and maintains as-built record documentation over the life cycle of various projects and follow-on MAC work Utilizes and contributes to a comprehensive library of standard post-sale engineering documents, templates, and standards, as well as project-specific and customer-specific submittals Ensures effective value engineering by assuring technical compliance while at the same time reducing Allied Universal Technology Services costs whenever possible Reviews AUTS proposals both pre-sale and post-sale to scrutinize selected products for applicability and specification compliance Collaborates with AUTS's product suppliers to ensure the desired functionality of selected products. Consistently applies AUTS's standards for installation Contributes to AUTS internal guidelines for Solutions Engineering engagement and post-sale systems engineering QUALIFICATIONS (MUST HAVES): A minimum of five (5) years of experience in electronic security systems design / engineering In-depth knowledge of security system design best practices and product applicability, including products like: Video surveillance and related technologies (Analog, IP, Codecs, VMS) Access control and related technologies (card access, biometrics, PIV, FIPS-201, HSPD-12, various processor panels, electric locking hardware, etc.) Physical intrusion detection (Bosch, DMP, etc.) Software House, Lenel, Amag, Brivo, Genetec, and Avigilon systems architectures Computer software skills to include: AutoCAD and associated rendering applications, MS Office, Acrobat Writer, and Visio Ability to read and understand complex architectural and engineering drawings Working knowledge of AC and DC circuitry, voltage drop calculations, and wire sizing Ability to collaborate with diverse teams of technical designers and engineers Ability to simultaneously work on multiple large, complex projects Good written and verbal communication skills Strong analytical decision-making capabilities Self-motivated with the ability to influence others PREFERRED QUALIFICATION (NICE TO HAVES): Manufacture certifications PMP/PSP certifications A bachelor's or associate's degree in electrical engineering or equivalent is considered a plus Ability to plan, size, and design enterprise-class IT network and storage solutions, including products like: Virtualization technologies such as VMware vSphere and View Data-center networking technologies such as Cisco Nexus Storage Area Network technologies such as NetApp or EMC Load balancing / firewalling technologies such as Cisco ACE or Cisco ASA Data-center protocols such as Fibre Channel, NFS, IP, iSCSI, DCE Physical Security Information Management (PSIM) BENEFITS: Salary: $80,000 - 115,000 / annually Medical, dental, vision, retirement plan, basic life, AD&D, and disability insurance Eight paid holidays annually, five sick days, and four personal days Vacation time offered at an accrual rate of 3.08 hours biweekly. Unused vacation is only paid out where required by law #LI-EL1 Closing Allied Universal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: *********** If you have difficulty using the online system and require an alternate method to apply or require an accommodation, please contact our local Human Resources department. To find an office near you, please visit: ***********/offices. Requisition ID 2025-1495451

Country: United States of America Onsite U.S. Citizen, U.S. Person, or Immigration Status Requirements: Active and transferable U.S. government issued security clearance is required prior to start date. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance Security Clearance: DoD Clearance: Secret Pratt & Whitney is working to once again transform the future of flight-designing, building and servicing engines unlike any the world has ever seen. And because transformation begins from within, we're seeking the people to drive it. So, calling all curious. Come ready to explore and you'll find a place where your talent takes flight-beyond the borders of title, a country or your comfort zone. Bring your passion and commitment and we'll welcome you into a tight-knit team that takes our mission personally. Channel your drive to make a difference into shaping an organization and an industry that's evolving fast to the future. At Pratt & Whitney, the difference you make is on display every day. Just look up. Are you ready to go beyond? What You Will Do: Support Pratt & Whitney's Government Security Compliance team as the Facility Security Officer (FSO) / Information Systems Security Officer (ISSO) for the North Berwick, ME facility. This critical leadership role ensures compliance with the National Industrial Security Program (NISP), NISP Operating Manual (NISPOM), Defense Counterintelligence and Security Agency (DCSA) standards, and other applicable government regulations. The FSO/ISSO will oversee security operations for a cleared facility, ensuring the protection of classified information, systems, and personnel while fostering a culture of security excellence. Key Responsibilities: The FSO/ISSO will report directly to the Pratt & Whitney Associate Director, Corporate Facility Security Officer, and will be responsible for the following: Leadership and Compliance: Lead the formulation, establishment, and execution of local collateral security policies, procedures, and protocols to ensure compliance with NISP, DAAPM, ICDs, and other governing regulations. Serve as the primary interface with internal and external stakeholders, including government agencies, subcontractors, and P&W leadership. Security Program Oversight: Manage the facility's classified holdings, maintain CAGE code facility clearance, and process changes in conditions. Conduct and oversee security program reviews, including DCSA inspections, self-inspections, and formal audits. Investigate and report security incidents/violations in collaboration with the Corporate FSO and Cognizant Security Authority. Insider Threat Program: Serve as a key member of the Insider Threat Management Council and liaise with the Corporate Insider Threat Program Senior Official (ITPSO). Provide North Berwick leadership and guidance on Insider Threat Program activities and initiatives. Information Systems Security: Collaborate with the Information Systems Security Manager (ISSM) to ensure the operational security posture of information systems. Manage user account requests, monitor user activity, and analyze audit records to identify and address anomalies. Support