Information Security Analyst jobs in Topeka, KS

Windstream Holdings, Inc., is a leading provider of advanced network communications and technology solutions for consumers, small businesses, enterprise organizations and carrier partners across the U.S. + Kinetic is a premier internet solutions provider on a mission to deliver ultra-fast, reliable internet to consumers and small businesses across the U.S., helping them Internet better. + Windstream Enterprise is a leading managed services provider providing strategic communications and security products to mid-size businesses and enterprise clients. + Windstream Wholesale provides high-capacity, high-performance networking solutions and services to other telecom carriers, data centers, content providers and enterprises. The Windstream team provides innovative software and network solutions to connect people and empower business in a world of infinite possibilities! **_________________________________________________________** **About the Role:** The Information Security Specialist is a crucial member of the Threat Detection and Response (TDR) team, dedicated to safeguarding the Windstream environment against cyber threats. This role involves a blend of expertise in cybersecurity tactics and an analytical mindset to detect, investigate, and mitigate potential security incidents. The Specialist will act as both a subject matter expert and a mentor, fostering knowledge and skills development within the team. **What You'll Do:** + **Alert Management:** Detect and respond to security alerts from both TDR and third-party tooling. + **Incident Handling:** Coordinate a well-structured response to cybersecurity incidents to minimize their impact. + **Expertise Provision:** Serve as a subject matter expert in information security within the organization. + **Mentorship:** Provide guidance and help develop training plans for junior team members. + **Tool Optimization:** Oversee the review and tuning of rules for all TDR tools. + **SIEM Enhancement:** Continuously improve the SIEM system, adjust security tools, log ingestion, and rule sets in response to the evolving threat landscape. + **Playbook Development:** Create incident response playbooks based on SOC escalation metrics. + **Automation and Streamlining:** Develop and drive agile automation solutions to enhance detection capabilities, making use of Security Orchestration, Automation, and Response (SOAR) tools. + **Threat Modeling:** Conduct threat modeling exercises to maintain robust security postures. + **Threat Hunting:** Execute threat hunts on Common Vulnerabilities and Exposures (CVEs) and Indicators of Compromise (IOCs), ensuring effective monitoring. + **Remediation Documentation:** Document remediation strategies to neutralize threats and secure the environment. + **Technical Escalation:** Act as an escalation point for Tier I & II analysts or Managed Security Service Providers (MSSP). + **Incident Response:** Manage the entire incident response process, from initial alert to recovery and post-incident analysis. + **Log Review and Engineering:** Conduct log reviews and engineer the integration of log sources with security tools. + **Policy and Documentation Maintenance:** Ensure the creation and updating of cybersecurity service standards, documentation, and processes. + **Incident Tracking:** Formally document and track incidents from detection to resolution. + **Performance Metrics:** Develop metrics for Incident Response to foster process improvements. + **Cyber Threat Intelligence:** Collect and utilize threat intelligence to bolster defenses against known attack vectors. + **Threat Classification:** Prioritize threats based on intelligence and system alerts. + **Compliance Assistance:** Aid in artifact collection for compliance with standards such as PCI-DSS and SOX. + **Team Exercises:** Engage in Red/Blue team activities and participate in tabletop exercises. + **Shift Availability:** Availability to work on a 24x7 schedule to ensure continuous security coverage. **Do You Have:** + Comprehensive knowledge of network protocols, devices, operating systems, cloud computing, and secure architecture, including proficiency in Windows, Linux, Azure, and Oracle Cloud. + Proficiency with SIEM, SOAR, IDS/IPS, EDR, Mail Gateways, Proxy, PKI, SYSLOG, and other network/security components. + Proven experience in incident response and remediation. + Familiarity with NIST Publications such as SP 800-53, 800-61, 800-70, 800-37. + Understanding of IT Security principles, techniques, and technologies. + Capability to conduct host and network analysis, including packet capture analysis. + In-depth knowledge of the MITRE ATT&CK Framework, and understanding of OWASP, Kill Chain, and other security frameworks. + Strong grasp of malware analysis concepts and methodologies. + Ability to independently manage initiatives with minimal oversight. + Ownership of toolsets or processes within the security domain. + Expertise in managing Incidents, Service Requests, Change, and Problem management processes. + Experience with current cyber threats and their exploitation tactics. + Exceptional analytical and problem-solving skills. + Excellent time management and organizational skills. + Quick learner for new technologies and concepts. **Must Haves:** Candidates must possess or be willing to obtain within the first 12 months of employment one of the following certifications: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or SANS Global Information Assurance Certification (GCIH). **Physical Tasks** - Standing Occasionally: 0-33% | Walking Occasionally: 0-33% |Sitting Continuously: 67-100% | Bending: Occasionally: 0-33% | Crouching: Occasionally: 0-33% | Pushing-Pulling: Occasionally: 0-33% | Carrying: Occasional: 0-33% | Reaching Above Head: Occasionally: 0-33% | Lifting-Lowering >1-15 lbs: Occasionally: 0-33% | Repetitive Hand Action: Medium Dexterity: Continuously: 67-100% | Fine Manipulating: frequently: 34% - 66% **Audio Visual Needs** - Hearing: Continuously: 67-100%| Near Vision: Continuously: 67-100% | Far Vision: Occasionally: 0-33% | Peripheral Vision: Occasionally: 0-33% **Equipment Used in Job Performance** : Computer, Printer, Telephone, Basic Office Supplies, Copier **_________________________________________________________** **Our Benefits:** + Medical, Dental, Vision Insurance Plans + 401K Plan + Health & Flexible Savings Account + Life and AD&D, Spousal Life, Child Life Insurance Plans + Educational Assistance Plan + Identity Theft, Legal, Auto & Home and Pet Insurance + ****************************** Windstream is an equal opportunity employer. At Windstream, we celebrate the authenticity and uniqueness of our people and their ideas. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, genetic information, protected veteran status, current military status, disability, sexual orientation, marital status, creed, citizenship status, or any other status protected by law, and to give full consideration to qualified disabled individuals and protected veterans. Actual base pay for this job will depend on the candidate's primary work location and other factors, such as relevant skills and experience. **Notice to Non-U.S. Citizens:** Windstream, as a holder of licenses granted by the Federal Communications Commission, is required to notify and to obtain approval from federal regulatory agencies prior to granting certain system/network access to any non-U.S. citizen personnel. Offers of employment extended to non-U.S. citizens are contingent upon receiving the requisite approval from agencies overseeing compliance. Non-U.S. citizens are required to provide Windstream with the personal identifying information required to obtain the necessary approval prior to accessing certain systems and/or Windstream's network. _If you are not a U.S. citizen, please notify your recruiter or email *************************** as soon as possible for information on Windstream's foreign personnel disclosure and approval requirements._ **Job Details** **Job Family** **IT** **Job Function** **Information Security** **Pay Type** **Salary**

