Information security analyst jobs in Spokane, WA

Freelance Independent work in IT Developers, Graphic Designers, Data Analyst services online. Remote and or location work on a freelancer online platform. Need a smart phone and lap top or desk top computer to perform work. We provide a platform and you work for various clients independently on a freelance contract hire basis.

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Cybersecurity, Event Security, Security Audit, Splunk (Inactive) Certifications: None Experience: 8 + years of related experience US Citizenship Required: Yes Job Description: Cyber Security Analyst - Full time position, but must include working one weekend day (Sunday) Own your career as a Cyber Security Analyst at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cyber Security Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Analyst joining our team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. HOW A CYBER SECURITY ANALYST WILL MAKE AN IMPACT Gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information. Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations. Identify acceptable use policy infractions. Review event logs to determine events of interest. Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity Leakage (PII). Prepare case evidence and incident reports. Work on special projects as assigned. WHAT YOU'LL NEED TO SUCCEED: Bachelor's Degree and 8+ years of relevant experience, equivalent combinations of education, certifications, and experience will be considered. DoD Approved Baseline 8570 IAT level III (CASP, CISSP, CISA, etc.) certification is required prior to start date. DoD Approved Baseline 8570 CSSP Auditor (CEH, CySA, CISA, etc.) certification is required prior to start date. Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph Preferred Skills: Splunk, Microsoft O365, Fidelis, Solera, Windows, and Linux Operating Systems Saturday and Sunday weekend Day Shift work required. Willing to work holidays supporting your assigned shift. Location: 100% On Customer Site Bolling AFB, Washington D.C. Reston, VA Colorado Springs, CO Riverdale, MD Pearl Harbor, HI Tampa is available for part time weekend only support GDIT IS YOUR PLACE: 401K with company match Comprehensive health and wellness packages Internal mobility team dedicated to helping you own your career Professional growth opportunities including paid education and certifications Cutting-edge technology you can learn from Rest and recharge with paid vacation and holidays The likely hourly rate for this position is between $61.30 - $82.94. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Onsite Work Location: USA DC Washington Additional Work Locations: USA CO Colorado Springs, USA FL MacDill AFB, USA HI Pearl Harbor, USA MD Riverdale, USA VA Reston Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Responsibilities: Conduct Security Assessment and Authorization (A&A) support for IT systems Conduct Security A&A documentation review Update IT Security Compliance SOPs Monitor and report on FISMA Compliance activities Conduct Plan of Action and Milestone (POA&M) management and quality control activities and ensure accuracy of the organization's Security A&A tool. Support Ongoing Authorization (OA) by review of the security controls The Need-to-Have Skills & Qualifications: Working knowledge and experience with CSAM and RMF Experience working with system stakeholders to assess and manage system cybersecurity risk Knowledge of the process to obtain a system ATO and requirements to maintain the ATO Working Place: Washington, D.C., District of Columbia, United States Company : Sept 25 - Tria

Job Title: “Information Security Specialist” (Cyber security analysis) Duration: 9+ Months (with high possibility of extending into full time) Job Description: This position is in Corporate Information Security and under the direction of the Manager, Third-Party Cybersecurity Assessments. The Cybersecurity Assessment Analyst will perform cybersecurity assessments on new and existing third parties. The Analyst will construct detailed and summary reports of assessments, including customized reports, as needed. The Analyst will work with Subject Matter Experts (SME) to develop and apply risk assessment criteria (aligned with Policy) to new and existing suppliers using internal and external business intelligence. The Analyst will work with Third-Party Risk Management, Privacy and Legal Counsel, Procurement and Contract Managers, Compliance, and Business Owners to develop and maintain an internal service model that informs the business of key risks in a timely manner to limit unnecessary impediments and avoid bureaucracy. Specific responsibilities: - Coordinate the development of information security policies, standards and procedures. Work with key IT offices, data custodians and governance groups in the development of such policies. Ensure that company policies support compliance with external requirements. Oversee the dissemination of policies, standards and procedures to the user community - Coordinate the development and delivery of an education and training program on information security and privacy matters for employees, other authorized users, and vendors - Serve as the company compliance officer with respect to state and federal information security policies and regulations. Work with the -designated internal audit, SOX compliance, legal, and HR on compliance issues as necessary. Prepare and submit and submit required reports to external agencies. - Develop and implement an Incident Reporting and Response System to address security incidents (breaches), respond to alleged policy violations, or complaints from external parties. - Serve as the official company contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities. - Develop and implement an ongoing risk assessment program targeting information security and privacy matters; recommend methods for vulnerability detection and remediation, and oversee vulnerability testing. Required Qualifications: Talent management, results focus and inspirational leadership. Essential Functions • Conduct third-party cybersecurity risk assessments, applying established criteria • Support assessment team with quality assurance reviews over work product and reporting • Collaborate with internal partners and third parties to mitigate and otherwise resolve third-party cyber risks • Consistently deliver on commitments, deadlines and objectives while remaining in scope and leveraging appropriate tools, methods, frameworks, and professional standards • Demonstrate consistent credibility with business partners and leadership while recommending initiatives, identifying gaps, and potential issues • Continuously demonstrate the ability to work independently while representing the services of the department with the highest level of professionalism • Demonstrate the ability to appropriately influence business decisions, and the professional judgment for selecting the appropriate methods and techniques to do so Preferred Qualifications: • Solid background both educationally and via professional experience. No less than 3 years' professional experience in business operations, project/program management, finance, risk management, information security, business analytics or similar. • Experience in large companies and/or complex environments, or providing professional consulting services for them. • Demonstrated abilities in problem-solving and analysis: identifies issues, analyses information to assess root cause and relationships, risks, and potential risk responses. Proven ability to synthesize and summarize complex data into concise recommendations and reports. • Demonstrated strong business writing and professional oral communication skills. • Proven ability to balance multiple priorities, adapt to a constantly changing business environment, work independently, drive projects to completion, and meet deadlines in a fast-paced environment-with only periodic supervision. • Ability to work collaboratively and manage and initiate effective cross-functional relationships. • Strong computer skills, including MS Office products (e.g. Word, Excel, PowerPoint, Visio) and other business software to prepare reports, memos, summaries, and analyses. Desired • Analytical - Synthesizes complex or diverse information; Collects and researches data; employs intuition and experience to complement data; Designs work flows and procedures. • Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness. Applies feedback to improve performance; Monitors own work to ensure quality • Planning/Organizing - Prioritizes and plans work activities to achieve success; Sets and achieves goals and objectives; Develops realistic action plans • Professionalism - Reacts well under pressure; Keeps commitments; Accepts responsibility for own actions. • Career Growth: Focus on cyber security auditing with potential advancement goals in engineering or threat analysis roles • Self-directed team player with Agile environment experience Education Minimum Required • Bachelor's Degree • Equivalent experience is acceptable. License or Certification Desired: (one of the following): CISA (Certified Information Systems Auditor) GSEC (GIAC Security Essentials Certification) CompTIA - Security+ ECSA - EC-Council Certified Security Analyst SSCP (Systems Security Certified Practitioner) Other: Six Sigma, PMP or Agile certificates Other comments - suppliers: Organizational skills; office suite knowledge; and good communication skills are “must haves”. Cyber security analysis experience is preferred. Additional Information All your information will be kept confidential according to EEO guidelines.

