Information security analyst jobs in Superior, MI

ISSM Duration: 9 Month Contract to hire Salary Range: $120k - $145k **Exact compensation may vary based on several factors, including skills, experience, and education. **Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law. Day to Day: Insight Global is looking for an ISSM to work for a DoD customer based out of Warren, MI. The ISSM will provide support in the following areas: Provide guidance to ISSOs, Information Technology team members, and the system owner regarding goals and objectives that will minimize the organizational risk present in the system Compose, distribute, and execute local policies and procedures that will ensure system compliance with DoD RMF controls. These policies include, but are not limited to: Vulnerability management POA&M management Personnel onboarding and offboarding Incident response Provide advisory to management regarding changes that may impact the security posture of the system Preparation and submission of system security plans to upstream accrediting organizations Must Haves: Previous experience working as an ISSM for 3+ years Strong Risk Management Framework (RMF) experience Excellent written and verbal communication skills Strong familiarity with NIST publications Understanding of common operating systems, network technologies, and security tools Secret Clearance Certification required for IAM level II or III appointment CAP CASP+ CE CISM CISSP GSLC CCISO HCISPP CISM CISSP GSLC CCISO Plusses: A BS degree in Information Technology, Cybersecurity, Data Science, Information Systems or Computer Science

The Panther Group is hiring a W2 Contract To Hire Senior Platform Cyber Security Engineer with one of our partners supporting the Department of Defense. This role requires an Active Security Clearance. This role is onsite in Sterling Heights, MI. Job Summary The function of this position is to support the Cyber and Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR) section with responsibility for Cyber architecture, technology, evaluation, testing and compliance across the US market and support the delivery of products and services to Ground Combat Platforms. This is an engineering management position to broadly execute guidance from platform Chief Engineer, Systems Engineering Manager, and functional management. This position will require a US security clearance. Responsibilities to Anticipate/Expect: Exercise authority and responsibility for Cyber and tasks to help integrate cross-functional technical scope within schedule and other constraints. Help project team to ensure a balanced, integrated, and compliant Cyber design across the vehicle system. Manage/support the identification, development and implementation of platform cyber-physical design best practices, tools and education across the entire engineering enterprise. This will be done with a cross functional team of engineering and program disciplines and form the basis for developing a cyber security culture within the engineering organization. Develop and manage System requirements and interface allocations including Performance and Space, weight and Power-Cooling, Reliability and Maintenance SWaP-CRaM), and enforce across the design team; develop system specification requirements compliance documentation Manage and coordinate requirements, architectures and system designs and any changes, conditions, inputs and final resolution for requirements, trades, and alternatives Manage, develop, support and conduct trade studies/structured decisions for system and subsystem design including system-level impacts to include balance of space, weight, power, cost, reliability, and performance across a Cyber vehicle suite Oversee/support development of verification plans and manage their execution including test and production and field site shakedown and verification Participate in and lead design and integration troubleshooting/Root Cause Corrective Action (RCCA) and problem report/test incident resolution for production, development, test, or modification projects Develop and evaluate checkpoint and design milestone artifacts and Contract Data Requirements List (CDRLs) and review to ensure technical accuracy and compliance with contract requirements Coordinate with platform Design Integrated Product Teams (IPTs) where interface is required, such as in threat analysis, interface development and requirements decomposition and compliance Evaluate new Cyber and C5ISR technologies for potential use on products Manage and participate in peer reviews Position Requirements: (Candidates will be considered on the aggregate of the position requirements, it is not required that candidates possess experience in all categories):Bachelor of Science in Engineering, related science or equivalent (Relevant cyber technical certificates and management credentials will be considered) Minimum of 7+ years' experience Experience with engineering and/or military projects Experience with Cameo Systems Modeler and modeling languages such as SysML Experience with embedded system engineering Cyber space. Experience with Threat Analysis and Risk Assessment (TARA) Experience with Cyber Tabletop Exercise (CTTX) drills Ensure compliance with federal regulations and standards, including NIST SP 800-37 and NIST SP 800-53, RMF. Prepare and maintain System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and other required documentation. Experience leading teams in technical development projects Experience in military vehicle development and integration Experience in interpreting higher level customer requirements and flowing them down to technology areas Experience in developing and managing system level cyber requirements Familiarity with various electrical line replaceable units and the development and troubleshooting of electronic hardware Experience with cyber warfare, offensive and/or defensive Experience with embedded systems, automotive and military related Experience with software and computer science principles Familiarity with cyber physical system security requirements Familiarity with Microsoft Office software (Word, Excel, PowerPoint, Visio, Project) Ability to travel (mostly domestic, some international) up to 15% This position will require a US security clearance. This position may require the candidate to be able to climb on/off, work in, and work around military vehicles is desired. Must be able to pass ASR test (Anthropometric Size Requirement for confined space)