Meta's security team is the central engine driving data and systems security at the company, supporting Meta and all of its family of apps. The organization is responsible for preventing malicious actors from compromising our environment as well as detecting and responding to them before they can do damage. We ensure that we are maintaining the protections we say we will, and engaging with the community to help those outside the company learn from the work we do. We work across all parts of the company, from the corporate infrastructure to production to external services, interfacing with nearly every team in the company.We are looking for an experienced Security Engineer to join our Identity, Authentication & Access Management (IAM) leadership team to drive cross-company initiatives to reduce access risk, while maintaining an acceptable balance of friction for our workforce. **Required Skills:** Security Engineer, Access Risk Responsibilities: 1. Proactively identify and prioritize areas of access risk across the company 2. Lead major cross-company workstreams to deploy capabilities from multiple security teams to mitigate this risk 3. Understand technical implementation of Meta's highest-risk assets (eg. our social graph cache) and design appropriate solutions to reduce internal access risk 4. Understand how our workforce interacts with assets across the company, and pursue opportunities to reduce friction and help the company move fast 5. Work with policy and legal teams to strengthen our standards and governance, and software engineering teams to influence design of our core access control systems 6. Influence asset-owning teams and their leadership across Meta to adopt appropriate access control designs and operational processes **Minimum Qualifications:** Minimum Qualifications: 7. Understanding of how to manage security risks in a fast-moving environment 8. Significant experience in driving large cross-company engineering initiatives 9. Experience communicating and influencing across functions to drive solutions 10. Experience delivering executive-level security strategies 11. Engineering experience and capacity to understand and reason about complex technical systems 12. B.S. Computer Science or equivalent work experience 13. 10+ years of work experience in software or security engineering **Preferred Qualifications:** Preferred Qualifications: 14. Practical experience with authorization or access management solutions **Public Compensation:** $213,000/year to $293,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

We are seeking a full-time Cyber Security Risk Analyst 2 in our Olathe, KS location. In this role, you will be responsible for identifying risk by assessing and monitoring a third-party's adherence to Garmin's information security policies and related controls. Essential Functions All: * Assign preliminary risk profile by identifying the information security risk factors based on data classification, design, functional purpose, and use * Determine if compensating controls are necessary due to inability to comply with primary control requirements and assist in determining compensating controls when needed * Work directly with system owners to identify mitigation of known risk * Complete and present risk assessment evaluations to management stakeholders articulating risk and impact analysis when information security control deficiencies are identified to ensure transparency and appropriate level of acceptance * Regularly contribute to management reports covering information security risk treatment, mitigation, and risk metrics * Adhere and contribute to Information Security policies, standards, procedures, technical security baselines * Conduct security and privacy assessments on third-party vendors and partners which includes initiating discovery sessions, leading architecture assessments, analyzing questionnaire responses, reviewing due-diligence documentation, participating in legal reviews, and facilitating risk reviews in accordance with established procedures * Participate in development and execution of third-party risk management strategies Basic Qualifications * Bachelor's Degree in Computer Science, Information Technology, Management Information Systems, or related field AND a minimum of 2 years relevant experience OR an equivalent combination of education and experience. * Experience managing risk across all risk management lifecycle stages * Understanding of industry frameworks and best practices (ex. NIST, ISO, OWASP, CIS, etc.) * Understanding of network design, security protocols and cloud integration security * Be team-oriented with ability to influence people without having direct management authority and motivate them to successfully mitigate risk within required timelines. * Demonstrated strong and effective verbal, written, and interpersonal communication skills along with strong analytical and problem-solving skills * Demonstrated quality and effectiveness in work documentation and organization * Ability to convey complex security issues and risks while maintaining a positive relationship with key stakeholders Desired Qualifications * Possess an understanding of project management including design review, threat modeling and risk profiling while working across a large, distributed organization and must apply the understanding to a diverse IT community to include policy, regulations, and compliance requirements * Competent with Microsoft productivity apps (ex. Outlook, Word, Excel, etc.) and experience using Confluence and Jira * Familiarity with data privacy compliance standards (ex. CCPA, GDPR, etc.) * Experience with various regulatory compliance, information security, and risk management frameworks * Working knowledge of vendor risk management tools * Training and/or certifications such as CCSK, CCAK, CISA, CTPRP, C3PRMP, CTPRA, CRCM, CERP Garmin International is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, veteran's status, age or disability. This position is eligible for Garmin's benefit program. Details can be found here: Garmin Benefits

The Oracle Cloud Security and Safety team is seeking dedicated security engineers looking to make their mark in a new security domain. The team is committed to bridging the gap between operations and security, empowering the engineering and operations teams within Oracle to operate their services without fear of security impacting mistakes or malicious behavior. Oracle Cloud Infrastructure is committed to constantly improving and securing our suite of massive scale, integrated cloud services in a broadly distributed, multi-tenant cloud environment. We are committed to providing the best in cloud products that meet the needs of our customers who are tackling some of the world's biggest challenges. We offer unique opportunities for smart, hands-on security engineers with the expertise and passion to solve difficult architecture, engineering, and process problems. Our customers run their businesses on our cloud, and our mission is to provide them with the most secure cloud services. Our ideal candidate is a security engineer with expertise and passion in finding and improving areas of weakness, while developing new standards in the security and safe operation of distributed systems, multi-tenant services and large-scale infrastructures. If this is you, joining Oracle Cloud Infrastructure (OCI) will enable you to design and build innovative new security models & systems from the ground up. These are exciting times in our space - we are growing fast and working on ambitious new initiatives. A security-focused engineer at any level can make significant technical and business impact **Responsibilities** + Prototype, design, and implement security solutions for new and challenging problems + Drive and champion security tool development (e.g. scanning tools) + Consult software development teams in design and architecture of safe and secure systems through Threat Modeling and modeling exercises + Champion and consult on secure development lifecycle practices + Design and integrate verification and posture reporting mechanisms + Define security configuration and implementation best practices Qualifications: + Bachelor's or Master's degree in Computer Science or related field + 5+ years of experience in security engineering or related field or equivalent experience + Experience building automated security solutions + Strong security experience, particularly with focus in one of the following areas: + Defensive Security + Offensive Security + Service architecture and Design Patterns + Strong collaboration and communication skills Preferred Skills + Experience scaling operational activities via Python, Bash, and other tools + DevOps or SRE experience operating large, distributed, continuously deployed services + Experience operating large, distributed, continuously deployed services + Expertise in designing databases schemas in (NoSQL / SQL). + Knowledge on bridging security engineering requirements into the software development life cycle. + Security training and mentoring experience + Experience with statistical/mathematical predictive modeling + Experience with machine learning / artificial intelligence + Experience designing resilient systems that support quick recovery + Experience with container orchestration and management + History of collaborating and integrating processes with software development teams, data scientists, business and other technical roles + Experience with Java or Python development Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $109,200 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC4 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