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

At SERVISS, we deliver cutting-edge cybersecurity and IT solutions to government and commercial clients, with a mission to secure systems, data, and critical infrastructure through innovation and expertise. As we expand our capabilities, we're seeking a highly skilled and talented Information Assurance Professional. Position Summary We are seeking a dynamic and versatile Information Assurance Professional to support a high-impact U.S. Government program. The ideal candidate brings a rare balance of hands-on technical acumen and governance expertise-able to move seamlessly between engineering, architecture, and GRC functions. This role is pivotal in ensuring that systems are not only compliant but also resilient, secure, and aligned with federal risk management frameworks. Key Responsibilities · Serve as a trusted IA advisor, bridging technical engineering efforts with cybersecurity policy, governance, and risk management. · Collaborate with system architects and engineers to design secure solutions that meet compliance and mission requirements. · Support the development, review, and maintenance of key authorization documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms). · Guide system owners and developers through the Risk Management Framework (RMF) process and associated controls (e.g., NIST 800-53, 800-171, CMMC, FedRAMP). · Translate complex technical risks and mitigation strategies into actionable GRC documentation and executive communications. · Conduct system security assessments, gap analyses, and continuous monitoring activities. · Coordinate with cybersecurity operations, incident response, and engineering teams to align IA strategy with operational realities. · Recommend and help implement security architecture improvements based on evolving threat and compliance landscapes. · Track and report on IA posture, risk status, and compliance progress across multiple systems or program areas. Required Qualifications · 10+ years of experience in information assurance, cybersecurity engineering, or GRC. · In-depth knowledge of federal compliance frameworks (e.g., NIST, FISMA, FedRAMP). · Strong technical foundation with the ability to understand complex systems, architectures, and security configurations. · Excellent verbal and written communication skills, including experience preparing formal security documentation and reports. · Demonstrated ability to work cross-functionally with engineering, architecture, operations, and policy teams. · Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field; or Associate's degree with 2+ years of additional relevant experience. Preferred Qualifications · Prior experience supporting U.S. federal agencies or DoD environments. · Professional certifications such as CISSP, CISM, CAP, CCSP, or Security+. · Experience with security automation tools and continuous compliance approaches. · Understanding of Zero Trust principles, DevSecOps environments, and modern system architecture. Why Join SERVISS Our goal as an employer is simple yet profound: to create an environment where you can be your best self, pursue your passions, and enjoy the freedom to thrive both personally and professionally. Your success is our success, and we're committed to supporting you every step of the way. Freedom to Thrive. · Be part of an exciting company with ground floor opportunities to include equity · Highly competitive compensation and best in class benefits · Opportunities for annual performance bonuses, growth incentives, and profit-sharing · 100% of medical, vision, dental, and life insurance premiums covered by SERVISS · 401(k) retirement plan with company match for the first 6% Note: This position is contingent upon contract renewal and funding from the sponsoring federal agency, anticipated end of May 2025.

GW Information Technology (GW IT) provides empowering tools and caring support for all members of The George Washington University (GW) community. We are focused on driving digital transformation and innovation to enable the academic and operational excellence of our students, faculty, staff, and researchers. At GW IT, we are committed to cultivating a team culture that values diversity, inclusion, respect and collaboration, and invests in each of our team members to grow in their technology and career skills. The Senior Cloud Security Analyst is a mid-level position within GW IT's Application Security team that will collaborate on application security risk assessments, threat modeling, vulnerability assessments specific to GW IT's cloud environment. Primary Responsibilities: Experience evaluating security controls and the application of commonly used cyber risk standards and frameworks: e.g., NIST 800-171, NIST -800-53, CIS , OWASP . Familiarity with cloud computing environments (e.g., AWS , Azure) Experience in the secure design of cloud-based solutions to measurable performance and security standards Familiarity with cloud-managed security services such as Amazon Inspector, AWS WAF and Shield, and AWS Directory Service. Ability to translate security risks and misconfigurations into product security rules and controls to map against standards, policies and procedures. Familiarity with AWS and Azure core cloud infrastructure capabilities, features, and services. Review cloud logging reports for events that occur in the cloud environment. Performs other related duties as assigned. The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position Minimum Qualifications Qualified candidates will hold a Bachelor's degree in an appropriate area of specialization plus 5 years of relevant professional experience, OR, a Master's degree or higher in a relevant area of study plus 3 years of relevant professional experience, OR a Bachelor's degree in an appropriate area of specialization plus 3 years of relevant professional experience PLUS a relevant IT Security certification. Degree must be conferred by the start date of the position. Degree requirements may be substituted with an equivalent combination of education, training and experience. Preferred Qualifications 4 years of relevant experience with cloud security requirements Experience working within a distributed team via collaborative tools Certifications: 1+ security certification (e.g., CISSP ) Familiarity with Linux and Windows in cloud environments Experience in secure design of cloud-based solutions to measurable performance and security standards Ability to perform forensic file system analyses to identify indicators of compromise system timeline Experience evaluating log data and cloud-hosted virtual machines to detect security incidents and initiate appropriate steps as a first responder Experience assessing cloud-based security controls using security tools and threat modeling Work Schedule Monday - Friday, 8am - 5pm (occasional evenings and weekends)