incident response activities in the event of security violations or breaches. Stakeholder Engagement: Foster effective communication and collaboration with government customers, associated contractors, subcontractors, P&W teams, and North Berwick senior leadership. Represent the GSC team as a project manager on select core projects and initiatives. Training and Development: Attend technical and security training to maintain expertise in security management, operating systems, and networking. Provide guidance and training to facility staff on security responsibilities and best practices. Serve as the Government Security Compliance Data Transfer Agent program focal: Provide leadership and oversight for the Data Transfer Agent (DTA) program, ensuring compliance with regulatory and customer requirements. Serve as the primary point of contact for customers regarding DTA program compliance and functionality. Collaborate with internal stakeholders to maintain and enhance program effectiveness and security. Develop and implement best practices, policies, and procedures for secure and efficient data transfer. Monitor program performance and drive continuous improvement to meet evolving security and customer needs. Other Duties: Perform additional tasks as directed by the Corporate Facility Security Officer. Coordinate and support the North Berwick Security Staff as directed. Qualifications You Must Have: Advanced degree and 5+ years of experience in industrial security, cybersecurity, government compliance, or government regulated industry; OR Bachelor's degree and 8+ years of relevant industry experience; OR an Associate's degree and 10+ years of relevant industry experience. We will also consider high school diploma, technical or military training, or recognized industry certifications in combination with 12+ years or relevant industry experience. 1+ Year of hands-on experience supporting administering and/or maintaining computing systems, networks and/or software Active U.S. government issued Secret level security clearance required plus ability to obtain and maintain a Top-Secret level security clearance. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance. Must be able to obtain industry recognized Cybersecurity certification within 12 months of hire (i.e. Security + CE) Qualifications You Prefer: Strong understanding of the NISPOM, DAAPM, ICDs, and other security regulations. Experience with DISS, NISS, SIMS, and other DCSA related databases. Proficiency in managing classified information systems and working with DCSA inspections. Cybersecurity certification (i.e. Security + CE). Facility Security Officer (FSO) certification. Information Systems Security Officer (ISSO) certification. Proven leadership experience, preferably within a defense, aerospace, or government environment. Experience with Insider Threat Programs and related compliance activities. Strong project management skills and the ability to manage multiple priorities effectively. What is my Role Type? In addition to transforming the future of flight, we are also transforming how and where we work. We've introduced role types to help you understand how you will operate in our blended work environment. This role is: Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance workers, as they are essential to the development of our engines. Candidates will learn more about role type and current site status throughout the recruiting process. For onsite and hybrid roles, commuting to and from the assigned site is the employee's personal responsibility. Learn more & apply today! As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote. The salary range for this role is 101,000 USD - 203,000 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate's work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company's performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window. RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans' Readjustment Assistance Act. Privacy Policy and Terms: Click on this link to read the Policy and Terms

New England College of Optometry seeks an entry level Information Security Manager to develop, implement, and oversee a robust information security strategy and program. This critical role involves establishing and enforcing policies, procedures, and technologies to protect the confidentiality, integrity, and availability of institutional and student data. The Information Security Manager will be responsible for risk assessment, incident response, security operations, and ensuring compliance with all relevant regulations and standards. This role requires strong leadership, technical expertise, and excellent communication skills to collaborate effectively across the institution. Responsibilities * Develop, implement, and oversee a robust information security strategy and program in alignment with institutional goals and industry best practices. * Establish and maintain institutional information security policies, standards, and guidelines, ensuring they are regularly reviewed, updated, and communicated. * Manage security operations, including monitoring, detection, prevention, response, and analysis of security threats and vulnerabilities. * Lead and coordinate the information security incident response team, managing security breaches & ensuring timely and effective resolution and post-incident analysis. * Conduct regular risk assessments and penetration testing to identify and mitigate potential security vulnerabilities across systems, networks, and applications. * Ensure compliance with national and international regulatory frameworks (e.g., FERPA, HIPAA, ISO 27001, SOC 2) relevant to the organization. * Oversee security awareness training programs for all employees to promote a culture of security consciousness. * Manage the security budget and evaluate, select, and implement appropriate security tools and technologies. * Report on the status of the security program, vulnerabilities, and incidents to executive leadership. * Work on "special projects" as assigned by the Chief Information Officer. * Other duties as assigned. Requirements * Experience in designing, implementing, and managing enterprise-level information security programs and strategy. * Technical knowledge of network security, application security, cloud security (e.g., AWS, Azure, GCP), and endpoint protection technologies. * Understanding of risk management methodologies and security frameworks (e.g., ISO 