The Information Security Architect - Data Protection develops and guides the implementation of security architectures that protect sensitive data and ensure business continuity by mitigating associated risks. This position focuses on supporting Data Protection solutions, including Data Loss Prevention, File and Database activity monitoring, and encryption technologies, and requires collaboration with various stakeholders to ensure compliance with IT, privacy, and security standards. The architect will also be responsible for producing threat models, documenting control gaps, writing policies/standards, and providing technical recommendations for security measures. The ideal candidate will possess strong technical expertise in data protection and security architecture, with a proven track record of designing effective security controls. **ESSENTIAL RESPONSIBILITIES** + Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members. + Determine security requirements by evaluating business strategies and requirements; conducting system security and vulnerability analyses and risk assessments; identifying integration issues; preparing cost estimates. + Plan security systems by evaluating network and security technologies. + Implement security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures. + Enhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments. + May begin to provide leadership and mentoring in the areas of expertise and architecture to peers, developers, management and business users including technical expertise, coaching, and ad-hoc training. + Support assurance compliance to required standards, procedures, guidelines and processes. + Other duties as assigned or requested. **REQUIRED EDUCATION** + Bachelor's degree in Information Systems, Computer Science, Information Security, or Engineering, or relevant experience and/or education as determined by the company in lieu of bachelor's degree **PREFERRED EDUCATION** + Master's degree in Computer Science, Information Security or related field **EXPERIENCE** **_Minimum:_** + 5 - 7 years' experience architecting solutions + 5 - 7 years' experience in Information Security + Experience communicating with business partners **_Preferred:_** + 7 - 10 years' experience architecting solutions **SKILLS** + Business communication skills, both written and verbal and able to solve unconventional problems + Understanding of the TCP/IP protocol stack, application protocols such as SNMP, SMTP, DNS, and DHCP; IPSec and SSL VPNs; SSL/TLS protocol knowledge + Understanding of the information technology and information security industries, their current developments, trends, issues, and fundamental concepts + In-depth expertise in analyzing a wide spectrum of technical systems and services robustness and needs, and making practical recommendations to address them + Detailed knowledge of web, mobile, and client application security vulnerabilities, attack methods, and countermeasures + Experience with common information security management frameworks, such as HITRUST, ISO 27001, CobiT, ITIL + Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common protocols (RADIUS, LDAP, KERBEROS, SAML, etc.) + Participate in evaluations and recommend solutions to support enterprises security controls including: networking, firewalls, IDS/IPS, data loss prevention, application security, infrastructure security, and data security **REQUIRED LICENSURE** None **PREFERRED LICENSURE** Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), etc. **TRAVEL REQUIREMENT:** 0%- 25% **LANGUAGE REQUIREMENT (** **_other than English_** **)?** None **PHYSICAL, MENTAL DEMANDS AND WORKING CONDITIONS** ( _The physical, mental demands and working conditions described here are representative of those that must be met by an employee to successfully perform the essential function of their job. Reasonable accommodations will be made when necessary to enable individuals with disabilities to perform the essential duties of the position, to the extent that they do not cause undue hardship._ **_Position Type:_** Office-Based **_Office-Based Positions_** An employee in this position works in an office environment. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. Teaches/Trains others regularly Occasionally Travels regularly from the office to various work sites or from site-to-site Occasionally Works primarily out-of-the office selling products/services (Sales employees) Never Physical Work Site Required Yes **_Most On-The-Road Positions_** An employee in this position may work in a home or company office environment but is also frequently driving to and from various locations to perform the work off-site. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. **_Non-Office-Based Positions_** An employee in this position is frequently required to move throughout the workplace, sit, stand and walk, use hands and fingers to hold objects, tools or controls, possess fine motor skills (e.g., to write and operate a computer or to steer transportation equipment), possess gross motor skills (e.g., to carry items), reach with hands and arms, climb stairs and ladders, balance, stoop, kneel crouch and crawl, communicate effectively, and talk and hear. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus. The employee must be able to work in a busy environment where decisions often must be made quickly, must attend work on a regular and reliable basis, must adhere to all workplace policies, and may be called upon to work outside regular business hours. This work occurs in a [example: warehouse, hospital or provider's office or mailroom]. Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 to 50 pounds Does Not Apply **ADDITIONAL INFORMATION** **Changes Approved By:** Kathleen Thompson **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement:_** _This position adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies_ As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements. **Pay Range Minimum:** $78,900.00 **Pay Range Maximum:** $147,500.00 _Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J263691

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** The Lead Information Security Engineer is a member of the Industrial Security team supporting Lumen Government Services and is responsible for performing cybersecurity compliance actives in support of government contracts as well as Lumen Product and Services targeting the Government market. The Lead Information Security Engineer must execute all six phases of the Risk Management Framework (RMF) process in accordance with FISMA, DoD, FIPS, and NIST requirements and policy. Responsibilities include developing RMF documentation (System Security Plan, Security Control Traceability Matrix, Plan of Action & Milestones, various Standard Operating Procedures, Continuous Monitoring Plan, etc), tracking/resolving vulnerabilities, performing continuous monitoring activities, developing security policies, and supporting cybersecurity guidance and compliance related activities. The Lead Information Security Engineer works closely with Lumen government customers (Federal and State), Lumen government program teams, Lumen operational teams, Lumen security teams, as well as Lumen Product and Services teams targeting our government customers. A successful candidate will have excellent communications skills and experience presenting cybersecurity issues to a wide variety of audiences. The candidate must be able to work independently and as a team leader to develop and execute strategies. The candidate must possess and maintain a broad technical knowledge of current and emerging technologies used within corporate infrastructure and government customer infrastructure. **The Main Responsibilities** + Perform as an Information Systems Security Officer (ISSO) for government system + Achieve and maintain ATO (Authority to Operate), as required. + Write System Security Plans (SSP), Plan of Actions & Milestones (POA&M), Continuous Monitoring Plan, Risk Assessments, Privacy Impact Analyses (PIA), and supporting documentation for systems subject to NIST SP 800-53 + Lead Security Assessment and Authorization processes and procedures + Manage cybersecurity audits by federal departments/agencies, including third party auditors + Develop and complete continuous monitoring reports and briefings + Interface with appropriate government agencies, company management and employees, customers, vendors, and suppliers to ensure understanding of and compliance with security requirements + Review vulnerability and compliance scan results (Nessus, Qualys, etc), and work with the various team members to remediate vulnerabilities, and track ongoing vulnerability status and remediation activities + Conduct periodic reviews to ensure compliance with established policies and procedures + Investigate and document cybersecurity incidents, as well as provide protective and corrective measures in response to such incidents + Report all cybersecurity incidents to the program Information Systems Security Managers (ISSM) through reports and briefings + Participate in the change management process to ensure changes to software, hardware, and firmware do not adversely impact the security of an environment + Develop, facilitate, and present information security awareness and security training on various customer and corporate security policies + Coordinate and participate in business development opportunities related to cybersecurity compliance to include evaluating Requests for Information (RFI) and + Requests for Proposal (RFP) from government customers and documenting cybersecurity responses + Recommend security best practices and system configuration standards **What We Look For in a Candidate** + 6+ years or experience performing cybersecurity, certification & accreditation (C&A), or assessment & authorization (A&A) related activities + Excellent oral and written communication skills, collaboration skills, and experience in presenting cybersecurity issues to all levels of management, as well as non-technical staff + Strong work ethic, demonstrated self-starter with the ability to work in a fast paced, team-oriented environment + Uses strong interpersonal skills to build partnerships with stakeholders and peers + Ability to successfully complete Government suitability and/or Government personnel security requirements is highly desired. + Education: Bachelors or equivalent years of experience. + Professional cybersecurity certification (CISSP, CISM, GSLC, CCISO) **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $103,711 - $138,281 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $108,896 - $145,195 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $114,082 - $152,109 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. \#GSS Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure **What to Expect Next** \#LI-JS1 Requisition #: 338652 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 07/11/2025

**About Us** **As a digital and cybersecurity services company, Stratascale exists to help the Fortune 1000 transform the way they use technology to advance the business, generate revenue, and respond quickly to market demands. We call it Digital Agility.** **To learn more about how we're shaping the future of digital business and a more secure world, visit stratascale.com.** **Job Description Summary** The Senior Security Consultant - Offensive Security is a critical role within Stratascale's Adversarial Operations team who will assist in leading and supporting the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients. The Security Consultant supports the development and delivery of a diverse range of continuous threat and exposure management consulting, penetration testing, and operational service programs to a portfolio of our clients. This role involves developing governance models, collaborating with sales and technical teams, delivering training content, and staying informed on industry trends to ensure successful solution delivery and continuous improvement in security practices. This position is remote with a Home Office setup as determined by Stratascale management. **Role Description** + Perform penetration testing against complex environments covering both external, internal, web application, and other forms of offensive security engagements. + Consult and document attack surface, threats, and vulnerability improvements based on team's overall assessment of client's environment. + Perform full assessment and threat modeling against industry best practices to identify control weaknesses and assess the effectiveness of existing controls. + Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations. + Collaborate with client's security teams to understand mitigation or resolutions for findings discovered by analysts. + Review threat intelligence for specific threat vectors that align with client's industry or potentially impacted by to utilize in attack path modeling. + Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients their stakeholders. + Provide subject matter expertise and technical support on remediation, cloud security, governance, compliance, and core infrastructure systems. + Assist customers with strategies, use of platforms, technical and compliance analysis, and implementing automation. + Develop and deliver governance models, security frameworks, compliance reporting, and security assessments. + Collaborate with internal sales and technical teams to support the solution sales cycle, qualify opportunities, and ensure successful solution delivery. + Identify customer needs and requirements, recommend appropriate solutions, and proactively identify areas for improvement. + Execute consulting projects by creating and completing deliverables, ensuring client needs and practice obligations are met. + Develop and deliver training content, curricula, and workforce development programs, including in-person and remote sessions. + Participate in customer and internal meetings, providing technical guidance and facilitating discussions. + Stay educated on new product technologies, industry trends, and emerging capabilities within the practice. + Develop and optimize cross practice capabilities, collaborate with peer practice leaders, and mentor other consultants. **Behaviors and Competencies** + Communication: Can effectively communicate complex ideas and information to diverse audiences, facilitate effective communication between others, and mentor others in effective communication. + Relationship Building: Can take ownership of complex team initiatives, collaborate with diverse groups, and drive results through effective relationship management. + Self-Motivation: Can take ownership of complex personal or professional initiatives, collaborate with others when necessary, and drive results through self-motivation. + Negotiation: Can take ownership of complex negotiations, collaborate with others, and drive consensus. + Impact and Influence: Can rally a team or group towards a common goal, creating a positive and persuasive influence. + Business Development: Can take ownership of significant business initiatives, collaborate with various stakeholders, and drive business results. + Emotional Intelligence: Can use emotional information to guide thinking and behavior, manage and/or adjust emotions to adapt to environments or achieve one's goal(s), and help others do the same. + Detail-Oriented: Can oversee multiple projects, maintaining a high level of detail orientation, identifying errors or inconsistencies in work, and ensuring accuracy across all tasks. + Follow-Up: Can take ownership of tasks, collaborate with others in managing follow-ups, and drive results through effective task completion. + Presenting: Can effectively use visual aids, storytelling, and persuasive techniques to enhance presentations and engage audiences. + Delegation: Can delegate responsibilities across a team, balancing workload, and ensuring all members understand their roles. + Analytical Thinking: Can use advanced analytical techniques to solve complex problems, draw insights, and communicate the solutions effectively. + Critical Thinking: Can integrate and synthesize information from various sources to inform strategic decision-making and problem-solving. + Technical Troubleshooting: Can take ownership of complex technical problems, collaborate