Salary range is $109k to $211k, with a midpoint of $160k. New hires typically receive between minimum and midpoint, however, we may go slightly higher based on experience, internal equity and market. Sound Transit also offers a competitive benefits package with a wide range of offerings, including: Health Benefits: We offer two choices of medical plans, a dental plan, and a vision plan all at no cost for employee coverage; comprehensive benefits for employees and eligible dependents, including a spouse or domestic partner. Long-Term Disability and Life Insurance. Employee Assistance Program. Retirement Plans: 401a - 10% of employee contribution with a 12% match by Sound Transit; 457b - up to IRS maximum (employee only contribution). Paid Time Off: Employees accrue 25 days of paid time off annually with increases at four, eight and twelve years of service. Employees at the director level and up accrue additional days. We also observe 12 paid holidays and provide up to 2 paid floating holidays and up to 2 paid volunteer days per year. Parental Leave: 12 weeks of parental leave for new parents. Pet Insurance. ORCA Card: All full-time employees will receive an ORCA card at no cost. Tuition Reimbursement: Sound Transit will pay up to $5,000 annually for approved tuition expenses. Inclusive Reproductive Health Support Services. Compensation Practices: We offer competitive salaries based on market rates and internal equity. In addition to compensation and benefits, you'll find that we provide work-life balance, opportunities for professional development and recognition from your colleagues. GENERAL PURPOSE: The Information Security Manager - ORCA directs, maintains, and operates the Information Security Management System (ISMS) for the ORCA payment system, including the governance, risk, and compliance components of the regional security function. The Information Security Manager will have an important, visible role in collaboration with the ORCA partner agencies and their Information Security experts. This role partners with other Regional ORCA Operations Team (ROOT) staff to ensure the secure operation of the ORCA system, as well as working closely with vendors and service providers to ensure alignment of their security practices with the risk control strategies outlined in the region's ISMS. ESSENTIAL FUNCTIONS: The following duties are a representative summary of the primary duties and responsibilities. Incumbent(s) may not be required to perform all duties listed and may be required to perform additional, position-specific duties. Guides security policy and participates in broader Information Security governance efforts for the ORCA partnership. Develops and maintains the ISMS in collaboration with regional information security SMEs and technical consultants. Oversees and manages the ORCA ISMS and recommends appropriate mitigating controls. Oversees Information Security Risk Management activities, including risk identification, assessment, and communication to relevant stakeholders. Provides valuable expertise and leadership directly to the governing ORCA Joint Board executive leadership, including sharing metrics to reflect the performance of the regional security program functions, executive risk score reports, and other guidance on a variety of information security topics. Facilitates a committee of Information Security SMEs across the ORCA Agencies to ensure both regional compliance and concurrence on information security-related matters, recommending solutions, and working from the regional ORCA perspective to achieve optimal solutions. Collaborates with the Systems Integrator, other vendors, and partner Agencies to ensure security best practices, standards, policies, and regulatory requirements are incorporated into core payment system design, implementation, and sustainment, as well as supports other future phase projects. Conducts regular security reviews of both software and processes, advising on information security practices. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats. Supports external IT security audits and assessments that focus on ORCA operation. Develops, updates, implements, and conducts information security training programs to support the ISMS objectives. Manages approvals for Identity and Access Management (IAM) and Access Control Administration. Acts as Incident Commander for Security Incident Response activities, whenever the Information Security Incident Response Plan is invoked by the regional program; plays a stakeholder and oversight role if the plan is invoked by other partners or vendors. Participates in information security incident investigation and response efforts; performs root‐cause analysis when incidents occur and prepare incident reports. As a member of the Change Advisory Board, evaluates change requests to determine potential impacts to Information Security, including IT systems, processes, and policies, and provides appropriate input to the Change Management process. Coaches, mentors, and develops future ROOT information security staff as the ISMS becomes complete and mature. Keeps up to date on latest information security trends, “best practices”, threats and countermeasures. Champions and models Sound Transit's core values and demonstrates values-based behaviors in everyday interactions across the agency. Contributes to a culture of diversity, equity and inclusion in alignment with Sound Transit's Equity & Inclusion Policy. It is the responsibility of all employees to follow the Agency safety rules, regulations, and procedures pertaining to their assigned duties and responsibilities, which could include systems, operations, and/or other employees. It is the responsibility of all employees to integrate sustainability into everyday business practices. Other duties as assigned. MINIMUM QUALIFICATIONS: Education and Experience: Bachelor's degree in Computer Science, Information Technology, Management Information Systems, or closely related field. Eight years of information systems security (or cybersecurity) experience, or closely related field; OR an equivalent combination of education and experience. Required Licenses or Certifications: At least one of the following (in valid status): Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA). Other industry relevant certifications in the fields of information security, project management, auditing and/or risk management, such as the Certification in Risk and Information Systems Control (CRISC). Required Knowledge and Skills: Enterprise-level information-security plans, policies, standards, guidelines, methods, and practices based on current industry standards, best practices, tools, and techniques. Information Security Management Systems, and applicable industry standards (ISO 27001/2). Pertinent federal, state, and local laws, codes, and regulations; particularly those that affect information security for payment systems. Environments subject to the Payment Card Industry Data Security Standard (PCI DSS), including compliance-related duties. Knowledge and understanding of developing and administering information-security standards, practices, audits, risk management, and policy compliance. Information Security Audit principles and practices. Knowledge of one or more governance frameworks such as COBIT 5, ISO, NIST, or COSO. Strong understanding of IT Service Delivery (ITIL) core processes and methodologies. Principles, methods, and techniques used in the facilitation of managing projects and leading teams. Relevant experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography. In-depth knowledge of security software threats and vulnerability mitigation techniques. Working knowledge of cloud platforms and relevant security controls. Establishing and maintaining collaborative working relationships with other department staff, management, vendors, and other stakeholders. Documenting and explaining risks, recommendations, and incident data to technical stakeholders. Interpreting and administering information security policies, standards, and procedures sufficiently to administer, discuss, resolve, and explain them to staff and other constituencies. Leading or supporting an Information Security Management System. Generating metrics and preparing reports to facilitate decision-making on security-related activities. Utilizing personal computer software programs affecting assigned work and in compiling and preparing spreadsheets and reports. Responding to inquiries with effective oral and written communication. Researching, analyzing, and evaluating new security processes, products, and techniques. Candidate should have excellent time management skills including the ability to prepare prioritize and complete work plans. Working effectively under pressure, meeting deadlines, and adjusting to changing priorities. Writing of technical documentation and standards, including skill in English usage, spelling, grammar, and punctuation. Preferred Knowledge and Skills: Knowledge of Governance, Risk, and Compliance (GRC) tools. Principles of leadership, supervision, training, and performance evaluation. Extensive knowledge of risk-based methodologies and one or more of the following frameworks: ISO 27001/2:2017, 27005:2011, and 31000; PCI-DSS; or NIST 800-53. Physical Demands / Work Environment: Work is performed in a standard office environment. The Agency promotes a safe and healthy work environment and provides appropriate safety and equipment training for all personnel as required. Sound Transit is an equal employment opportunity employer. No person is unlawfully excluded from employment action based on race, color, religion, national origin, sex (including gender identity, sexual orientation, and pregnancy), age, genetic information, disability, veteran status or other protected class.

