Information security analyst jobs in Saint Charles, MO

Systems Engineer IV Scott AFB, IL, USA Full-time FLSA Status: Exempt Clearance Requirement: Secret Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide. Job Description Overview SOS International LLC is seeking a [TITLE] to join our team in [work location]. A Systems Engineer is responsible for designing, implementing, and maintaining the systems and infrastructure necessary to support the technical operations of an organization. This role involves an in-depth understanding of both hardware and software components, as well as the ability to troubleshoot complex issues and provide innovative solutions. Essential Duties Perform technical engineering evaluations and assessments of high-risk Cross Domain Solutions (CDS) to determine the suitability and compliance of its components with Joint, DOD, and AF policies, and configuration and security guides. Determine the suitability of the CDS components and/or systems in relation to installation, modification, relocation, and/or removal. Conduct CDS technical engineering evaluations and assessments based on the Risk Decision Authority Criteria (RDAC) developed by the National Security Agency (NSA) for CDS hardware, software, firmware, and systems comprised of those components. Derive transfer processing threat, identity threat, policy threat and corresponding policy by-pass threat, and site mitigation risk ratings with sufficient justification to receive approval/authorization from CDS forums including: National Security Agency (NSA), Connection Approval Office (CAO), DoD Information Security Risk Management Committee (DoD ISRMC), Cross Domain Technical Advisory Board (CDTAB), National Cross Domain Strategy and Management Office (NCDSMO) Defense Security / Cybersecurity Accreditation Working Group (DSAWG) community. Accomplish documentation detailing the transfer processing risk introduced by a CDS to include measures taken to protect the confidentiality, availability, and integrity of information before and after it transits the CDS as well as data at rest. Identify and provide mitigation recommendations in the environment in which the CDS will operate Interpret scan and test results and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs). Recommend risk mitigations to ensure CDSs meet an acceptable level of risk for issuance of an Authority to Operate (ATO). Conduct extensive reviews of technical documentation including CDS Appendices, CDS Validation Approval Requests, system topologies, Lab-Based Security Assessments (LBSA) and Site-Based Security Assessments (SBSA) plans and reports. Assess authenticator management, intrusion management, partner identity management, location security, and technology and data risk mitigations. Perform engineering studies in support of complex mission critical CDS systems and deliver draft technical documents, reports, briefings, and other correspondence to the government. Coordinate with Authorizing Officials (AOs), PMOs, user reps, and system owners to maintain Risk Management Framework (RMF) packages, conduct risk and vulnerability assessments, provide support to the CDS approval processes, and perform other IA support duties. Develop and submit recommended policy directives, instructions, manuals, standards, strategies, visions, mission statements, goals and objectives as they apply to CDS. Provide ad hoc reports and briefings with information such as metrics, meeting minutes, inputs for Joint Approval Boards, and updated status of operational CDSs. Travel Requirements: Travel between Scott AFB, IL and other CONUS/OCONUS locations may be required under this task order. Qualifications Essential Requirements Bachelor's degree in Communications or Security is mandatory. Active SECRET security clearance is a non-negotiable prerequisite. Minimum of four years of relevant professional experience is required. Demonstrated proficiency in National, DoD, and AF Information Assurance (IA) policies, procedures, and objectives is essential. DoD 8570.1 IAM Level II certification (CAP, CASP+CE, CISM, CISSP or Associate, GSLC, CCISO) is imperative. Extensive knowledge and experience in Security Engineering, Risk Assessments, and Network Architectures are crucial. Superior analytical and problem-solving capabilities are required, with the ability to diagnose complex technical issues and develop effective solutions. Exceptional verbal and written communication skills are necessary, including the ability to articulate technical concepts to non-technical stakeholders. Proven experience in managing multiple projects simultaneously, demonstrating strong organizational and time management skills. Meticulous attention to detail is critical to ensure the accuracy and reliability of system configurations and documentation. Demonstrated ability to work effectively in a team environment, with strong interpersonal skills and the capacity to establish positive working relationships with colleagues and stakeholders. Adaptability to evolving technologies and organizational needs is essential, along with a commitment to continuous learning and improvement. Comprehensive knowledge of cybersecurity principles and best practices, with the ability to implement and maintain robust security measures. Preferred Qualifications Advanced degrees or certifications in Systems Engineering, Network Engineering, or Cybersecurity will be viewed favorably. Additional Information Work Environment This position requires working in an office environment, with occasional travel to client sites or data centers. May require working outside regular business hours to perform maintenance or respond to emergencies. Ability to lift and move computer hardware and equipment as needed. Working at SOSi All interested individuals will receive consideration and will not be discriminated against for any reason.