with others to manage solutions, and drive results in problem resolution. **Skill Level Requirements** + Expertise in designing, implementing, and managing cloud-based solutions to optimize performance, scalability, and cost-efficiency - Intermediate + Proficiency in implementing and managing cloud security frameworks, compliance standards, and governance models - Intermediate + Ability to understand and articulate various security technologies, including firewalls, endpoint protection, email security, and identity management, to identify and address customer security challenges - Intermediate + Ability to oversee and direct projects to completion, ensuring goals are met, resources are utilized efficiently, and stakeholders are satisfied - Intermediate + Proficiency in implementing and managing DevOps practices, including continuous integration, continuous delivery, infrastructure as code, and monitoring to enhance the collaboration between development and operations teams - Intermediate + Ability to examine, clean, transform, and model data to discover useful information, draw conclusions, and support decision-making - Intermediate + The ability to effectively utilize applications like Word, Excel, PowerPoint, and Outlook to enhance productivity and perform various tasks efficiently. - Intermediate + Competence in managing and maintaining Active Directory, AWS, VMware, and Windows Server platforms. - Intermediate + Proficiency in configuring and supporting operating systems, database platforms, web technologies, secure network setups (VPN configuration), and the ability to recommend new network solutions based on industry trends and best practices. - Intermediate + Practical experience with Security Awareness Training (SAT) platforms like Immersive Labs, KnowBe4, and Ninjio. - Intermediate + Working knowledge and skills with Learning Management Systems such as Docebo, Moodle, SuccessFactors, LearnWorlds, and Blackboard. - Intermediate **Other Requirements** - Completed Bachelor's Degree or relevant work experience required - 5 - 7 years of experience working with large organizations on security engineering projects - Ability to travel to SHI, Partner, and Customer Events - Advanced industry certifications preferred The estimated annual pay range for this position is $165,000 - $205,000 which includes a base salary and bonus. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending. Equal Employment Opportunity - M/F/Disability/Protected Veteran Status

Datavant is a data platform company and the world's leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format. Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Datavant is trusted by the world's leading life sciences companies, government agencies, and those who deliver and pay for care. By joining Datavant today, you're stepping onto a high-performing, values-driven team. Together, we're rising to the challenge of tackling some of healthcare's most complex problems with technology-forward solutions. Datavanters bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare. **What We're Looking For** As a Cloud Security Engineer in the Secure Product & Infrastructure program, you will be part of a highly technical team, actively working to build security into Datavant's infrastructure. You'll play a key role helping to build secure patterns, and enabling engineering teams to move fast, while being secure. **What You Will Do** + Use your strong understanding of AWS security to help Datavant navigate all the traps of good AWS products vs. great AWS products and know when to be thoughtful on use. + Have strong experience and understanding of containerization, as well as operating and securing Kubernetes clusters. + Have a point of view on secure continuous development and represent it as Datavant continues to mature working collaboratively with other team members. + Have a point of view on secure network controls and the deep design paradigms of secure cloud networking, and overlay networks. + Have experience working with engineering teams, helping to tune WAF rules for applications. + Review components being built in our cloud infrastructure (via pull request reviews and contribution). During these reviews you'll be mentally present and use your ability to evaluate risk such that you have a great impact on the delivery of secure code. This role is not merely a +1. + You will have an understanding of risks, but may have some knowledge gaps in depth of risk management. It's OK, we'll teach you. The core skill set you bring to the table is a development mindset. + Work directly with DevOps peers to help build practical and usable security into the SDLC and AWS. + Own new projects for advancing security in our environment. Be a technical expert and collaborate with others on the teams to ensure project success. Your impact here cannot be understated, you are a core contributor and have deep influence to empower Datavant greatness. **What You Need to Succeed** + You are humble. + You have an "automation first" mindset. + You can build Infrastructure as Code in Terraform. It is expected that you have a "git native" skillset. + You can articulate start to finish what a secure release cycle should look like in detail. + You have opinions and options on most of the steps. + You are a consummate collaborator, it's inherent in your work behavior. + You value time deeply and optimize for greatest impact. + 3+ years of working in at least 1 major public Cloud provider and a desire to learn a second. + 2+ years of operating, and securing Kubernetes clusters. + Broad scoped projects don't scare you, they energize you. However, you like to get things done fast (and help others) with limited dependencies. **What Helps You Stand Out** + You are often viewed as the "expert in the room" on cloud security in your current role. + You have experience with SCA, SAST, and secrets detection. + You have experience with security in healthcare or other highly regulated space. Examples: FEDRAMP, HIPAA/HITRUST, SOC 2, PCI experience from an operational response standpoint. We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. At Datavant our total rewards strategy powers a high-growth, high-performance, health technology company that rewards our employees for transforming health care through creating industry-defining data logistics products and services. The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job. The estimated total cash compensation range for this role is: $152,000-$190,000 USD To ensure the safety of patients and staff, many of our clients require post-offer health screenings and proof and/or completion of various vaccinations such as the flu shot, Tdap, COVID-19, etc. Any requests to be exempted from these requirements will be reviewed by Datavant Human Resources and determined on a case-by-case basis. Depending on the state in which you will be working, exemptions may be available on the basis of disability, medical contraindications to the vaccine or any of its components, pregnancy or pregnancy-related medical conditions, and/or religion. This job is not eligible for employment sponsorship. Datavant is committed to a work environment free from job discrimination. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. To learn more about our commitment, please review our EEO Commitment Statement here (************************************************** . Know Your Rights (*********************************************************************** , explore the resources available through the EEOC for more information regarding your legal rights and protections. In addition, Datavant does not and will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay. At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your answers will be anonymous and will help us identify areas for improvement in our recruitment process. (We can only see aggregate responses, not individual ones. In fact, we aren't even able to see whether you've responded.) Responding is entirely optional and will not affect your application or hiring process in any way. Datavant is committed to working with and providing reasonable accommodations to individuals with physical and mental disabilities. If you need an accommodation while seeking employment, please contact us at *********************** . We will review your request for reasonable accommodation on a case-by-case basis. For more information about how we collect and use your data, please review our Privacy Policy (**************************************** .