Responsible for monitoring, assessing, and enhancing the security posture of Livingston HealthCare s information systems, networks, and data assets. This role ensures that the organization s security controls, compliance obligations, and risk management practices align with healthcare regulatory requirements, industry frameworks, and internal security policies. The analyst collaborates with IT, clinical, administrative, and third-party partners to identify threats, respond to security incidents, and implement proactive measures to protect the confidentiality, integrity, and availability of systems supporting patient care. Schedule: 1.0FTE (40 hours) Mon-Fri Occasional After-Hours or Weekend Work Compensation: $28.37/hr + DOE Robust Benefits Package ESSENTIAL FUNCTIONS, DUTIES, AND RESPONSIBILITIES: Security Monitoring and Incident Response a. Monitor security tools, alerts, logs, and system events to identify potential threats or anomalous activity. Lead or support security incident response activities, including triage, containment, eradication, recovery, documentation, and post-incident review. Coordinate with internal teams and external partners (e.g., Microsoft 365, security vendors) to validate and remediate alerts. Vulnerability and Risk Management Conduct regular vulnerability scans, review results, and collaborate with system owners to prioritize remediation. Maintain vulnerability management processes and track remediation activities across enterprise assets. Support risk assessments, control evaluations, and mitigation planning. Governance, Compliance, and Policy Support Assist in maintaining compliance with regulatory standards including HIPAA and HiTech. Contribute to the development, review, and enforcement of information security policies, procedures, and standards. Participate in internal and external audits by providing evidence, documentation, and technical explanations. Secure System and Application Lifecycle Support Review new software, devices, integrations, and cloud services for security risks prior to implementation. Assess vendor security posture and ensure appropriate safeguards in Business Associate Agreements. Support configuration hardening, endpoint security, and secure deployment practices. Identity, Access, and Data Protection Assist with administration and review of identity and access controls across systems, including Microsoft 365 and on-premises resources. Support data loss prevention (DLP), email security, encryption, and privileged access management efforts. Monitor access logs and conduct periodic access audits. Security Awareness and Training Contribute to the development and delivery of security awareness programs, phishing simulations, and targeted training initiatives. Provide guidance to staff on secure practices and emerging threats. Operational and Technical Support Assist with deployment and management of enterprise security tools such as EDR, SIEM, DLP, vulnerability scanners, and MFA solutions. Maintain security documentation, asset inventories, and operational records. Collaborate with IT Operations on patch management, endpoint configuration, and network security improvements. Supports other duties as assigned ADDITIONAL RESPONSIBILITIES: Assists with the production of accurate and timely Information Security risk exposure reports. Facilitates the preparation of the annual Security Risk Assessment. Maintains professional and technical knowledge in field of expertise. Ensures that newly proposed Information Technology complies with Information Security requirements QUALIFICATIONS (Required): Bachelor s degree in Information Security, Information Technology, Computer Science, or related field; or equivalent combination of education and experience. Minimum 2 4 years of experience in information security, IT infrastructure, or system administration roles; healthcare experience preferred. Working knowledge of cybersecurity principles, security operations, and threat landscapes. Familiarity with HIPAA Security Rule, and healthcare regulatory environments. Hands-on experience with tools such as EDR/XDR, SIEM, vulnerability scanners, and Microsoft 365 security capabilities. Strong analytical, investigative, and technical problem-solving skills. Ability to communicate security concepts clearly to both technical and non-technical audiences. Ability to manage competing priorities and adapt to rapidly changing threats ADDITIONAL DESIRABLE QUALIFICATIONS: Security-related certifications such as Security+, CySA+, SSCP, CEH, or similar. Higher-level certifications (e.g., CISSP, CISM) are advantageous but not required.

Avint LLC is seeking a highly motivated, solution-oriented, and customer-focused Information Systems Security Officer (ISSO) III to join our growing team. We are looking for a senior-level ISSO who is confident working independently and demonstrates deep technical and operational expertise. **This position is 100% on-site 1750 Pennsylvania Ave, Washington, DC*** Requirements Responsibilities: Provide subject matter expertise to ensure compliance with Treasury, DHS, and NIST cybersecurity policies and frameworks. Support the implementation and sustainment of security controls in alignment with the NIST Risk Management Framework (RMF). Responsibility for and to assist system owners in maintaining system Authorization to Operate (ATO) status. Enhance Treasury's ability to measure, report, and manage cybersecurity posture and control effectiveness at a maturity level consistent with OIG FISMA Metrics Level 4 (“Managed and Measurable”). Strengthen collaboration and information sharing across internal Treasury offices and external partners to support cybersecurity risk reduction and resilience. Position Requirements: US citizen without dual citizenship Ability to obtain a Public Trust clearance Currently possess at least 8570 IAT II certification Thorough knowledge of and experience with executing the seven key steps of the Risk Management Framework (RMF) Thorough knowledge of and experience with completing the components of a FedRAMP system package, to include the System Security Plan (SSP) and the Control Implementation Summary (CIS)/Customer Responsibilities Matrix (CRM) Experience with security control implementation statement development and testing Familiarity with AI-based systems Benefits Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, and generous time off and Federal Holidays. Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development! Salary range $115,000-125,000