27001, NIST, CIS Controls). * Experience leading security incident response and forensic analysis. * Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical audiences. * Knowledge of networking principles, including wireless networking. * Excellent written and verbal communication skills, professional appearance, punctuality and a sense of urgency. * Experience working with Active Directory and Google Cloud Platform. * Ability and willingness to learn new technologies. Preferred Background/Skills * Professional certifications such as CISSP, CISM, or relevant SANS certifications. * Experience with Governance, Risk, and Compliance (GRC) tools and processes. * Exceptional organizational skills, with the ability to prioritize projects and tasks. * Familiarity with scripting languages (e.g., Python, PowerShell) for security automation. * Ability to write reports and document steps for knowledge sharing. * Ability to work efficiently and independently with minimal supervision. * Excellent customer service and communications skills. Education * Bachelor's degree in Computer Science, Information Technology, Information Security, or a related technical field. Experience * A minimum of 2 years of progressive experience in the field of information security. NECO is an Equal Opportunity employer and encourages all qualified candidates to apply. New England College of Optometry offers a robust benefits program including: * 3 plan options for BCBS medical coverage (employer subsidized at 75% or greater) * Mental Health and Wellness benefits * BCBS Dental * Discounted vision services * 13 paid holidays and generous paid time off for sick, vacation, and personal days * Employer-paid life insurance, and short-term and long-term disability * Voluntary Insurance: life, critical illness, hospital indemnity, accident, * Voluntary Benefits: employee discounts and pet insurance * 9% employer contribution to a 403(b) retirement plan after 1 year of service with no vesting schedule or match requirement * Qualified Public Service Loan Forgiveness Employer

Full-time Description New England College of Optometry seeks an entry level Information Security Manager to develop, implement, and oversee a robust information security strategy and program. This critical role involves establishing and enforcing policies, procedures, and technologies to protect the confidentiality, integrity, and availability of institutional and student data. The Information Security Manager will be responsible for risk assessment, incident response, security operations, and ensuring compliance with all relevant regulations and standards. This role requires strong leadership, technical expertise, and excellent communication skills to collaborate effectively across the institution. Responsibilities Develop, implement, and oversee a robust information security strategy and program in alignment with institutional goals and industry best practices. Establish and maintain institutional information security policies, standards, and guidelines, ensuring they are regularly reviewed, updated, and communicated. Manage security operations, including monitoring, detection, prevention, response, and analysis of security threats and vulnerabilities. Lead and coordinate the information security incident response team, managing security breaches & ensuring timely and effective resolution and post-incident analysis. Conduct regular risk assessments and penetration testing to identify and mitigate potential security vulnerabilities across systems, networks, and applications. Ensure compliance with national and international regulatory frameworks (e.g., FERPA, HIPAA, ISO 27001, SOC 2) relevant to the organization. Oversee security awareness training programs for all employees to promote a culture of security consciousness. Manage the security budget and evaluate, select, and implement appropriate security tools and technologies. Report on the status of the security program, vulnerabilities, and incidents to executive leadership. Work on "special projects" as assigned by the Chief Information Officer. Other duties as assigned. Requirements Experience in designing, implementing, and managing enterprise-level information security programs and strategy. Technical knowledge of network security, application security, cloud security (e.g., AWS, Azure, GCP), and endpoint protection technologies. Understanding of risk management methodologies and security frameworks (e.g., ISO 27001, NIST, CIS Controls). Experience leading security incident response and forensic analysis. Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical audiences. Knowledge of networking principles, including wireless networking. Excellent written and verbal communication skills, professional appearance, punctuality and a sense of urgency. Experience working with Active Directory and Google Cloud Platform. Ability and willingness to learn new technologies. Preferred Background/Skills Professional certifications such as CISSP, CISM, or relevant SANS certifications. Experience with Governance, Risk, and Compliance (GRC) tools and processes. Exceptional organizational skills, with the ability to prioritize projects and tasks. Familiarity with scripting languages (e.g., Python, PowerShell) for security automation. Ability to write reports and document steps for knowledge sharing. Ability to work efficiently and independently with minimal supervision. Excellent customer service and communications skills. Education Bachelor's degree in Computer Science, Information Technology, Information Security, or a related technical field. Experience A minimum of 2 years of progressive experience in the field of information security. NECO is an Equal Opportunity employer and encourages all qualified candidates to apply. New England College of Optometry offers a robust benefits program including: 3 plan options for BCBS medical coverage (employer subsidized at 75% or greater) Mental Health and Wellness benefits BCBS Dental Discounted vision services 13 paid holidays and generous paid time off for sick, vacation, and personal days Employer-paid life insurance, and short-term and long-term disability Voluntary Insurance: life, critical illness, hospital indemnity, accident, Voluntary Benefits: employee discounts and pet insurance 9% employer contribution to a 403(b) retirement plan after 1 year of service with no vesting schedule or match requirement Qualified Public Service Loan Forgiveness Employer