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

The Information Assurance Principal Analyst/Program Lead will provide leadership, oversight, and operational management for the Joint Operation Planning and Execution System (JOPES) and the Transportation Visualizer (TransViz) Functional Management Support contract. This individual will act as the primary liaison between TeAM, government officials, and all contract stakeholders, ensuring the coordination, integration, and execution of all program activities in accordance with DoD and USTRANSCOM expectations. The Information Assurance Principal Analyst/Program Lead will be responsible for meeting all performance, schedule, and quality objectives as outlined in the contract's scope. Mission Objectives - The primary objective of this project is to support the operational effectiveness and mission readiness of the JOPES and TransViz platforms at Scott Air Force Base. As a critical contract team member, the Information Assurance Principal Analyst/Program Lead ensures seamless functional management, stakeholder coordination, and compliance with all contractual and security requirements while facilitating process improvements and the timely delivery of program services. This position supports USTRANSCOM and associated DoD agencies by optimizing system capabilities and user experience in support of national defense objectives. Position Responsibility Summary Serve as the principal point of contact (POC) for all programmatic, technical, and contractual matters, representing TeAM in communications with government officials and stakeholders. Serve as a Liaison for all meetings & events, coordinating & scheduling all course training for teams, and attending reviews of the program. Lead, supervise, and coordinate activities of the project team-overseeing System Administrators and the Database Administrator-to fulfill contract objectives. Ensure timely and accurate reporting of program performance, deliverables, metrics, and compliance with DoD security, safety, and operational requirements. Manage risks, mitigate issues, and implement corrective actions to maintain project schedule and instill quality control. Oversee and ensure workforce compliance with all mandatory security, safety, and DoD-mandated annual training, including but not limited to OPSEC, Antiterrorism Level I, CUI, and Emergency Operations. Develop and implement process improvements, leveraging industry best practices (e.g., ITIL) to enhance JOPES/TransViz functionality and user satisfaction. Foster a culture of open communication and collaboration across stakeholders, promoting continuous improvement in program delivery. Ensure all support activities are conducted on-site in compliance with established guidelines and within the designated geographic radius.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

Join our dynamic and thriving company as a Data Security Analyst in St. Louis, MO where you'll have the opportunity to make an impact and shape the future of our renowned brands. If you have a passion for fashion, eager to learn and have an eye for detail, this is the perfect role for you! As a member of our team, you'll be part of a company that values results, caring and learning. What You'll Be Doing Monitor security service performance and availability: Provide recommendations on security equipment, software, and services On-going investigation: Inspect information security alarms and events to determine vulnerability and impact Implement processes: Put forth structured risk assessment processes, conducting ongoing threat and vulnerability assessments, and evaluating controls and countermeasures to mitigate risk Participate in architecture reviews: Ensure adherence to information security architecture Develop processes: Create plans for preventing, detecting, identifying, analyzing and responding to information security incidents Design and deliver programs: Create education and training programs on information security and privacy matters The Timberline Group Phone: ************ PO Box 565, Sullivan, Mo 63080 ********************* ************************* "Delivering quality solutions through quality people"