Bellevue Telecommunications Services Exp 10-15 years Deg Bachelors Relo Bonus Job Description The Information Security Manager, working with in Corporate Information Security Team will be responsible for liaising with assigned business units on behalf of Corporate Information Security (CIS). These responsibilities will include understanding business-driven projects that involve network and information security, applications, networking and web based technologies. They will be responsible for understanding the Business Unit's processes and priorities and working with them to manage business impact and threats, through a risk based methodology. Ensures through positive engagement that business goals are met in a secure and compliant manner, according to industry standard regulations Qualifications Ideal Candidate will have: Candidate must have strong technical, influential and organizational skills. Prefer six years' experience in information security related discipline, in addition to several years' relevant systems and/or network administration experience. Expert relationship building and partnering skills, including persuasion, negotiation and consensus building. Experience translating emerging IT and business trends into meaningful risk reduction opportunities. Demonstrated ability to work effectively in a complex matrixed environment. Outstanding verbal and written communication skills. Ability to interpret business strategy and align to appropriate security enhancements to achieve business enablement. Ability to translate security requirements into business risks and impacts. Experience with high level design Architecture, Firewall, Internet, LAN Router, Network, Protocols, Web Services and SOA. Strong understanding of encryption, obfuscation and/or tokenization technologies or compensating controls. Appropriate industry certifications, such as CISSP, CISA or CCIE. Preferred skill: Bachelor degree in Computer Science, Information Security, Information Management, or other related discipline. Telecommunications industry expertise, Six Sigma Training, Audit, Compliance & Network experience preferred. Skills and Qualifications: A broad, enterprise-wide view of the wireless (or similar) business and understanding of strategy, processes and capabilities, enabling technologies, and governance. Experience in telecommunications, internet service provider, or application service providers a plus. The ability to apply Information Security principles to business solutions. Extensive experience planning and deploying both business and technology security initiatives. Exceptional communication skills and the ability to convey results in a summarily and persuasive manner to business owners. This includes written and verbal communications as well as visualizations. The ability to act as liaison conveying information needs of the business to technology teams and technology constraints to the business. Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI. Good understanding & experience applying CoBIT, ISO, ITIL, NIST frameworks. Understanding of Local (Wired & Wireless), Wide area, and mobile networks. A good understanding of Network Security, Firewalls, Intrusion Detection and Prevention, AVS, VLANS. Strong background and experience in IP Networking and Routing Protocols. Fluency in the use of all MS Office applications, including SharePoint services. Qualifications · Preferred: Any of the following CISSP, CISA, CISM, C-RISC, CCNA, CCIE, Six Sigma Yellow/Green/Black Belt Education Minimum Required High School Diploma/GED Education/Vocational Training/Experience Preferred Bachelor's degree in Computer Science, Information Technology or related field from an accredited 4-year college or university 10 years of system, network, and application design and architecture experience. Preferably in the wireless communications space CISSP and or CISM Certification (required; experience may be substituted for Cert requirements (4 years minimum) CISA Certification (preferred but not required; experience may be substituted for Cert requirements (4 years minimum) Responsibilities What you will do: Make proactive assessments of threat information in and outside the public domain, understanding the threat as it relates to its customers, and implementing measures to combat the threat. Understand the operations of the business and comprehend how these create value and risk for the organization. Collaborate with team members, peers and the business unit management team to determine technical information security requirements, planned remediation, and advocate for the program to gain resources to implement appropriate protection technologies and processes. Implement and monitor controls necessary to ensure operational processes are performed and are effective to protect the environment from all forms of malicious cyber activity. Assist the Governance group in the development and refinement of technical security standards, key performance indicators and other necessary processes to maintain effective operational security, as it relates to the business. Make risk-based decisions on a daily basis that has the potential to impact our ability to operate and communicate. Ensure the information and network security controls for us are appropriate and operating as intended; includes solutions that are directly controlled as well as security solutions that are operated by other internal and external groups. Provide status reports on a weekly, monthly and quarterly basis to business managers and other management activities that demonstrate the health of the program. Interact with internal audit, third party auditors, and appropriate regulatory bodies. Support the Information Security policy lifecycle throughout, including all aspects of intake, creation, review, approval, implementation, publishing, communication and maintenance. Liaise with and assist outsourced security service providers with vulnerability assessments of business applications, systems and architectures. Additional Information All your information will be kept confidential according to EEO guidelines. Direct Staffing Inc

Job Title: Information Systems Security Officer (ISSO) Salary: - $110,000 $120,000 / yr Roles and Responsibilities: Services to support IS Security performed by the Senior Cloud Information System Security Officer (ISSO), at a minimum, shall consist of the following activities: Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS Provide liaison support between the system owner and other IS security personnel Ensure that selected security controls are implemented and operating as intended during all phases of the IS lifecycle Ensure that system security documentation is developed, maintained, reviewed, and updated continuously Conduct required IS vulnerability scans according to risk assessment parameters. Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities Manage the risks to ISs and other agency assets by coordinating appropriate correction or mitigation actions and oversee and track the timely completion of (POAMs) Coordinate system owner concurrence for correction or mitigation actions Monitor security controls for agency ISs to maintain security Authorized To Operate (ATO) Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase Ensure that changes to an agency IS, its environment, and operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM) Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR Provide baseline security controls to the system owner, contingent upon the ISs security categorization, type of information processed, and entity type Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems impact levels and ISs authorization boundary Ensure that new entities are created in the GRC application with the security categorization of agency ISs Initiate, coordinate, and recommend to the agency Authorizing Official all Interconnection Security Agreements (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an agency IS with any non-agency or joint-use IS Perform an independent review of the System Security Plan (SSP) and make approval decisions Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the agency Authorizing Official Schedule security control assessments in coordination with the system owner. Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the agency Authorizing Official for a security ATO decision Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number Advise the agency's authorized official on IS vulnerabilities and residual risks. Ensure that all POA&M actions are completed and tested Coordinate initiation of an event-driven reauthorization with the agency Authorizing Official Ensure the removal and retirement of agency ISs being decommissioned in coordination with the SO, ISSM, ISSE, and ISSR What are the 3-4 non-negotiable requirements of this position? Active U.S. Government (DoD-Issued) Top Secret Security Clearance with SCI and a CI-Polygraph eligibility. At least 5 years serving as an Information Systems Security Officer (ISSO) at a cleared facility DoD Instruction 8570.1 Information Assurance Management (IAM) Level III Certification What are the nice-to-have skills? A bachelors and/or advanced degree in computer science, business management, or IT-related discipline