Information Security Specialist | The Shyft Group, Inc. | Novi, MI Regular Employee | Salary Non-Exempt | $65,000.00 - 80,000.00 What you'll do: The IT Security Specialist is responsible for designing, implementing, and maintaining the organization's cybersecurity infrastructure across information technology, operational technology, and cloud environments. This position plays a vital role in safeguarding corporate systems, networks, and information by monitoring emerging threats and vulnerabilities. The individual in this role will work collaboratively with all departments across Aebi Schmidt Group to assess risk, coordinate vulnerability remediation, and develop defensible architectures to protect our assets. The IT Security Specialist will apply technical expertise to implement and manage security tools, automate key processes, and support incident response activities to minimize business impact and maintain continuity of operations. This position requires strong analytical and problem-solving skills, a comprehensive understanding of cybersecurity principles and technologies, and the ability to communicate effectively with both technical and non-technical stakeholders. Key responsibilities * Design, implement, and manage cybersecurity solutions across endpoints, networks, cloud, and identity management systems * Conduct vulnerability assessments and coordinate remediation efforts across IT and DevOps teams * Monitor, triage, and manage alerts from cybersecurity related tools and services * Leverage cybersecurity related tools and benchmarks to harden and build defensible IT systems and resources * Participate in incident response efforts including triage, containment, eradication, and post-incident efforts * Perform risk assessments on new technologies, vendors, and IT system changes * Automate repetitive tasks using Python, Bash, PowerShell, Terraform, or equivalent scripting languages What you need to be successful: * Bachelor's degree in computer science, information systems, cybersecurity, or related field * Relevant cybersecurity certifications such as CompTIA's Security+ * 5+ years of hands-on experience in cybersecurity or infrastructure security role * 3 - 5 years of experience in cloud technologies such as AWS and Azure * Strong understanding of networking and security protocols, firewalls, VPN's, SIEM, EDR/XDR, and vulnerability management * Knowledge of IAM concepts; idP, MFA, SSO, SAML/OAuth2, and the access policies that control them * Working knowledge of scripting or automation languages such as Python, PowerShell, or equivalent * Industry leading certifications such as CISSP, CEH, GICSP, or GSEC * Exposure to compliance standards such as ISO 27001, NIST, and PCI DSS * Experience with CI/CD pipelines or DevSecOps methodologies * Familiarity with the MITRE ATT&CK framework and threat hunting * Implement and manage OT cybersecurity controls across plant floor networks, control systems, and IT infrastructure * Data management and discovery tools such as Purview or other data loss prevention technologies Why The Shyft Group? Our people are our greatest asset, and your success is our success! That's why we provide comprehensive benefits that support your health, financial security, and work-life balance-so you can thrive both personally and professionally. * Health & Wellness: Medical, Dental, Vision, HSA/FSA, Wellness Plan * Financial Security: 401(k) with match, Disability, Life Insurance * Work/Life & Growth: Educational Reimbursement, EAP, Dependent Care At The Shyft Group, we don't just offer benefits-we invest in your well-being. Join us and experience the difference! Who we are: The Shyft Group is the North American leader in specialty vehicles, including last-mile delivery vans, work trucks, and motorhome chassis. Our 10 brands- Utilimaster, Blue Arc, Royal Truck Body, DuraMag, Magnum, Strobes-R-Us, Spartan RV Chassis, Red Diamond, Builtmore, and Independent Truck Upfitters- are powered by 3,000+ team members across the U.S. and Canada. Backed by 50 years of innovation and a supportive, entrepreneurial culture, we're leading the way in electrification and proudly ranked among Fortune's 100 Fastest Growing Companies. Equal Employment Opportunity (EEO) The Shyft Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, genetic information, status as a protected veteran or status as a qualified individual with a disability, or any other characteristic protected by applicable federal, state, or local law. If you have a disability and would like to request an accommodation in order to apply, please email us at *************************. The Shyft Group is an E-Verify Employer Shyft uses E-Verify, which is an online system operated by the U.S. Department of Homeland Security in partnership with the Social Security Administration to verify employment eligibility and validate social security numbers. Through participation in the E-Verify program, information entered on Form I-9 will be provided and compared to information available at both of these agencies. See posters for more details. E-Verify Notice U.S. Right to Work Notice.

About Us: Niterra North America, Inc., established in 1936 and formerly known as NGK Spark Plugs(U.S.A.), Inc., is a global leader in spark plug and oxygen sensor technology and quality. With a legacy of innovation and excellence, Niterra is evolving its business portfolio, leveraging core ceramic technologies to venture beyond traditional domains. The company is committed to developing solutions that address social issues and promote sustainability. About the Role: The ideal candidate must possess an enthusiastic and growth minded personality which will enable them to thrive in a dynamic environment. The candidate must be passionate about Cyber Security and possess strong technical knowledge in Security Domain. The Sr. Cyber Security analyst will serve as subject matter expert in various functions within the SecOps team utilizing solutions such as SIEM, EDR, VM, Firewall, Email Security, etc. The team member must be a team player who is eager to contribute to company success and meeting objectives. Essential Duties: * Adhere to all company policies and procedures, which include IATF, ISO, ISMS, QMS, TISAX and Safety related policies. * Investigate security incidents and perform in-depth analysis to identify security threats and perform remediations. * Deploy/implement security tools to protect company assets. * Review logs to detect anomalies which may lead to security breaches. * Serve as point of contact for assigned security vendors responsible for managed services and handle escalations. * Subject matter expert on vulnerability management to identify vulnerabilities and performin remediation. * Conduct/assist with performing penetration testing to identify security weaknesses and offer solutions to address identified gaps. * Participate/lead global incident response activities. * Subject matter experts on various security functions such as endpoint security, EDR, MDR, Firewall, Email Security, Spam filtering, PAM, etc. * Leverage automation to streamline workflow to increase efficiency and productivity. * Review, create or document standard operating procedures. * Perform periodic user access reviews and governance. * Assist with internal/external audits and implement security controls based on audit findings. Experience, Education and Certification: * 5 plus years of experience in SecOps functions including but not limited to Incident response, EDR, MDR, Email security, Endpoint Security, IAM, Firewall, etc. * Bachelor's degree in computer science or related field * Industry standard information security certifications (CompTIA Security +, Network +, CASP+, CISSP, GCIA, Digital Forensic, Ethical hacking, etc.) are a plus. * In-depth knowledge of TCP/IP networking, Routing, etc. * Experienced in Security functions including Firewall, IDS/IPS, Email Security, Endpoint Security, SIEM, EDR, Vulnerability Scanning, etc. * Experience with proactive threat hunting exercise. * Experience in leading security investigation and incident response and capable of documenting/conducting RCA in support of investigations. * Familiar with NIST CSF and other security controls/guidelines for incident response * Knowledge of Malware, ransomware behaviors and techniques * Ability to coordinate, gain trust of business stakeholders and maintain third party vendor relationships. * Able to work under pressure in critical circumstances. Why Work for Niterra? * Comprehensive Health Benefits: Medical, dental, vision, and life insurance * Financial Security: Short-term and long-term disability coverage * Retirement Savings: 401(k) plan with a generous company match of up to 6% * Time Off: Generous paid time off, including vacation, sick leave, and holidays * Work-Life Balance: Paid maternity and paternity leave