WCBinc is pursuing an opportunity with the National Geospatial-Intelligence Agency (NGA) for Transport & Cybersecurity Services (TCS) contract. The functional capabilities are to provide the information technology (IT) infrastructure services required to deliver timely, relevant, and accurate GEOINT in support of national security. TCS will provide innovative design, engineering, procurement, implementation, operations, sustainment and disposal of transport and cybersecurity IT services on multiple networks and security domains, at multiple locations worldwide to support the NGA GEOINT mission. What You'll Get to Do: Provide cyber threat intelligence services for the collection, fusion, analysis, creation, and distribution of threat intelligence from government entities, commercial feeds, open sources, and other partners to obtain situational awareness of the threat environment. Cyber threat intelligence services shall develop and disseminate reports and tippers to internal and external stakeholders based on events, alerts, and incidents on the customer systems and networks. Provide advanced cybersecurity analytics (ACA) services which aggregates and analyzes products, data, and information to identify trends and patterns, anomalous activity, provide situational awareness of the customers networks, missions and threats, and provide operational recommendations, visualizations, tuning requests, and custom signature creation to the CSOC and other internal and external stakeholders. Implements and monitors security measures for communication systems, networks, and provide advice that systems and personnel adhere to established security standards and Governmental requirements for security on these systems. Designs and implements data network security measures; operates Network Intrusion Detection and Forensics; conducts performance analysis of Information Systems security incidents; develops Continuity of Operation (COOP)/Disaster Recovery (DR) plans and supports certification of Information Systems and Networks. Advanced Cybersecurity Analytics will provide advanced cybersecurity services on an expanded 12x5service support level during core hours and on-call support with two-hour response time during non-core hours. Cyber Threat Intel Services will provide advanced cybersecurity services on an expanded 12x5 service support level during core hours and on-call support with two-hour response time during non-core hours. Supervises operation of Electronic Key Management System, other information security duties, and Public Key Infrastructure. Develops new concepts and processes. Analyzes root causes and resolves issues. Supports more junior level technicians and specialists in their activities. Can perform all tasks of lower level technicians or specialists. Works individually, actively participates on integrated teams, and may also lead a task, project or team Requires guidance and direction from more expert level technicians, specialists, and managers only when dealing with new, uncertain situations. Provides guidance to lower level technicians and specialists.

Company: The Boeing Company The Boeing Company is looking for a highly motivated Cybersecurity - Information System Security Officer (ISSO) to join our Classified Operations Cybersecurity team based in Hazelwood, MO. This position supports Boeing's Enterprise Wide Area Network (eWAN). The selected candidate will rely on cyber security and Information Assurance (IA) background to support Enterprise activities and Boeing customers throughout multiple classified computing domains. The ISSO is responsible for maintaining and enforcing all Information System Security policies, standards, and directives to ensure assessment and authorization of information systems processing classified information. Position Responsibilities: Perform security analysis of operational and development environments, threats, vulnerabilities, and internal interfaces to define and assess compliance with accepted industry and government standards Support and implement the Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF) for new and existing information systems Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters (RAL) and support Continuous Monitoring (CONMON) Perform configuration management of assigned systems; auditing systems to ensure security posture integrity Conduct risk assessments and investigations, execute appropriate risk mitigations, and participate in incident response activities Conduct periodic hardware/software inventory assessments Interface with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements Basic Qualifications (Required Skills/Experience): IAM Level 1 DoD 8140.01 (previously 8570.01) compliant certification (i.e. CAP, Security+ CE, CISSP, CASP, CISM, GSLC) 1+ years of experience in cybersecurity 1+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs Preferred Qualifications (Desired Skills/Experience): 3+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS 3+ years of experience assessing and documenting test or analysis data to show cyber security compliance Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies . Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary pay range: $92,650 - $125,350 Language Requirements: Not Applicable Education: Bachelor's Degree or Equivalent Relocation: Relocation assistance is not a negotiable benefit for this position. Export Control Requirement: This position must meet export control compliance requirements. To meet export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.15 is required. “U.S. Person” includes U.S. Citizen, lawful permanent resident, refugee, or asylee. Safety Sensitive: This is not a Safety Sensitive Position. Security Clearance: This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) Visa Sponsorship: Employer will not sponsor applicants for employment visa status. Contingent Upon Award Program This position is not contingent upon program award Shift: Shift 1 (United States of America) Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. EEO is the law Boeing EEO Policy Request an Accommodation Applicant Privacy Boeing Participates in E - Verify E-Verify (English) E-Verify (Spanish) Right to Work Statement Right to Work (English) Right to Work (Spanish)