At PLEXSYS, our teams design, build and deliver Live, Virtual, and Constructive (LVC) innovation and training solutions to customers around the world. With over 200 employees in seventeen states and four foreign countries, we contribute our success to enabling better training…everyday…across the globe. As an employee of PLEXSYS, you'll find a culture that empowers you to achieve your professional objectives, give your personal best, and work with other highly passionate individuals. Our core values of integrity, excellence, teamwork and agility drive our daily decisions, identify our focus areas, and inspire our organizational culture. GENERAL DESCRIPTION The Information System Security Officer (ISSO) is responsible for ensuring the appropriate operational security posture for information systems and as such, works in close collaboration with the ISSM, CPSO, and FSO. The ISSO must have detailed knowledge and expertise required to manage the security aspects of an information system and is assigned the day-to-day responsibility for assigned systems. Responsibilities include implementation of the requirements of Risk Management Framework, including the Joint Special Access Program (SAP) Implementation Guide (JSIG), NIST 800-53, or other security requirements as assigned. This position will report to the Corporate Information Assurance Manager and work in close collaboration with the AFSO and FSO. The ISSO is responsible for developing and updating the security authorization package, managing and controlling changes to the system, and assessing the security impact of those changes. Ensure systems are operated, maintained, and disposed of following security policies and procedures as outlined in the security authorization package. Report all security-related incidents to the ISSM. Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure audit records are collected, reviewed, and documented. Duties also include physical and environmental protection, personnel security, and incident handling. DUTIES & RESPONSIBILITIES Lead the information system security program for their assigned location to include implementation and validation of automated informational security, ensuring security requirements as contracted are satisfied Maintain and establish the accreditation of classified information systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Ensure all security procedures are being followed such as patching, AV updates, continuous monitoring, trainings, and self-inspections Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees Conduct system audits in accordance with security accreditation package requirement Lead the information system security program for their assigned location to include implementation and validation of automated informational security, ensuring security requirements as contracted are satisfied Maintain and establish the accreditation of classified information systems Establish and implement security procedures and practices in support of Corporate goals and current DoD Regulations Ensure all security procedures are being followed such as patching, AV updates, continuous monitoring, trainings, and self-inspections Develop, implement and maintain security emergency action plans Provide security education and training to local employees Maintain administrative security records and documents for local employees Conduct self-inspections to ensure current security measures and policies are effective Conduct random security inspections to ensure regulations and procedures are being adhered to by local employees Conduct system audits in accordance with security accreditation package requirements Conduct vulnerability scans and analysis Conduct maintenance on the networks, systems, and hardware Perform software upgrades on networks, systems, and hardware Perform security assignments in accordance with the Automated Information System requirements and local regulations Understand and follow NISPOM/ODAA/RMF/JAFAN/ICD/NIST/JSIG classified system accreditation and certification requirements Other duties as assigned REQUIREMENTS Bachelor's degree in related field or 4 years' experience in related field DoD 8570 compliant, IAT Level II Experience with Windows based administration of Information Systems Ability to work within compliance standards; previous experience with RMF, HIPAA , PCI DSS, or equivalent compliance standard preferred Strong experience in networking, active directory, centralized logging solutions, vulnerability scanning and anti-virus solutions Experience with security audits for information systems Strong communication and problem-solving skills Ability to work in both a team environment as well as independently Must be organized and detail oriented Ability to obtain and maintain Top Secret clearance with the ability to obtain approval for SAP/SCI access DESIRABLE Have previous experience with DoD Security Regulations and Policies PERKS As a PLEXSYS employee, you can expect certain advantages; such as advancement based on performance, competitive wages, valuable benefits and a great working environment. Our team is committed to ensuring an environment that empowers individuals to realize their full potential by providing opportunities and necessary support to achieve personal and professional goals. Medical/Vision/Prescription/Dental Benefits Life, AD&D and Long Term Disability Coverage Paid Holidays, Military Leave, and Paid Time Off 401k Plan with eligibility from first day of employment Education reimbursement for job-related courses for full-time employees PriceClub/COSTCO/Sam's Club annual membership

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: Design and implement hardened OS configurations for AI workloads across diverse hardware platforms Minimize attack surfaces by removing as many unnecessary components as possible from kernelspace and userspace Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms Implement and maintain full-disk encryption solutions for diverse storage systems Build security infrastructure for AI systems, research environments, and production services Create OS-level attestation and integrity monitoring systems Apply security patches, develop patches for custom kernel modules, and kernel hardening configurations Design secure boot processes and trusted execution environments Work with container teams to ensure proper workload isolation at the kernel level Design privilege separation and mandatory access control policies Implement secure update mechanisms for OS components Build tooling for security configuration management and compliance verification Serve as a subject matter expert for OS security questions and designs Who You Are: 5+ years of experience in operating systems security or kernel development Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) Experience with kernel hardening techniques and exploit mitigation Strong programming skills in C and systems programming languages Experience with eBPF for security monitoring and enforcement Understanding of virtualization and containerization security Track record of identifying and fixing OS-level security vulnerabilities Experience with security-focused Linux distributions Strong candidates may also have: Kernel development experience or contributions to Linux kernel Experience with real-time or embedded operating systems Knowledge of hardware security features and their OS integration Experience with secure boot technologies Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) Background in vulnerability research, exploit development, or fuzzing Experience with formal methods for OS verification Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The expected base compensation for this position is below. Our total compensation package for full-time employees includes equity, benefits, and may include incentive compensation. Annual Salary:$300,000-$405,000 USDLogistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

Required Qualifications A Bachelor's degree and three (3) years professional experience OR a combination of education and experience totaling seven (7) years from which comparable knowledge and abilities are acquired. Preferred Qualifications Experience developing operational information security procedures and technical training materials. Demonstrated experience with working within formal project management frameworks. Experience with the Splunk application, to include developing searches, reports, and other automated routines. Experience with security reviews of firewall, file system, and other forms of access control lists. Experience with digital forensics software and processes. Demonstrated ability to appropriately prioritize multiple tasks, projects, or assignments. Expert knowledge of Windows, Linux, and Apple operating systems.