About Us: Niterra North America, Inc., established in 1936 and formerly known as NGK Spark Plugs(U.S.A.), Inc., is a global leader in spark plug and oxygen sensor technology and quality. With a legacy of innovation and excellence, Niterra is evolving its business portfolio, leveraging core ceramic technologies to venture beyond traditional domains. The company is committed to developing solutions that address social issues and promote sustainability. About the Role: The ideal candidate must possess an enthusiastic and growth minded personality which will enable them to thrive in a dynamic environment. The candidate must be passionate about Cyber Security and possess strong technical knowledge in Security Domain. The Sr. Cyber Security analyst will serve as subject matter expert in various functions within the SecOps team utilizing solutions such as SIEM, EDR, VM, Firewall, Email Security, etc. The team member must be a team player who is eager to contribute to company success and meeting objectives. Essential Duties: Adhere to all company policies and procedures, which include IATF, ISO, ISMS, QMS, TISAX and Safety related policies. Investigate security incidents and perform in-depth analysis to identify security threats and perform remediations. Deploy/implement security tools to protect company assets. Review logs to detect anomalies which may lead to security breaches. Serve as point of contact for assigned security vendors responsible for managed services and handle escalations. Subject matter expert on vulnerability management to identify vulnerabilities and performin remediation. Conduct/assist with performing penetration testing to identify security weaknesses and offer solutions to address identified gaps. Participate/lead global incident response activities. Subject matter experts on various security functions such as endpoint security, EDR, MDR, Firewall, Email Security, Spam filtering, PAM, etc. Leverage automation to streamline workflow to increase efficiency and productivity. Review, create or document standard operating procedures. Perform periodic user access reviews and governance. Assist with internal/external audits and implement security controls based on audit findings. Experience, Education and Certification: 5 plus years of experience in SecOps functions including but not limited to Incident response, EDR, MDR, Email security, Endpoint Security, IAM, Firewall, etc. Bachelor's degree in computer science or related field Industry standard information security certifications (CompTIA Security +, Network +, CASP+, CISSP, GCIA, Digital Forensic, Ethical hacking, etc.) are a plus. In-depth knowledge of TCP/IP networking, Routing, etc. Experienced in Security functions including Firewall, IDS/IPS, Email Security, Endpoint Security, SIEM, EDR, Vulnerability Scanning, etc. Experience with proactive threat hunting exercise. Experience in leading security investigation and incident response and capable of documenting/conducting RCA in support of investigations. Familiar with NIST CSF and other security controls/guidelines for incident response Knowledge of Malware, ransomware behaviors and techniques Ability to coordinate, gain trust of business stakeholders and maintain third party vendor relationships. Able to work under pressure in critical circumstances. Why Work for Niterra? Comprehensive Health Benefits: Medical, dental, vision, and life insurance Financial Security: Short-term and long-term disability coverage Retirement Savings: 401(k) plan with a generous company match of up to 6% Time Off: Generous paid time off, including vacation, sick leave, and holidays Work-Life Balance: Paid maternity and paternity leave

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are currently looking for a Senior Consultant or Principal level Security strategist with deep technical and functional expertise in Business Continuity and Disaster Recovery. What You'll Do * Lead and facilitate Business Impact Assessments (BIAs) across business units * Develop and update Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) aligned to critical business functions and systems * Assess organizational risk and capability gaps related to crisis management, workforce continuity, and infrastructure resilience * Design tiered recovery strategies based on RTOs, RPOs, and MVC (Minimum Viable Company) principles * Coordinate and conduct tabletop exercises, test execution, and post-mortem reviews * Align BC/DR practices with enterprise risk management frameworks, compliance requirements (e.g., HIPAA, ISO 22301), and audit expectations * Support program governance, metrics, training, and awareness efforts What You'll Bring * 6+ years of experience in Business Continuity, Disaster Recovery, or operational resilience consulting * Strong working knowledge of BIAs, BCP/DRP development, and crisis management planning * Understanding of IT infrastructure concepts and DR technologies (e.g., backup systems, cloud platforms) * Experience supporting risk assessments and regulatory audits * Excellent facilitation and stakeholder management skills * Strong writing skills to produce clear, client-ready plans and reports About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this role, we are hiring at the following levels and targeted base pay salary ranges: The targeted base salary pay range for Senior Consultant in New Jersey, New York City, and Washington DC is $153,000 to $186,000. The targeted base salary range for Senior Consultant in Atlanta, Chicago, Detroit, Kansas City, Minneapolis, Nashville, Philadelphia, Phoenix, St. Louis is $140,000 to $171,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. #LI-MS12