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Information Security Operations Analyst IIOverview The Security Awareness team is looking for an Information Security Operations Analyst II to drive continued improvements to the education and training offerings we have for our Mastercard colleagues. Our award winning SecurIT First program must continue to remain relevant and effective in how we keep security awareness top of mind for all employees and contingent staff. The ideal candidate is passionate about the internal customer experience, is highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In this Security Awareness position, you will: • Liaise between the Security Awareness team and all others at Mastercard. • Build new content and design awareness events to positively impact the security behaviors of Mastercard staff. • Partner with external providers to deliver effectives solutions with quality and integrity. • Manage our collaboration with the M&A Team and manage all Audit and Regulatory requests that come into our team. All About You The ideal candidate for this position should: • Possess advanced knowledge in security awareness concepts and principals. • Be comfortable meeting with business leaders to discuss and educate their teams about the desired security behaviors and how to influence and improve those behaviors. • Be able to identify appropriate security awareness solutions to further reduce the human risk at Mastercard. • Analyze, recognize and escalate trends in security behaviors and identify ways to improve our offerings. • Lead vendor relationships with those providers of contract solutions for the Security Awareness program. • A professional certification in Security Awareness is not required but highly encouraged. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard's security policies and practices; • Ensure the confidentiality and integrity of the information being accessed. • Report any suspected information security violation or breach. • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $76,000 - $127,000 USD

The Managed Service Security Analyst is responsible for monitoring, detecting, and responding to security incidents to protect client environments. This role involves the identification of vulnerabilities, analyzing security risks, responding to security operations service tickets, and implementing protective measures. The Security Analyst will also assist with security audits, incident response, compliance-related activities and projects, and ensuring that all security services meet established performance and security standards. PRINCIPAL DUTIES AND RESPONSIBILITIES: Client Support: Provide security-related support to clients, addressing concerns, incidents, and queries in a timely manner. Security Monitoring: Perform continuous security monitoring of client systems, networks, and applications for malicious activities or security breaches. Incident Response: Respond to security incidents, conduct investigations, containment, and remediation efforts to mitigate risks and protect client environments. Vulnerability Management: Identify, assess, and prioritize vulnerabilities in client systems, recommending and implementing mitigation strategies. Threat Intelligence: Utilize threat intelligence tools to identify potential risks and provide proactive defense recommendations. Compliance Support: Ensure client systems adhere to regulatory and compliance standards (e.g., PII, HIPAA, PCI-DSS) as required. Security Audits: Assist with internal and external security audits, including the preparation and maintenance of audit documentation. Documentation: Maintain detailed records of security incidents, operational tasks, and system configurations in accordance with best practices. KNOWLEDGE, SKILLS AND ABILITIES: Education: Bachelor's degree in information technology, Computer Science, a related field, or additional years of relevant job experience. Experience: Minimum of 1 year of experience in an IT security or service role, preferably in a managed services environment. Certifications: Relevant certifications such as CASP+, CISSP, CEH, CompTIA Security+, or equivalent are preferred. Skills: Strong understanding of security frameworks (e.g., NIST, ISO 27001). Experience with security information and event management (SIEM) tools. Excellent analytical and problem-solving abilities. Strong communication and interpersonal skills for client-facing interactions. Ability to manage multiple security incidents and tasks simultaneously.