Primary Skills: Circuit Design (Expert), Embedded Security (Expert), Testing Equipment (Proficient), Cryptography (Knowledgeable), PCB Analysis (Intermediate) Contract Type: W2 Duration: 12 months with possible extension Pay Range: $105.00 - $120.00 per hour #LP Job Summary: We are seeking a highly skilled Hardware Security Engineer IV with extensive experience in electrical engineering and hardware security for role which is fully onsite in Seattle, WA, US. This role involves collaboratively working on hardware security assessments for emerging devices, ensuring robust privacy and security protocols. The ideal candidate will bring a deep understanding of electrical engineering principles to spearhead our efforts in maintaining and enhancing the security of our devices and services. Key Responsibilities: Conduct thorough hardware security assessments and provide actionable insights. Design, test, and analyze circuit designs and PCB layouts with an eye on security. Develop and implement secure boot solutions and cryptography measures. Collaborate with third-party manufacturers to update and secure device designs. Utilize common electronics test equipment for testing, debugging, or hacking hardware. Must-Have Skills: 5+ years of experience in hardware security, embedded systems security, or similar Bachelor's degree in Electrical Engineering, Computer Engineering, Computer Science, or related technical field. hands-on experience with common test equipment: Oscilloscopes, multimeters, microscopes, logic analyzers, soldering Industry Experience: Experience with manufacturing security processes, including secrets provisioning and secure production flows, is highly desirable. Previous work in a team environment focusing on hardware security for telecom or consumer electronics industries. ABOUT AKRAYA Akraya is an award-winning IT staffing firm consistently recognized for our commitment to excellence and a thriving work environment. Most recently, we were recognized Inc's Best Workplaces 2024 and Silicon Valley's Best Places to Work by the San Francisco Business Journal (2024) and Glassdoor's Best Places to Work (2023 & 2022)! Industry Leaders in IT Staffing As staffing solutions providers for Fortune 100 companies, Akraya's industry recognitions solidify our leadership position in the IT staffing space. We don't just connect you with great jobs, we connect you with a workplace that inspires! Join Akraya Today! Let us lead you to your dream career and experience the Akraya difference. Browse our open positions and join our team!

Aditi Staffing is an MBE certified, IT Staffing firm in the US offering contract, contract-to-hire & direct hire career opportunities with Fortune Firms. Recently recognized as one of the fastest growing staffing firms and top diversity firm by the Staffing Industry Analysts, Aditi Staffing has been a partner of choice for candidates and clients. Visit our website: http://www.aditistaffing.com/ Job Description Role: Information Security Analyst Location: Information Security Analyst 6-8 years of experience in information security / technology or related field. Advanced verbal and communication skills with diverse cross functioning groups. Strong background and experience in policy development, program administration. In depth knowledge and experience in incident response activities and compliance. Ability to plan, organize and prioritize tasks to complete independently and within time frame established. While technical knowledge of information technology and security issues is highly desirable, technical expertise and resources will be available from units such as Security Operations to support the information security and privacy program. Strong technical writing abilities. Very good understanding of security controls, control systems, and business drivers that impact security controls. Knowledge of SEC, FFC, Sarbanes-Oxley (SOX) and or Gramm-Leach Bliley Act regulatory policies & guidelines. Strong background in security authentication, security applications development methodologies, security architecture and operational procedures, organization, business continuity skills, disaster recovery skills, identity management skills and hands on experience implementing products / solutions e.g. NetIQ, Entrust, Netegrity, Oblix, PKI, and some director service, RSA, strong understanding of the development and maintenance of RBAC s (Role Based Access Controls). Ability to work collaboratively with a broad range of constituencies essential. A demonstrated ability to work with diverse cross functional groups of people is required. Good to Have: Knowledge of the following technologies a plus: Intrusion Detection / Prevention Systems for networks and hosts Security Event Management Systems Vulnerability Assessment Systems Secure transfer protocols such as SSH, SCP and Connect Direct Secure Plus Diagnostic tools such as packet capture/decode and WAN probes IP Networking Windows Systems administration and security tools Experience with remote access, terminal servers, etc a plus Experience in the administration of UNIX Solaris, HP/UX, or Linux and Windows operating systems a plus Experience in developing and administering an information security program desirable Working knowledge of and experience in the policy and regulatory environment of information security, especially in higher education is desirable Additional Information Regards, Arun Kumar R arunkr(AT)aditistaffing.com D: 425-457-7916

A Senior Cyber Intrusion Detection Analyst is needed to provide advanced incident response and monitoring support. This is a hybrid position based in Washington, D.C., covering 5th shift work (7am7pm Saturday & Sunday, Friday 11pm7am, and Tuesday 7am3pm). Responsibilities Respond to cyber incidents, including SOC incident response calls and emails. Serve as Subject Matter Expert (SME) in investigations escalated from SOC Tier I & II analysts. Investigate phishing attempts and other potential cyber threats. Collaborate with SOC federal staff and Incident Handlers to triage, contain, and remediate incidents. Participate in Splunk engineer working groups to improve alerting rules and reduce false positives. Work closely with Threat Hunt and Security Intelligence teams to strengthen SOC capabilities. Follow established incident response procedures, while identifying process improvement opportunities. Manage incidents involving enterprise systems and sensitive data, including PII breaches. Detect, collect, analyze, and report cybersecurity incidents. Investigate and remediate malware infections. Analyze a variety of logs and alerts (firewall, IDS, malware, HIPS, PCAP, proxy, Windows/Active Directory, etc.) to identify anomalous activity and document findings. Conduct advanced log and malicious code reviews to support containment and recovery. Assist with cybersecurity workforce development by reviewing tickets and annotations. Required Qualifications Bachelors degree with 8+ years of cybersecurity experience (or equivalent). At least 6 years of intrusion detection examination experience. Experience with a wide range of security technologies and logging data, including WANs, IPS/IDS/HIPS, web logs, raw data logs, and event reviews. Strong knowledge of Splunk SIEM with 3+ years of advanced analytics experience (queries, Grep skills, firewall ACL review, Snort IDS events, PCAPs, and web server logs). Strong written and verbal communication skills. One or more advanced certifications, such as: CERT Certified Computer Security Incident Handler CEH (Certified Ethical Hacker) CISSP GCIH (Certified Incident Handler) GISF (Information Security Fundamentals) Clearance Must be able to obtain and maintain a Public Trust clearance. Working Place: Washington, D.C., District of Columbia, United States Company : 2025 Sept 11 Virtual Career Fair - GovCIO