Computech Corporation provides IT and consulting services to various customers across the globe. We are a Minority Certified Company with over 15 years of industry experience. Our global delivery model and proven track record enable companies to realize improved business efficiency and increased profitability. Job Description As an Information Security Product Manager, you will work with highly skilled engineers, key business decision makers, and IT leadership. You will define the future direction for our technical security services and bring about the realization of that vision. You will work with vendors and the ecosystem, to help us stay abreast in new security technologies and to identify what capabilities to invest in. Qualifications Top 3 Skills required • Design, architecture, and implementation of centralized security technology solutions at large enterprises - 5 years • Operations experience in identity management, key management, or other security domains - 3 years • Leadership role in the development or delivery of information security services - 3 years Background Required • In depth knowledge of key information security domains, including authentication, authorization, access control, and encryption • Demonstrated experience in designing and implementing enterprise class security solutions • Familiarity with agile and waterfall development methodologies • Ability to translate the information security domain to IT and business domains, as well as communicate complex technologies in a clear and concise manner Preferences • Security operations experience, such as identity management or key management. • Previous leadership experience, either through leading teams and/or initiatives • Success in large corporate environments Role and Responsibilities • Internalize the team's mission and strategies, including key initiatives • Distill the technical vision for the team, including the future state for our centralized security technologies. This will span authentication, authorization, encryption, and other related services • Understand our customers; leverage feedback and learning to guide improvements to the information security customer experience • Gather, understand, and prioritize the business needs for centralized, shared security technology. This will be a comprehensive and ongoing exercise. • Build and maintain relationships with service customers and key stakeholders. This includes o representing the team with stakeholders, communicating on behalf of stakeholders within the team, and being the team's inbound/outbound point of contact o communicate evangelizing our mission and the value our services deliver o gather feedback from customers and stakeholders to ensure on-going suitability of service features o communicating regularly with senior IT leadership on key security metrics and service development successes • Facilitate and govern the full life-cycle of technical security service components, including o guiding the technical security control architecture o approving service life-cycle transitions • Prioritize and launch service development initiatives, o interfacing with business and technical stakeholders to define scope o establishing success criteria o estimating work efforts o securing funding • Seek new business opportunities that are enabled by our services • Identify potential areas for service improvements, including through o new technologies and vendor relationships. This also means Influencing selection of security technologies and managing relationships with vendor partners o partnering with information security research, service development, and security delivery teams • Assisting in planning for skill, methodology, technology, and facility needs for future services and capabilities Qualifications - Education and/or experience • Bachelors degree • Minimum 7 years of experience in information security architecture or engineering Qualifications - Other skills and abilities [soft skills] • Excellent verbal and written communication skills • Ability to influence and motivate people across a wide range of functional areas • Strong customer service skills • Capable in managing conflict and driving win-win outcomes • Highly organized; prepared to juggle multiple tasks while keeping focus on priorities • Comfortable switching from big picture to detail oriented activities • Passionate learner; able to rapidly digest, analyze, and apply new knowledge Additional Information All your information will be kept confidential according to EEO guidelines.

The Application Security product manager is looking for an Application Security Analyst who will be responsible for working with application development team to analyze application code vulnerabilities and involved in running security scans which include but not limited to SAST, DAST, IAST, Mobile, and ad-hoc dynamic testing. Also, Analyst will play role in extending WAF deployment for large number of applications. The candidate will play a key role in a major cybersecurity transformation initiative of “Shift left and Secure Early” as well as implementing additional security controls in SDLC. The role entails taking responsibility of analyzing security vulnerabilities and capability to provide mitigation solutions to fix issues by writing secure code, providing guidance to application teams, and coordinating with cross functional teams across the platform. Key responsibilities: Hands-on experience working with DevSecOps pipeline using CICD automation tools like Jenkins, TeamCity, GitLab, GitHub Action, Checkmarx, GitHub Advance Security, BurpSuite, and open-source tools. Implement Application Cyber Security Controls/Policies and standards developed by Application Security Program. Lead deployment of WAF for existing and new applications Ability to demo security vulnerability to application teams. Drive application security issues to a resolution. Provide a clear guidance to application teams during vulnerability mitigation effort Conduct application security assessment using standard Stellantis application security tools Collect and report status on application security assessments including milestones, deliverables, timing, tasks, risk areas, and status Categorize and recommend assessment strategies for existing and new application development Coach development and supplier teams on application security Develop user training material and conduct training sessions

+ As a Cyber Engineer, you will be responsible for maintaining systems, performing reviews, and evaluating configurations. + You will handle daily tasks and requests using the corporate IT ticketing system. + The role focuses on the hardening and improvement of existing systems to reduce risk to the systems and/or data. **Responsibilities:** + Maintain existing systems and ensure their proper functioning, identifying a baseline operation and identify an issue outside of the baseline. + Review the configuration of different systems, including consoles to evaluate system configurations for security controls. + Handle daily requests through the corporate IT ticketing system to onboard devices onto the network and address system issues. + Work with other teams to address findings. + Influence others to reduce risk and increase the resiliency of the system to cyber events. + Conduct vulnerability assessments and security evaluations of complex systems. + Develop and maintain comprehensive security testing plans. + Automate security testing processes for networks, systems, and applications where possible. + Develop meaningful metrics to reflect the security posture of the environment. + Produce actionable, threat-based reports on security review results. + Consult with platform managers and systems administrators on security review results and remediation strategies. + Install, operate, and maintain various cybersecurity products. + Implement routine security reviewing processes. + Collaborate closely with the organization's architect to implement design recommendations and requirements in the work environment. **Experience:** + At least 5 years of hands-on experience working with operating systems + Knowledge with security testing frameworks, such as OWASP. + Excellent organizational and time management skills. + Strong critical thinking and analytical abilities. **Skills:** + Proficient knowledge of: Unix/Linux systems, Mac OS + Desired Qualifications: + Knowledge of application development processes and proficiency in at least one programming or scripting language (Python, PowerShell, ETC.). + Windows client/server environments, VMware/Citrix + Cloud environments and technologies (e.g., AWS, Azure) + Certifications such as CCNA, NCSA, Linux Essentials, CompTIA-Security+, (ISC)2-SSCP **Education:** + Bachelor's or equivalent experience. **About US Tech Solutions:** US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit *********************** (********************************** . US Tech Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