JOB TITLE: Product Security Engineering 2 PAY RATE: $53-67/hour We are a national aerospace and defense staffing agency seeking highly qualified candidates for a position with a top-tier client. Job Details: Job Type: Contract (12 months with potential for extension) Clearance: Active Top Secret U.S. Security Clearance required (must be active within the last 24 months) Industry: Aerospace / Defense / Aviation Benefits: Medical, dental, and vision (Cigna) Perks: Bonus potential + Priority access via Tier 1 supplier Openings Nationwide: Thousands of opportunities across the U.S. Qualifying Questions: Are you a U.S. person as defined under ITAR regulations? Do you meet the educational and experience requirements for this role? Can you commute to the job location or relocate if necessary? Summary: Assess organization-wide security and privacy risks, updating assessment results on an ongoing basis. Perform system analysis and develop system tests for cyber threats, cybersecurity evaluations, and large-scale event assessments. Ensure adherence to the product security engineering development lifecycle, emphasizing clear requirements development and verification (using CAMEO). Conduct criticality analyses, collaborate with suppliers, identify critical components, and integrate them into overall system designs. Perform cyber risk assessments and develop mitigation plans (e.g., POA&Ms, SCRM) using tools including but not limited to CAMEO. Support and facilitate ATO/IATT packages, including processing IAVMs and CTOs. Perform software assurance tasks, including developing software assurance risk reports. Support proposal development efforts (e.g., BOE generation, GR&A development, trade studies). Assist with the engineering installation and analysis of patches, updates, and upgrades to assess system impact. Attend and facilitate program boards, collect data, and manage project documentation and collaboration. Apply Security Technical Implementation Guides (STIGs) and manage Cyber Tasking Orders (CTOs). Document and verify all installation and configuration steps for labs and operational deliveries. Provide feedback to Cyber Leadership and engineers to improve tools and processes. Collaborate with Information System Security Officers (ISSOs) to ensure compliance with cybersecurity standards and regulations. Support cyber threat intelligence, scanning, patching, remediation, and tool/application development. Assist in compliance activities including TEMPEST, DFARS, COMSEC, and CNSSI. Develop tools for cyber forensics and identify opportunities for efficiency and productivity improvements. Perform system analysis trade studies to define technical concepts and solutions. Requirements: Active Top Secret U.S. Security Clearance required (must be active within the last 24 months) Bachelor's degree (or equivalent technical education) in engineering, engineering technology, computer science, data science, mathematics, physics, or chemistry. 2 or more years of related experience, or an equivalent combination of education and experience. Current DoD 8570 certification at IAT Level II / IAM Level I or higher (e.g., Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA). 1+ years of experience in product security or cybersecurity engineering. 1+ years of experience with cybersecurity frameworks (NIST, OWASP, DFARS). Strong analytical, collaboration, communication, and organizational skills. ABET accreditation preferred but not required. Must be a U.S. Citizen (as defined by ITAR). Preferred Qualifications: Proficiency with CAMEO. 2+ years of Windows/RHEL system administration experience, including tuning and troubleshooting cyber tools (ESS/HBSS, ConfigOS, Splunk, etc.). 2+ years of experience configuring and scripting audit tools. Experience with Software Assurance (SwA) static and/or dynamic code analysis tools (e.g., Fortify). Familiarity with FISMA/RMF and NIST 800-53 requirements. Experience leading cyber test and evaluation at system or component level. Strong written and verbal communication skills with the ability to simplify complex technical issues. Understanding of DoD defense systems architectures, communications systems, and test/data analysis methods. About Us: The Structures Company is a premier national aerospace and defense staffing agency specializing in contract, contract-to-hire, and direct hire placements. We deliver expert workforce solutions across engineering, IT, production, maintenance, and support roles. As trusted partners to major aerospace OEMs and Tier 1 suppliers, we connect professionals with opportunities to grow and excel in the aviation and aerospace industries. Eligibility Requirements: Must be a U.S. Citizen, lawful permanent resident, or protected individual under 8 U.S.C. 1324b(a)(3) to comply with ITAR regulations. Keywords: aerospace, aviation, engineering, maintenance, aircraft design, defense Take your career to new heights-apply today! Engineers - #Hotjobs

At Kelly Services, we work with the best. Our clients include 99 of the Fortune 100TM companies, and more than 70,000 hiring managers rely on Kelly annually to access the best talent to drive their business forward. If you only make one career connection today, connect with Kelly. Job Description MUST have IT Audit experience MUST have CISA (Certified Information Systems Auditor Certification) SOX Audit and compliance experience on systems / infrastructure is preferred Open to candidate that is willing to relocate to St. Louis, MO US Citizen, Green Card holder, EAD OPT only Senior IT Audit Analyst The successful candidate, will have the opportunity to work with our client whom is a reputable global provider in integrated pharmacy benefit management, cost management as well as patient-care services worldwide. 6 months contract with possibility of renewal and/or contract to hire. Position is based in St. Louis, MO. General Summary: The Senior IT Audit Analyst will be responsible of: · Carrying out audit of IT infrastructure and systems within the organization. · Perform risk assessments for sensitive internal and external systems · Ensures that the security of information systems assets is in compliance with company policies, SAS70, Sarbanes Oxley, Payment Card Industry, HIPAA, NIHB and DIACAP · Ensures that user community understands and adheres to necessary procedures to maintain security Qualifications: · Bachelor's Degree in computer related field desired · Minimum 5 years' experience in IT audit experience, preferable in IT Systems. · Must be a Certified Information Security Auditor (CISA) · Familiarity with external regulations, e.g., DIACAP, HIPAA, Sarbanes-Oxley · Strong understanding of information security principles · Excellent organizational skills and ability to communicate with internal/external entities and executives a must Additional Information Why Kelly? As a Kelly Services candidate you will have access to numerous perks, including: Exposure to a variety of career opportunities as a result of our expansive network of client companies Career guides, information and tools to help you successfully position yourself throughout every stage of your career Access to more than 3,000 online training courses through our Kelly Learning Center Group-rate insurance options available immediately upon hire* Weekly pay and service bonus plans