Security EngineerRemote - United StatesJR012099 **This job posting is for WPS rehire candidates only. If you're not coming from WPS please go back to the job board and look for a general posting.** At Ensono, our **Purpose is to be a relentless ally, disrupting the status quo and unleashing our clients to Do Great Things** **_!_** We enable our clients to achieve key business outcomes that reshape how our world runs. As an expert technology adviser and managed service provider with cross-platform certifications, Ensono empowers our clients to keep up with continuous change and embrace innovation. We can **Do Great Things** because we have great Associates. The Ensono Core Values unify our diverse talents and are woven into how we do business. These five traits are the key to achieving our purpose: Honesty, Reliability, Curiosity, Collaboration, and Passion. **About the role and what you'll be doing:** The Cybersecurity Engineer, under the direction of the Cybersecurity Engineering Sr. Manager, will be part of an expanding team responsible for engineering security solutions for a global managed service provider. This position serves as a security engineering professional and is responsible for assisting in driving security projects and solutions to meet internal and customer security and compliance needs. After-hours or on-call duty may be required. **We want all new Associates to succeed in their roles at Ensono. That's why we've outlined the job requirements below. To be considered for this role, it's important that you meet all Required Qualifications. If you do not meet all of the Preferred Qualifications, we still encourage you to apply.** **Applications and tools may include:** + Anti-malware applications (Trend Micro Vision One, Cloud One, Deep Security, Apex One) + Public cloud (AWS, Azure) native security apps and add-ons (Trend Micro Cloud App Security) + Host based IDS/IPS applications (Trend Micro) + Security auditing and forensics tools (Metasploit) + Security information and event management applications (LogRhythm, Elastic, Alert Logic) + Vulnerability scanning and reporting tools (Tenable.sc, Tenable.io, Nessus, Qualys, Rapid7) + Information encryption and secure deletion applications + File Integrity Monitoring tools (Trend Micro) + Certificate management applications + Web application gateways + Microsoft 365 Defender suite + Additional security related applications as required **Tasks include:** + Strong technical writing skills to include the ability to provide clearly written and detailed reports on projects for communication to leaders + Responsible for design, implementation, and administration of information security solutions + Support internal and customer auditing requirements + Create internal and customer facing security standards and procedures + Align procedures, processes, and security tools to support a single global cybersecurity model + Provide guidance to and mentorship to members of the Security Operations Center + Perform incident response roles as necessary per the Ensono Incident Response Plan + Evaluate, test, and implement security application upgrades and patches + Monitor, assess, and report on security vulnerabilities and emerging threats + Interact with other teams to create, maintain, and implement security hardening standards + Design and maintain systems to comply with compliance standards such as PCI-DSS, etc. + Mentor new and existing security engineering team members + Perform or assist with penetration testing activities + Provide recommendations and assist with the creation of security product roadmaps + Consult with product owners to ensure alignment of solutions to security product offerings + Additional security related tasks as required **Knowledge and skills required or preferred:** + 3+ years full-time experience in an information security position, or 5+ years in an infrastructure engineering role + Excellent spoken and written English skills + Ability to lead or manage multiple security engineering projects simultaneously + Proven ability to interface with customers of all technical/seniority levels in a professional and effective manner + Experience with anti-malware applications from vendors, such as Trend Micro in an enterprise environment + Excellent understanding of TCP/IP based networks, DNS, firewalls, encryption, security concepts, common attack vectors/types + Good understanding of malware classification, entry vectors and propagation channels + Excellent customer service skills, the ability to manage multiple ongoing tasks, and the ability to own and complete tasks independently without supervision + Strong knowledge of digital forensics or penetration testing + Experience with event logging and SIEM applications such as LogRhythm + Experience developing and implementing security solutions in a large enterprise environment + Experience with File Integrity applications such as Tripwire or Trend Micro Deep Security + Administrator level experience with Windows or UNIX/Linux systems in a large enterprise environment + Excellent understanding of and able to speak to commonly accepted security best practices + Fill a senior role in working on challenging assignments, take full advantage of opportunities to develop skills, assists the team with accomplishing goals beyond directly assigned tasks, and use feedback constructively + Knowledgeable of network architecture concepts to include virtual firewalls, routing and VLANs + Experience with vulnerability scanning tools and experience evaluating vulnerability risks + Bachelor's degree in information security or a related field of study + Experience with email security to include cloud applications such as Microsoft 365 Defender + Experience with password vaulting for encrypting and storing credentials + Experience working with 3rd party auditors and compliances such as for PCI-DSS, SSAE SOC1/SOC2, and/or ISO270001 + Experience with security incident response in a large enterprise environment + Experience with scripting such as VBScript, PowerShell, or Python + Experience with application APIs for developing solutions around reporting, alerting, ticket integration, and metrics tracking + Strong knowledge of Host and Network IDPS systems + Strong knowledge of Certificate Services + Experience in creating clear and robust security standards and procedures + Strong experience in managing security solutions in public or hybrid cloud environments such as AWS, Azure, or GCP + Security certifications such as CISSP/ISSEP, CISA, CCSP, CEH, SANS GIAC Why Ensono? Ensono is a place to make better happen - for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices. Some of our benefits include: + Unlimited Paid Days Off + Three health plan options through Blue Cross Blue Shield + 401k with company match + Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts + Paid Maternity Leave, Paternity Leave, and Sabbatical Leave + Education Reimbursement, Student Loan Assistance or 529 College Funding + Enhanced fertility coverage + Wellness program + Depending on location, ability to take advantage of fitness centers + Flexible work schedule As of the date of this posting, a good faith estimate of the current pay scale for this role is $95,000 to $135,000 annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program. Ensono is an EqualOpportunity/AffirmativeAction employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP's pay transparency policy can be found on OFCCP's website (*********************************************************************************************** . If you need accommodation at any point during the application or interview process, please let your recruiter know or email ****************************** . JR012099

DecisionPoint Corporation is seeking an IT Security Analyst to join our US Air Force team supporting the defense of USAF infrastructure (AFIN) at the base level. is onsite at Forbes Field AFB. Duties & Responsibilities The contractor shall provide Functional Mission Analysis-Cyber assistance to identify weapon system's critical information technology architecture and supporting infrastructure that aids in the warfighting mission. Contractor shall perform Information Security Analyst functions as follow: Contractor personnel supporting this effort shall possess a fundamental understanding of DoD mission assurance concepts/principles and how they relate to the USAF mission. Investigate a diverse collection of network activities in cyberspace to determine essential Mission Relevant Terrain Cyber (MRT-C) support designed for command, control, processes, and systems. Develop a strategy to identify, evaluate, and minimize risks in the local cyberspace environment that are considered crucial for mission success. Create and implement strategies and techniques to merge and display relevant MRT-C, based on essential systems and network services. Identify and analyze trends to define MRT-C requirements and provide guidance and alignment services. Assist with FMA-C, identifying, mapping, and developing a defense plan to safeguard MRT-C. Establish databases to monitor systems, design and revise user boundaries, and create indexing to make searches easier. Utilize classified and unclassified networks and information portals to create support and information distribution plans for mission activities. Review and provide recommendations for establishing new or revised policies, procedures, objectives, and organization design for the staff, as necessary. Coordinate with local/base SMEs to resolve events and/or incidents & brief supporting recommendations and Courses of Actions. Define and perform vulnerability assessments leveraging threat analysis to scope and prioritize efforts. Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings) Coordinate with enterprise-wide cyber defense staff to validate network alerts. Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment. Perform cyber defense trend analysis and reporting. Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack. Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Qualifications Active Top-Secret clearance with SCI eligibility. Bachelor's degree in Computer Science, Information System Engineering, Business, or related technical discipline in cybersecurity or information technology. IAT Level II Certification (ex: CompTIA Security+) in accordance with (IAW) DOD 8140 and AFMAN 17-1303. Five (5) years of experience required: Functional Mission Analysis in Cyberspace processes and associated mapping and defense of Mission-Relevant Terrain in Cyberspace. Information Technology (IT) cybersecurity principles, concepts, and methods to investigate, analyze, and respond to cyber incidents within a computer network environment or enclave IT security principles, policies, products and services to assess risk factors and advise on vulnerability to attack from a variety of sources (e.g., destructive programs/applications/ viruses, unauthorized access, disruption of services, espionage) and procedures and methods for protection of systems and applications Commonly applied telecommunications principles, concepts, and methodologies, operating characteristics and capabilities of systems, media, equipment, and related software systems, processes, and procedures to assess the efficiency of operations and make recommendations involving equipment and system integrity. Conditions of Employment: Attend the Air Force virtual FMA-C course within one month of onboard, or upon first class availability. Attend Mission Assurance Cyber Coordination Element (MACCE) training within three months of onboard, if funding is available. Complete virtual Mission Assurance Decision Support System (MADSS) training within one month of onboard and obtain an account for MADSS. Our Equal Employment Opportunity Policy EEO and Affirmative Action Policy: DecisionPoint Corporation is an Equal Employment Opportunity and Affirmative Action employer. It is the policy of DecisionPoint Corporation to provide equal employment opportunity in accordance with all applicable Equal Employment Opportunity/Affirmative Action laws, directives and regulations to all employees and qualified applicants without regard to race, ethnicity, color, religion, national origin, sex, age, disability status, pregnancy, sexual orientation, gender identity, genetic information, protected veteran status, or any other protected status under Federal, State or Local laws. Pay Transparency Policy: In accordance with Presidential Executive Order 13665, DecisionPoint Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. Authorization to Share Resume and Personal Information: By expressing your interest and submitting your resume for this position, you authorize DecisionPoint Corporation to share your resume, as well as personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should DecisionPoint Corporation. or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.