The Application Security product manager is looking for an Application Security Analyst who will be responsible for working with application development team to analyze application code vulnerabilities and involved in running security scans which include but not limited to SAST, DAST, IAST, Mobile, and ad-hoc dynamic testing. Also, Analyst will play role in extending WAF deployment for large number of applications. The candidate will play a key role in a major cybersecurity transformation initiative of “Shift left and Secure Early” as well as implementing additional security controls in SDLC. The role entails taking responsibility of analyzing security vulnerabilities and capability to provide mitigation solutions to fix issues by writing secure code, providing guidance to application teams, and coordinating with cross functional teams across the platform. Key responsibilities: Hands-on experience working with DevSecOps pipeline using CICD automation tools like Jenkins, TeamCity, GitLab, GitHub Action, Checkmarx, GitHub Advance Security, BurpSuite, and open-source tools. Implement Application Cyber Security Controls/Policies and standards developed by Application Security Program. Lead deployment of WAF for existing and new applications Ability to demo security vulnerability to application teams. Drive application security issues to a resolution. Provide a clear guidance to application teams during vulnerability mitigation effort Conduct application security assessment using standard Stellantis application security tools Collect and report status on application security assessments including milestones, deliverables, timing, tasks, risk areas, and status Categorize and recommend assessment strategies for existing and new application development Coach development and supplier teams on application security Develop user training material and conduct training sessions

Provides reliable and responsive support to FPL staff and patron workstations. Responds to calls for help, troubleshoots and solves hardware and software problems. Provides support for Crestron audiovisual system for FPL meeting room. Setup and takedown of AV equipment such as laptops, digital camera, and digital projector. Consults IT Manager on best practices and implementation methodology. Duties and Responsibilities Provide support to staff and public workstations. Primary responsibility of this position is to support staff and public workstations by investigating and resolving computer hardware and software problems of end users. Much of this work is done remotely with occasional need for physical visits to another area of the facility. % of time: 80 Secure and lockdown workstations through use of security and lockdown tools. % of time: 5 Identify and correct printing problems through use of web interfaces. % of time: 5 Document workstation changes and configuration. Thorough understanding of documentation principles and updates. % of time: 2 Software installations. % of time: 5 Serve as backup for other IT staff. % of time: 1 Training staff on new software and technologies. % of time: 1 Other duties as assigned, including conveyor troubleshooting. % of time: 1 Qualifications and Requirements Education B.S. in Computer Science, Computer Engineering, Information Technology or equivalent. Microsoft Certified Professional (MCP) or CompTIA A+ certification desired. Must have: Ability to effectively and easily communicate technical topics to novices. Ability to project a positive, upbeat attitude and excellent interpersonal skills even under stress. Ability to work and communicate effectively with library management and staff. Ability to work in a team environment. Ability to learn new and emerging technologies. Understanding and utilize IT best practices. Ability to troubleshoot Windows 2000 and Windows XP workstations. Ability to troubleshoot Dell print devices. Ability to develop and maintain effective knowledge-based relationships with vendors. Thorough understanding of PC hardware, components and parts. Ability to document any and all workstation changes and updates. Understanding of troubleshooting ticket systems. Solid understanding of NTFS and Share permissions. Ability to configure TCP/IP. Knowledge of workstation imaging software. Knowledge of workstation security software. Understanding of Windows Registry and important keys. Experience with enterprise management software strongly desired. Web development skills strongly desired. Strong command line experience desired. Equipment Operation PCs, printers, library automation system, scanners, RFID scanners, self-check machines, faxes, self-check equipment, application software, and some PC hardware. Must be able to lift 50 pounds. Work Week 40 hour work week, pager accessible with additional hours as needed. Provides reliable and responsive support to FPL staff and patron workstations. Responds to calls for help, troubleshoots and solves hardware and software problems. Provides support for Crestron audiovisual system for FPL meeting room. Setup and takedown of AV equipment such as laptops, digital camera, and digital projector. Consults IT Manager on best practices and implementation methodology. Duties and Responsibilities Provide support to staff and public workstations. Primary responsibility of this position is to support staff and public workstations by investigating and resolving computer hardware and software problems of end users. Much of this work is done remotely with occasional need for physical visits to another area of the facility. % of time: 80 Secure and lockdown workstations through use of security and lockdown tools. % of time: 5 Identify and correct printing problems through use of web interfaces. % of time: 5 Document workstation changes and configuration. Thorough understanding of documentation principles and updates. % of time: 2 Software installations. % of time: 5 Serve as backup for other IT staff. % of time: 1 Training staff on new software and technologies. % of time: 1 Other duties as assigned, including conveyor troubleshooting. % of time: 1 Qualifications and Requirements Education B.S. in Computer Science, Computer Engineering, Information Technology or equivalent. Microsoft Certified Professional (MCP) or CompTIA A+ certification desired. Must have: Ability to effectively and easily communicate technical topics to novices. Ability to project a positive, upbeat attitude and excellent interpersonal skills even under stress. Ability to work and communicate effectively with library management and staff. Ability to work in a team environment. Ability to learn new and emerging technologies. Understanding and utilize IT best practices. Ability to troubleshoot Windows 2000 and Windows XP workstations. Ability to troubleshoot Dell print devices. Ability to develop and maintain effective knowledge-based relationships with vendors. Thorough understanding of PC hardware, components and parts. Ability to document any and all workstation changes and updates. Understanding of troubleshooting ticket systems. Solid understanding of NTFS and Share permissions. Ability to configure TCP/IP. Knowledge of workstation imaging software. Knowledge of workstation security software. Understanding of Windows Registry and important keys. Experience with enterprise management software strongly desired. Web development skills strongly desired. Strong command line experience desired. Equipment Operation PCs, printers, library automation system, scanners, RFID scanners, self-check machines, faxes, self-check equipment, application software, and some PC hardware. Must be able to lift 50 pounds. Work Week 40 hour work week, pager accessible with additional hours as needed.