Job DescriptionSignificance is a woman-owned consulting firm serving the federal government. We are known for building trusted relationships within our teams and with our clients and hiring the highest-level experts who implement innovative solutions. We also like to have fun! Our focus on culture has contributed to Significance being named a Washington Business Journal Best Place to Work each of the last seven years. We are seeking an IT Audit Analyst to join our program in support of USTRANSCOM at Scott AFB. Work will be performed on a hybrid basis with onsite work expected 3 days per week. In this role you will: • Conduct reviews of a designated critical feeder and core accounting systems for compliance with applicable standards, ensuring compliance with: o DoD Instruction 8510.01 o NIST 800-53 RMF o FMFIA o Federal Information System Controls Audit Manual (FISCAM)• Support with the execution of test plans to evaluate design and operating effectiveness of IT controls. As findings are addressed, the Contractor shall assist in the development of a CAP.• Provide support in reviewing and mapping the Statement on Standards for Attestation Engagements 18 reports, reviewing and testing Complimentary User Entity Controls (CUEC), and providing the test results. • Support the development of CAPs and support remediation testing for CAPs that have been implemented by the programs. The results of the CUEC reviews are reported in the timeframe and format provided by OSD.• Support with FISCAM training as requested to program managers.Required Skills/Experience Interim Secret security clearance with ability to get a fully active secret security clearance 0-3 years experience in a related position, preferably supporting DoD agencies Bachelor's Degree (Information Systems, Accounting or relevant field) Must be currently located in the St. Louis metro area and able to report to Scott AFB at least 5 days/week Desired Skills Experience (can include internships) with IT audit or internal audit in the Federal Government At Significance, your base pay is one part of your total compensation package and is determined within a range. Our pay ranges are based on the local cost of labor benchmarks for each specific role, level, and geographic location. We carefully consider a wide range of factors when determining compensation, including but not limited to experience; job-related skill sets; relevant education or training; and other business and organizational needs. The salary range listed is for the level at which this job has been scoped. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for a comprehensive and generous benefits package. We are an E-Verify Employer********************************************** Contents/E-Verify_Participation_Poster.pdf************************************************************************************** We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

Job Description Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

WCBinc is looking for a Cyber Security Operations Specialist II to operate and manage all aspects of Information Systems, data availability, integrity, authentication, confidentiality, and non-repudiation. This role will develop and execute security policies, plans, and procedures and ensure security measures of the network. What You'll Get to Do: Provide cyber threat intelligence services for the collection, fusion, analysis, creation, and distribution of threat intelligence from government entities, commercial feeds, open sources, and other partners to obtain situational awareness of the threat environment. Provide cyber threat intelligence services on an expanded 12x5 service support level during core hours and on-call support with two-hour response time during non-core hours. Cyber threat intelligence services shall develop and disseminate reports and tippers to internal and external stakeholders based on events, alerts, and incidents on customer systems and networks. Implements and monitors security measures for communication systems, networks, and provide advice that systems and personnel adhere to established security standards and Governmental requirements for security on these systems. Designs and implements data network security measures; operates Network Intrusion Detection and Forensics; conducts performance analysis of Information Systems security incidents; develops Continuity of Operation (COOP)/Disaster Recovery (DR) plans and supports certification of Information Systems and Networks. Supervises operation of Electronic Key Management System, other information security duties, and Public Key Infrastructure. Receive tickets from other Cybersecurity Operations Services sub-services and conduct detailed analysis to validate any event/alert/incident Categorize, prioritize, investigate, and assess cybersecurity events/alerts/incidents to identify the extent and scope of the event/alert/incident and what impact there is on the operation or systems Update and forward tickets to other Cybersecurity Operations Services to customer as needed Collect, aggregate, and analyze artifacts and evidence from all available tools, knowledge sources, and data artifacts to determine and document the who, what, when, where, why and how of an intrusion, its extent, how to limit damage, and how to recover Submit custom signatures and tuning requests as needed to Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services Assists the C-IRT by assessing ongoing incident activity to predict adversary responses and locations of compromise Documents tickets and analysis to a level of detail sufficient to reconstruct the analyst's analysis, to include but not limited to the steps taken, timelines, and data required to justify the analyst's assessment Provide custom metrics reports including incident category types, tools used, number of indicators, time opened at each step, trending statistics, service availability, system utilization, etc. Provide input to the daily CSOC Significant Activity, Operations, and the weekly CSOC Status Report Advanced Cybersecurity Analytics, coordinate with Network Security Services, Endpoint Security Services, and Cybersecurity Data Analysis Services to develop or tune rules/signatures/scripts