Salary range is $104k to $206k with a midpoint of $155k. New hires typically receive between minimum and midpoint, however, we may go slightly higher based on experience, internal equity and market. Sound Transit also offers a competitive benefits package with a wide range of offerings, including: Health Benefits: We offer two choices of medical plans, a dental plan, and a vision plan all at no cost for employee coverage; comprehensive benefits for employees and eligible dependents, including a spouse or domestic partner. Long-Term Disability and Life Insurance. Employee Assistance Program. Retirement Plans: 401a - 10% of employee contribution with a 12% match by Sound Transit; 457b - up to IRS maximum (employee only contribution). Paid Time Off: Employees accrue 25 days of paid time off annually with increases at four, eight and twelve years of service. Employees at the director level and up accrue additional days. We also observe 12 paid holidays and provide up to 2 paid floating holidays and up to 2 paid volunteer days per year. Parental Leave: 12 weeks of parental leave for new parents. Pet Insurance discount. ORCA Card: All full-time employees will receive an ORCA card at no cost. Tuition Reimbursement: Sound Transit will pay up to $5,000 annually for approved tuition expenses. Inclusive Reproductive Health Support Services. Compensation Practices: We offer competitive salaries based on market rates and internal equity. In addition to compensation and benefits, you'll find that we provide work-life balance, opportunities for professional development and recognition from your colleagues. GENERAL PURPOSE: Under general direction, the Information Security Engineering Manager oversees and operates several essential Information Security functions including Security Engineering and information security tool management. The Information Security Engineering Manager's role is to lead and support service owners, system owners, and relevant stakeholders in ensuring their respective (or proposed) systems are compliant with the Agency's information security standards. In addition, the Information Security Engineering Manager supports the operations of several other functions of the Agency's Information Security Management System (ISMS). ESSENTIAL FUNCTIONS: The following duties are a representative summary of the primary duties and responsibilities. Incumbent(s) may not be required to perform all duties listed and may be required to perform additional, position-specific duties. Acts as Service Owner for related Information Security Engineering services of the Information Security business unit. Support Information Security Architecture and Security Operations services Manages personal for the Information Security Engineering components of the Information Security Division. Provides guidance to the technical professionals that comprise the Security Engineering functions of the Information Security Division Participates in the overall implementation of the agency's information security program, under the direction of the Chief Information Security Officer (or delegate), where appropriate. Participates in the creation of information security governance documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Chief Information Security Officer (or delegate), where appropriate. Identifies and assesses technology-related risks to information security associated with prospective technology solutions; and recommends appropriate mitigating controls. Influences the design of any prospective technology solution for adherence to documented agency standards, policies, and regulatory responsibilities. Evaluates, implements, and supports security-focused tools and services required to support information security controls. Collaborates with other IT engineering and administration disciplines to ensure security best practices are incorporated into design, implementation and sustainment of systems and services within the agency. Consults with internal customers on risk assessment, threat modeling and mitigation of vulnerabilities Conducts security assessments, evaluates controls, and provide feedback to management and system owners on the design and effectiveness of control processes. Conducts regular security reviews of both software and processes. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats Participates in ongoing information security education, awareness, and outreach activities. Participate with information security incident investigation and response efforts, leading as needed. Participate with computer and network forensic investigations in support of incident response activities. Prepares regular reports on relevant metrics for different stakeholders. Coaches, manages, mentors, and develops staff. Focuses on keeping professional skills current. Keeps up to date on latest information security threats and countermeasures. Champions and models Sound Transit's core values and demonstrates values-based behaviors in everyday interactions across the agency. Contributes to a culture of diversity, equity and inclusion in alignment with Sound Transit's Equity & Inclusion Policy. It is the responsibility of all employees to follow the Agency safety rules, regulations, and procedures pertaining to their assigned duties and responsibilities, which could include systems, operations, and/or other employees. It is the responsibility of all employees to integrate sustainability into everyday business practices. Other duties as assigned. MINIMUM QUALIFICATIONS: Education and Experience: Bachelor's degree in Computer Science, Information Technology, Business Administration, Engineering, or closely related field. Five years of information technology experience with a focus on security engineering and operations, OR an equivalent combination of education and experience. Three years of leadership, budgetary, planning and workforce management experience. Required Licenses or Certifications: Certified Information Systems Security Professional (CISSP), orobtain within 12 months of hire. Preferred Licenses or Certifications: One or more of the following certifications is strongly preferred: Certified Information Security Manager (CISM) Information Technology Infrastructure Library (ITIL) Certified Ethical Hacker (CEH) Certified Cyber Forensics Professional (CCFP) GIAC Certified Incident Handler (GCIH) Required Knowledge and Skills: Strong command of ITIL core processes and principles. Strong command and experience with information security architecture and engineering principles General knowledge of the NIST 800 series standards, PCI DSS standard, and the ISO 27001/2 frameworks. Demonstrated work experience in a few of the following areas: Information Security, Security Architecture, Security Engineering, Security Operations and implementing best practices, tools and technology. Strong understanding of information technology and security controls. Strong understanding of and experience with security-related technologies, systems, and tools. Proven competency in the use of MS Office applications (Microsoft Project, Word, Excel, PowerPoint, and SharePoint) Strong team leadership and communicational (verbal/written) skills. Ability to work in highly collaborative environments. Strong workload prioritization and self-organization skills Strong project management skills. Preferred Knowledge and Skills: Understanding of Cloud Computing environments (Microsoft Azure preferred). Physical Demands / Work Environment: Work is performed in a hybrid office environment. This position is responsible for communicating with stakeholders, and using specialized security tools; may be subject to bending, hearing, sitting, standing, talking, seeing, and carrying and lifting 25 lbs or less. The Agency promotes a safe and healthy work environment and provides appropriate safety and equipment training for all personnel as required. Sound Transit is an equal employment opportunity employer. No person is unlawfully excluded from employment action based on race, color, religion, national origin, sex (including gender identity, sexual orientation and pregnancy), age, genetic information, disability, veteran status or other protected class.