WHAT WE ARE LOOKING FOR We are seeking an experienced and dedicated Data Privacy Manager and Information Security Officer to join our organization. This dual-role position ensures the confidentiality, integrity, and availability of data, while ensuring compliance with relevant privacy laws, regulations, and best practices. The ideal candidate will lead efforts to safeguard sensitive data and implement robust information security measures. Including, but not limited to: * Assessing local data protection requirements and activities. Implementing and maintaining the Group-wide data protection management system in his area of responsibility (if applicable, by means of local implementation guidelines). * Taking on country-wide data protection issues/tasks, supported by the responsible Data Privacy Officer. * Coordination of data privacy projects. * Interface to the responsible Data Privacy Officer. * Data breach management. * Processing of and/or support with data protection related inquiries. * If necessary, support during inspections by the relevant authorities. * Coordination of the Data Privacy Manager in his region * Identifies the need of further contact partners as potential Data Privacy Manager in the region. * Attends to general inquiries from supervisory data protection authorities as first responder. At a minimum, the Regional Data Privacy Manager shall act as second responder when, for example, inquiries come directly to management. * Primary Contact within the legal entity for Rheinmetall's data privacy organization. * Primary data protection counterpart for the management and employees within the legal entity. * Regular exchange with the relevant Data Privacy Officer. * Responsible for data protection related advice and support of business departments. * Data protection related support of business departments with the introduction of new or change of existing processes and/or assets (especially IT-solutions). * Develop and enforce the organization's information security policies, standards, and procedures. * Conduct risk assessments to identify and mitigate information security vulnerabilities. * Oversee the implementation of security technologies, including firewalls, intrusion detection systems, and encryption tools. * Lead the response to information security incidents, including investigations and post-incident reviews. WHAT QUALIFICATIONS YOU SHOULD HAVE * Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Law, or a related field. * At least 5 years of experience in data privacy, information security, or a related field. * In-depth knowledge of global data protection regulations and frameworks (e.g., GDPR, CCPA). * Strong understanding of information security principles, practices, and technologies. * Certifications such as CIPP/E, CIPM, CISSP, CISM, or equivalent are highly desirable. * Excellent analytical and problem-solving skills. * Strong communication and interpersonal skills to interact with all levels of the organization. * Ability to manage multiple projects and priorities simultaneously. * High level of integrity and a strong commitment to maintaining confidentiality.

Together, We Enhance Innovation and Growth i2G specializes in advanced physical electronic security and life safety solutions. I2G has proven experience in surveillance, access control, and intrusion detection systems, biometrics, fence sensors, radars, ground sensors, anti-drone technologies, and more. We excel in design, project management, commissioning, and enterprise technology integrations. i2G's mission is to provide the products and services that meet our customers' needs to give them a vital advantage in today's market, helping to protect what matters most. This position will provide engineering design and support for security solutions for new and existing clients while working alongside internal teams, external teams, clients, and subcontractors to ensure project success. We are looking for a motivated and knowledgeable Jr. Security Engineer to join our team. The ideal candidate will have an understanding of standard Low voltage systems ideally in the Electronic Security technology space, to include Access Control Systems (ACS), Intrusion Detection Systems (IDS), Closed-Circuit Television (CCTV), and supporting equipment such as computer software/hardware, and networking infrastructure. This candidate will excel in critical thinking, have the ambition to learn and grow, and possess a strong desire to perform at the top of their abilities. Responsibilities Review architectural, electrical, telecommunication, and security engineering floor plans, riser drawings, device schedules, and detail drawings. Design, develop, and implement solutions for system installations, upgrades, repairs, and conversions. Review Field Site Survey documentation and provide technical assistance with RFI/RFP responses. Create solution design documentation, including drawings, Bills of Materials (BOMs), permitting packages and solution design summaries. Learn and Maintain familiarity with current and emerging electronic security technologies, such as access control, video surveillance, intrusion detection, biometrics, and industry-leading vendors On the job Training will be provided to increase skills in all key responsibilities listed above, including hands on field work with installation and integration teams to better understand design and implementation requirements. Qualifications Mechanical, Engineering, Plumbing Engineering degree or a minimum of 2 years of previous experience in the industry. An associate or bachelor's degree in a relevant field if no previous experience, a comparable amount of experience in the appropriate field may be substituted. Experience in the design and planning of MEP systems. Ability to make load calculations associated with power, data, conduit fill ratios and/or HVAC systems. Ability to manage time and multiple tasks without supervision. Strong organizational skills and attention to detail. Excellent analytical and problem-solving skills. Exceptional presentation, writing, verbal, and written customer communication skills. Experience with computer programs such as Microsoft Office, Excel, Adobe, etc. is preferred. Knowledge of Microsoft Project, Visio, BlueBeam, AutoCAD, or Revit is a plus. Company Overview This is a Low Voltage Security Estimator career opportunity with i2G Systems. Learn more about i2G: *************************************** "Kastle Systems Makes Strategic Investment in i2G Systems, Strengthening Leadership in Serving High-Security Industries and High-Value, Large Scale Facilities" Read More About the Partnership Here: *********************************************************************************************************************************************************************************** Equal Opportunity Statement We are an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, protected veteran status, marital status, pregnancy or any other basis protected by applicable federal or state laws. #JuniorSecuritySystemsDesignEngineer #SecuritySystemDesign #AccessControlDesign #VideoSurveillanceDesign #IntrusionDetectionSystems #SecuritySystemsEngineering #SecuritySystemShopDrawings #SecuritySystemLayouts #SystemRiserDiagrams #EngineeringSpecifications #SecurityDesignDocumentation #SecurityProposalDesign #BidPreparation #SecuritySystemEstimation #SecuritySystemSubmittals #AutoCADSecurityDesign #RevitBIMSecurityDesign #SecuritySystemsIntegration #TechnicalSupportForSecurityDesign #SecuritySolutionsEngineering #PhysicalSecuritySystemDesign