Security analysts are responsible for analyzing system and application security and making recommendations that optimize the protection of our computer systems and information resources. Security analysts develop, test, implement and maintain security policies and programs. They are responsible for staying current on security best practices and identifying security procedures to support business objectives and regulatory compliance. Responsibilities: The Information Security Office (ISO) Regulatory Compliance team is seeking a Security Analyst 2 to actively contribute to our organization's compliance efforts. This role calls for someone who can work closely with various business units, conduct thorough assessments, and assist in crafting effective remediation plans. Key Responsibilities: As a Security Analyst 2 on the Regulatory Compliance Team, you will: Coordinate audits with external assessors (QSA) and internal stakeholders to streamline assessment process related to collecting evidences Lead the validation of PCI requirements testing results and drive compliance gap remediation efforts Create and maintain documentation to support PCI program Conduct comprehensive internal compliance assessments, identify compliance gaps, and actively participate in developing remediation plans. Collaborate closely with different business units to ensure alignment with relevant regulations and standards. Support automation efforts across the compliance function. Regularly review policies and procedures to ensure ongoing compliance with regulatory requirements. Effectively manage and prioritize multiple projects related to regulatory compliance. Stay vigilant in monitoring and tracking regulatory changes, providing teams with guidance on updating policies and procedures as needed. Be a source of guidance and support for fellow members of the compliance team. Qualifications: Required: Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future Must be committed to incorporating security into all decisions and daily job responsibilities 3+ years with leading, planning and execution of PCI assessments which includes review of control design with a focus on payment card compliance and security. Demonstrate the ability to work both independently with a strong sense of ownership and collaboratively within a team to achieve departmental and project objectives. Ability to maintain a high degree of confidentiality. Detail-oriented with strong project management skills, including project planning, directing project activities, and leading project teams. Proficient in documentation, communication skills, and a proven ability to deliver formal and informal presentations to a diverse audience. Ability to organize and prioritize multiple complex assignments and tasks for self and team members, ensuring deadlines are met. Excellent problem-solving and analytical skills, with the ability to define problems, collect data, establish facts, and draw valid conclusions. Demonstrated leadership, collaboration, and relationship management skills, representing goals within the team and outside the department. Ability to be flexible and adaptable to changing requirements and responsibilities while delivering high-quality results. Commitment to incorporating security into all decisions and daily job responsibilities. Proficiency with Microsoft Office applications, including Outlook, Word, PowerPoint, and Excel. Preferred: Bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Management Information Systems, or extensive security-related experience, or an equivalent combination of education and experience. Functional knowledge of productivity, documentation, and collaboration tools such as SharePoint, Jira, Confluence, and Jive. The Timberline Group Phone: ************ PO Box 385, Lebanon, MO 65536 ********************* ************************* "Delivering quality solutions through quality people"

At Kelly Services, we work with the best. Our clients include 99 of the Fortune 100TM companies, and more than 70,000 hiring managers rely on Kelly annually to access the best talent to drive their business forward. If you only make one career connection today, connect with Kelly. Job Description MUST have IT Audit experience MUST have CISA (Certified Information Systems Auditor Certification) SOX Audit and compliance experience on systems / infrastructure is preferred Open to candidate that is willing to relocate to St. Louis, MO US Citizen, Green Card holder, EAD OPT only Senior IT Audit Analyst The successful candidate, will have the opportunity to work with our client whom is a reputable global provider in integrated pharmacy benefit management, cost management as well as patient-care services worldwide. 6 months contract with possibility of renewal and/or contract to hire. Position is based in St. Louis, MO. General Summary: The Senior IT Audit Analyst will be responsible of: · Carrying out audit of IT infrastructure and systems within the organization. · Perform risk assessments for sensitive internal and external systems · Ensures that the security of information systems assets is in compliance with company policies, SAS70, Sarbanes Oxley, Payment Card Industry, HIPAA, NIHB and DIACAP · Ensures that user community understands and adheres to necessary procedures to maintain security Qualifications: · Bachelor's Degree in computer related field desired · Minimum 5 years' experience in IT audit experience, preferable in IT Systems. · Must be a Certified Information Security Auditor (CISA) · Familiarity with external regulations, e.g., DIACAP, HIPAA, Sarbanes-Oxley · Strong understanding of information security principles · Excellent organizational skills and ability to communicate with internal/external entities and executives a must Additional Information Why Kelly? As a Kelly Services candidate you will have access to numerous perks, including: Exposure to a variety of career opportunities as a result of our expansive network of client companies Career guides, information and tools to help you successfully position yourself throughout every stage of your career Access to more than 3,000 online training courses through our Kelly Learning Center Group-rate insurance options available immediately upon hire* Weekly pay and service bonus plans

**Our Purpose** _Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._ **Title and Summary** Principal Information Security Engineer (Security Product Owner) Who is Mastercard? Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Overview: The Security Threat & Response Management (STRM) program within Mastercard's Corporate Security organization is looking for a Security Product Owner to lead execution of our preventative security control strategy. The ideal candidate is driven, proactive about security, analytical, and brings strong technical cyber security expertise. This role is central to shaping and executing the roadmap and strategy for our program's primary security tools and defenses. We are looking for a technically proficient and forward-thinking professional who proactively monitors evolving security trends, modern modern defenses, and leverages advanced knowledge of security tools to foster innovation and strengthen resilience throughout our environments. Role - Define and drive the roadmap for the 'Defend' product, which covers preventative and detective security controls and configurations across dozens of security tools and platforms including SIEM, SOAR, DLP, Application Control, XDR, NGFW, UEBA, NDR, and more. - As the Defend product owner, you will be the team lead ensuring the Defend product feature team's work is prioritized, aligned to strategy, and properly road mapped. - Partner with stakeholders from engineering, endpoint, identity, and cloud teams to deploy and optimize security technologies and controls. - Translate security requirements, risk policies, and threat models into actionable work items and initiatives. - Lead capability assessments and recommend technologies aligned with business needs and program strategies. - Configure, integrate, and optimize security tools (e.g., EDR/XDR, NGFW, IDS, DLP, Application Control) in accordance with strategic objectives and initiatives. - Monitor control effectiveness and continuously tune policies to reduce friction and increase coverage. - Ensure alignment with internal standards, regulatory frameworks, and industry best practices. All About You The ideal candidate for this position should: - Be an advanced technical expert with hands-on experience across multiple SecOps teams and functions such as Security Operations Center, Security Engineering, Incident Response, Detection Engineering, Threat Hunting, and Insider Threat for a large, global enterprise. - Understand modern agile methodologies and how to define, assign, and track work for product feature teams and partner engineering teams. - Be skilled at translating complex security requirements into clear, actionable technical plans in accordance with relevant security strategies and objectives. - Be confident in how to approach complex security tooling and dependencies such as configuring access controls, tuning detection policies, and integrating tools into detection models and lifecycles. - Be a strong communicator, able to articulate vision and strategy to technical and non-technical stakeholders at all levels. Additional capabilities that will set you apart: - Experience with proactive security strategies and security technology products, platforms, and key technology. - Expertise in successfully integrating and leveraging threat intelligence data into security controls and tools for proactive, targeted security prevention. - Deep understanding of modern SecOps concepts and strategies such as 'SOC 3.0', posture management domains, attack surface reduction, adaptive protections, automated triage and response, zero trust, cloud-native security, etc. - Familiarity with regulatory compliance standards and frameworks (e.g., NIST, ISO, ATT&CK, D3FEND, PCI). - Ability to collaborate effectively with SOC, IR, Engineering, and other key stakeholders. - Passion for innovation and continuous improvement in security technology optimization. Corporate Security Responsibility: Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: - Abide by Mastercard's security policies and practices; - Ensure the confidentiality and integrity of the information being accessed; - Report any suspected information security violation or breach; - Complete all periodic mandatory security training in accordance with Mastercard's guidelines. Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. **Corporate Security Responsibility** All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: + Abide by Mastercard's security policies and practices; + Ensure the confidentiality and integrity of the information being accessed; + Report any suspected information security violation or breach, and + Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. **Pay Ranges** O'Fallon, Missouri: $165,000 - $264,000 USD