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

The SAP Security Analyst - Role Design & SailPoint will be responsible for the day-to-day management of SAP user access, security role design, and governance processes across the AM region. This includes provisioning SAP accounts, collaborating with functional teams on secure access design, and supporting identity lifecycle management using SailPoint. The analyst will ensure the integrity and compliance of SAP S/4HANA access while providing support for audits, access reviews, and segregation of duties (SoD) monitoring. Job Summary: This position plays a vital role in maintaining secure and compliant SAP environments by designing, administering, and reviewing access controls. The ideal candidate will have a deep understanding of SAP security concepts (roles, authorizations, profiles) and hands-on experience with role provisioning, GRC tools, and identity governance platforms such as SailPoint. The analyst will also support global and regional initiatives, participate in SAP rollout projects, and contribute to continuous improvement in SAP security processes. Job Responsibilities: Design and maintain SAP security roles (single, composite, derived) for SAP S/4HANA and related systems. Support new project rollouts, security role mapping, and SoD (Segregation of Duties) compliance. Collaborate with functional leads to define access requirements and translate them into secure role concepts. Partner with the Identity & Access Management (IAM) team to support SailPoint provisioning workflows. Manage day-to-day user provisioning and de-provisioning for all AM Region SAP accounts, ensuring timely and accurate access. Conduct periodic access reviews, audit support, and remediation of identified risks. Provide technical guidance for GRC ruleset maintenance and SoD analysis. Develop documentation for security design, user provisioning processes, and governance procedures. Perform user and role analysis to identify redundant, obsolete, or excessive access. Investigate and resolve access issues, violations, or user provisioning errors. Stay updated on SAP security trends, tools, and regulatory changes impacting access control. Provide support during go-live cutovers and critical production support windows. Qualifications: Knowledge, Skills, and Abilities: Strong understanding of SAP authorization concepts and role-based access control. Ability to manage high-volume provisioning and support multiple SAP environments. Experience supporting manufacturing or regulated industries preferred. Strong communication skills for collaboration with business users and audit teams. Familiarity with IT general controls, SOX compliance, and access certification processes. Ability to prioritize and manage multiple tasks in a fast-paced environment. Experience working in international or global teams is a plus. Technical Skills: Hands-on experience in SAP Security for S/4HANA, Fiori, and ECC systems. Proficiency in SAP authorization objects, PFCG role maintenance, SUIM, ST01, SU53, and SU24. Experience with SAP GRC Access Control (ARA, BRM, ARM). Experience with SailPoint IdentityNow or other Identity Governance tools. Familiarity with ticketing systems like ServiceNow or SAP Solution Manager. Understanding of SAP modules such as MM, SD, PP, and FICO from a security perspective. Education: Bachelor's degree in business, Engineering, Computer Science, Information Systems, or related field. Experience: Minimum 5 years of experience in SAP Security administration. At least 2 years of experience with S/4HANA security and/or Fiori applications. Experience with SailPoint Identity Governance tools highly preferred. Experience supporting SAP implementations and working on project teams. Audit and compliance support experience is a plus. Working Conditions Open to travel up to 30%, including extended stays for project implementation. Ability to work in a professional setting, adhering to company and regulatory safety requirements. Work in a safe and professional manner while adhering to all regulatory requirements (OSHA, EPA, State, and Federal regulations, etc.). Comprehend and adhere to management directions and/or safety instructions with no restrictions. Effectively communicate in Business English language. Location: Close to at least one of the US plants is highly desirable Equal Opportunity Employer (EOE) - Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender, identity, disability, protected veteran status and national origin. At Astemo, we're challenging the status quo with the power of diversity, inclusion, and collaboration. Our goal is to build an inclusive work environment that celebrates the differences of our employees. We want to ensure that every employee feels valued, respected and empowered. We don't just accept difference-we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products, and our community. Astemo is proud to be an equal opportunity employer. If you need a reasonable accommodation to apply for a job at Astemo, please send the nature of the request and contact information to ************************* when applying for the position.

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we're all a part of something bigger than ourselves. Are you ready to change the way the world moves? As a key member of our Information Technology group, you'll play a critical part in shaping the future of mobility. If you're looking for the chance to leverage advanced technology to redefine the transportation landscape, enhance the customer experience and improve people's lives, this is the opportunity for you. Join us and challenge your IT expertise and analytical skills to help create vehicles that are as smart as you are! The Vehicle Cyber Security Systems Engineer will serve a key role in shaping the future of product development security for vehicles (e.g. Connected Vehicle, Autonomous Vehicle, Electric Vehicle, Ford Smart Mobility, and V2X Security). The engineer will work within cross functional team to do/support the following: You'll have... Bachelor's degree in Electrical Engineering, Computer Engineering, Software Engineering, Computer Science, or Cybersecurity OR a combination of education and experience 5+ years of experience with embedded and/or automotive systems 3+ years of experience with in-vehicle network architecture, modules, and protocols (CAN, etc.) Ability to develop and maintain engineering documentation including requirements, specifications, test plans, etc. Ability to work independently and collaboratively Strong communication and analytical skills Even better, you may have... Experience with Hardware Security Module (HSM) and Secure Hardware Extension (SHE) Experience with coding (i.e., C, C++, C# Python, Java, CAPL, JQL) Experience with JIRA and Kanban boards for project management Familiar with vehicle system (i.e., capabilities of ECUs on a vehicle) Familiar with automotive standards (i.e., ISO 14229-1, ISO 21434) Familiar with quality tools and methodologies (i.e., FMEA, DVP) Able to work following an agile methodology Knowledge of Ford's internal engineering systems and requirements Comfortable working in a fast-paced and innovative environment where problems are not always well-defined. Experience advocating and driving adoption of industry standard methodologies. Project management skills, including identifying and scheduling process steps, determining resources and staff required to successfully complete research projects. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including: • Immediate medical, dental, vision and prescription drug coverage • Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more • Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more • Vehicle discount program for employees and family members and management leases • Tuition assistance • Established and active employee resource groups • Paid time off for individual and team community service • A generous schedule of paid holidays, including the week between Christmas and New Year's Day • Paid time off and the option to purchase additional vacation time. For a detailed look at our benefits, click here: ******************************* This position is a range of salary grades 5-8. Visa sponsorship is not available for this position. Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call **************. #LI-Hybrid What you'll do... Perform product Cyber Security assessments on projects of multiple Ford product lines Compliance reviews on features, modules as defined in the Ford Cyber Security engineering process in compliance with ISO 21434, UNECE R155, UNECE WP.29 and any other required relevant global cyber security requirements, regulations. Using that understanding to standardize all business operations and establish clear, documented protocols. Have the ability to review technical documentation to assess compliance. Manage and apply cybersecurity requirements into product design and development life cycle from requirement to testing with required deliverables Work with feature and ECU owners to manage the progression of each feature / ECU through development to ensure security by design from inception Ensure features, components, systems are designed using robust engineering processes including threat analysis, risk assessment, adoption of security requirements, security audits, and vehicle ecosystem assessments Develop and utilize global supplier expertise to meet cyber security expectations Proficient in JIRA. Process, requirement improvement support, for future reference, particularly in the event of an audit by a regulatory agency. Provide presentations to management (program milestones, security governance board, etc.)

Mindlance is a national recruiting company which partners with many of the leading employers in the Life Sciences, IT, and Financial Services sectors, feel free to check us out at ************************* Job Title: Data Security Engineer Duration: 12+ months Location: Auburn Hills, MI Job Description: Candidates come ready to protect the enterprise landscape of data and computer systems. An International organization focused on secure, next generation data infrastructure is seeking a Data Security Engineer who has a passion for security coupled with large-scale know-how. As part of the Chief Information Security Officer's team, responsibilities of the Data Security Engineer will include, but not be limited to: • Teaming up with the usual suspects (a.k.a., cross-functional IT members) to determine the “best path forward” plan to securing the environment through controls, scanning, remediation, and hardening. • Actively identifying security vulnerabilities, threats, and exposures within the enterprise (servers, applications, and databases). • Bringing your “A” game to security testing techniques (scanning, auditing, and penetration testing). • Identifying concerns of residual risk, vulnerabilities, and other security exposures due to legacy systems or configuration errors. • Staying sharp by identifying new-to-market solutions that lead to best-in-class security practices. • Serving as security sense-check for IT project delivery and server lifecycle build process. • Joining forces with the ranks of Information Security leadership to develop strategies and plans to enforce security requirements and address identified risks. • Reporting security metrics for dynamic dashboards and executive reviews. • Doing the right thing by aligning cutting edge data and systems security practices to law of the land (regulations and policies). • Lending expertise to know when risk may be acceptable. • Ensuring security is top of mind. • Other challenging opportunities as assigned. Required Skills and Education: • Operational knowledge and skills (4+ years preferred) related to general industry security standards for application security, vulnerability management, and overall data security • Self-motivated and able to plan and carry out responsibilities with minimal direction and supervision • Excellent decision-making, analytic, and organizational skills • Strong written and verbal communication skills • Superior interpersonal skills (“team player” characteristics) and professional demeanor at all levels of the organization • Bachelor's Degree in Computer Science, Information Technology, Management Information Systems, or Software Engineering NOTE: A combination of education and experience equaling at least a Bachelor's degree will also be considered. • Working knowledge of common network devices as well as Windows and Unix operating systems • Familiarity with industry standards regarding system and application hardening and associated scanning tools. Demonstrated Technical Experience: • Vulnerability scanners • Application security testing • Security and technology controls Desired Certifications: • Certified Information Systems Security Professional (CISSP) or, • Certified Information Systems Manager (CISM) or, • GIAC Security Leadership (GSLC) or, • GIAC Information Security Professional (GISP) or, • GIAC Certified Web Application Defender (GWEB) Travel Requirement: • Limited International travel may be required Additional Information

Day to Day: Insight Global is looking for an ISSM to work for a DoD customer based out of Warren, MI. The ISSM will provide support in the following areas: Provide guidance to ISSOs, Information Technology team members, and the system owner regarding goals and objectives that will minimize the organizational risk present in the system Compose, distribute, and execute local policies and procedures that will ensure system compliance with DoD RMF controls. These policies include, but are not limited to: Vulnerability management POA&M management Personnel onboarding and offboarding Incident response Provide advisory to management regarding changes that may impact the security posture of the system Preparation and submission of system security plans to upstream accrediting organizations Must Haves: Previous experience working as an ISSM for 3+ years Strong Risk Management Framework (RMF) experience Excellent written and verbal communication skills Strong familiarity with NIST publications Understanding of common operating systems, network technologies, and security tools Secret Clearance

Job DescriptionISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.