Trustmark's mission is to improve wellbeing - for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture of diversity and inclusion where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. At Trustmark, we have a commitment to welcoming people, no matter their background, identity or experience, to a workplace where they feel safe being their whole, authentic selves. A workplace made up of diverse, empowered individuals that allows ideas to thrive and enables us to bring the best to our colleagues, clients and communities. We are seeking a highly skilled Cyber Security Engineer to join our team and play a pivotal role in safeguarding our organization's digital assets. The ideal candidate will possess a deep understanding of cybersecurity principles, a strong technical background, and a passion for protecting sensitive information. You will be responsible for engineering, implementing and monitoring security measures for the protection of Trustmark's computer systems, networks and information. The role helps identify and define system security requirements as well as develop detailed cyber security designs. **Responsibilities:** + Design, implement, and maintain security architectures, systems, and solutions to protect critical infrastructure and data. + Conduct vulnerability assessments and penetration testing to identify and mitigate risks. + Develop and implement security policies, standards, and procedures. + Monitor security systems and respond to incidents promptly and effectively. + Stay up-to-date with the latest cybersecurity threats and trends. + Collaborate with cross-functional teams to ensure security is integrated into all aspects of the business. + Provide technical guidance and support to internal stakeholders. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, or a related field or + 3-5 Years of network engineering or cyber engineering experience + Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001). + Proficiency in network security, systems security, application security, and data security. + Hands-on experience with security tools and technologies (e.g., firewalls, intrusion detection systems, encryption, SIEM). + Excellent problem-solving and analytical skills. + Strong communication and interpersonal skills. + Ability to work independently and as part of a team. **Preferred Qualifications:** + Certifications such as CISSP, CISA, or CEH. + Experience with cloud security (e.g., AWS, Azure, GCP). + Knowledge of scripting and programming languages (e.g., Python, PowerShell). Brand: Trustmark Come join a team at Trustmark that will not only utilize your current skills but will enhance them as well. Trustmark benefits include health/dental/vision, life insurance, FSA and HSA, 401(k) plan, Employee Assistant Program, Back-up Care for Children, Adults and Elders and many health and wellness initiatives. We also offer a Wellness program that enables employees to participate in health initiatives to reduce their insurance premiums. **For the fourth consecutive year we were selected as a Top Workplace by the Chicago Tribune.** The award is based exclusively on Trustmark associate responses to an anonymous survey. The survey measured 15 key drivers of engaged cultures that are critical to the success of an organization. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, sexual identity, age, veteran or disability. Join a passionate and purpose-driven team of colleagues who contribute to Trustmark's mission of helping people increase wellbeing through better health and greater financial security. At Trustmark, you'll work collaboratively to transform lives and help people, communities and businesses thrive. Flourish in a culture where appreciation, mutual respect and trust are constants, not just for our customers but for ourselves. Introduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match. When you join Trustmark, you become part of an organization that makes a positive difference in people's lives. You will play a vital role in delivering on our mission of helping people increase wellbeing through better health and greater financial security. Our customers tell us they simply appreciate the personal attention and knowledgeable service. Others tell us we've changed their lives. At Trustmark, you'll be part of a close-knit team. You'll enjoy abundant opportunities to grow your career. That's why so many of our associates stay at Trustmark and thrive. Trustmark benefits from more than 100 years of experience but pairs that rich history with a palpable sense of optimism, growth and excitement for what's ahead - and beyond. This is a place where associates bring their whole selves to work each day. A place where you can be yourself. Whatever your beyond is, you can achieve it at Trustmark.

Meta Security is looking for an Incident Response Engineer with experience coordinating, investigating and responding to internal and external threats. You will help the team establish, lead and execute multi-year roadmaps to mature investigative and response services, drawing upon automation and cross functional partnerships to create scalable and maintain high standards of operational competence. **Required Skills:** Security Engineer, Incident Response Responsibilities: 1. Conduct security investigations and lead security incident response in a cross-functional environment and drive incident resolution 2. Develop Incident Response initiatives that improve our functionalities to effectively respond and remediate security incidents 3. Refine operational metrics, key performance indicators, and service level objectives to measure Security Operations and Incident Response services 4. Influence and align the team's mission and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 5. Build, cultivate, and maintain successful relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work 6. Partner with cross-functional teams to solve challenges related to a broad spectrum of detection and response initiatives 7. Collaborate with software and production engineering teams to develop scalable and adaptable Incident Response and Investigative solutions 8. Focus on identifying areas of greatest impact for prioritizing, automating and scaling every aspect of our detection and response functionalities 9. Coach, mentor, support and care for the team in a way that enables long-term career development, happiness and success at scale **Minimum Qualifications:** Minimum Qualifications: 10. Bachelor of Science or Master of Science in Computer Science or related field, or equivalent experience 11. 8+ years of work experience in Security Incident Response and Detection and Response Engineering in a large, regulated organization 12. In-depth subject-matter knowledge in technical and process regarding Security Operations and Incident Response services 13. Experience developing and delivering information on incident and program status for leadership 14. Experience leading and managing complex cross-functional programs 15. Experience responding to both external and insider threats 16. Experience analyzing network and host-based security events 17. Knowledge of networking technologies, specifically Transmission Control Protocol (TCP)/Internet Protocol (IP) and the related protocols 18. Knowledge of operating systems, file systems, and memory structures on Windows, mac OS and Linux 19. Coding/scripting experience in one or more general purpose languages 20. Experience with attacker tactics, techniques, and procedures **Preferred Qualifications:** Preferred Qualifications: 21. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigate suspicious behavior across networks and systems 22. Experience recruiting, building, and leading technical teams, including performance management 23. Background in malware analysis, digital forensics, intrusion detection, and/or threat intelligence 24. Broad knowledge across the Security domain, as well as demonstrated experience in one (or more) areas such as Logs and events processing, Incident Management, Digital Forensics, Detection and/or response tool development **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

We offer unique opportunities for smart, hands-on security engineers with the expertise and passion to solve difficult architecture, engineering, and process problems. Our customers run their businesses on our cloud, and our mission is to provide them with the most secure cloud services. Our ideal candidate is a security engineer with expertise and passion in finding and improving areas of weakness, while developing new standards in the security and safe operation of distributed systems, multi-tenant services and large-scale infrastructures. If this is you, joining Oracle Cloud Infrastructure (OCI) will enable you to design and build innovative new security models & systems from the ground up. These are exciting times in our space - we are growing fast and working on ambitious new initiatives. A security-focused engineer at any level can make significant technical and business impact You can learn more about us by visiting ********************************************* . Career Level - IC4 **Responsibilities** Responsibilities: + Prototype, design, and implement security solutions for new and challenging problems + Drive and champion security tool development (e.g. scanning tools) + Consult software development teams in design and architecture of safe and secure systems through Threat Modeling and modeling exercises + Champion and consult on secure development lifecycle practices + Design and integrate verification and posture reporting mechanisms + Define security configuration and implementation best practices Qualifications: + Bachelor's or Master's degree in Computer Science or related field + 5+ years of experience in security engineering or related field or equivalent experience + Experience building automated security solutions + Strong security experience, particularly with focus in one of the following areas: + Defensive Security + Offensive Security + Service architecture and Design Patterns + Strong collaboration and communication skills Preferred Skills + Experience scaling operational activities via Python, Bash, and other tools + DevOps or SRE experience operating large, distributed, continuously deployed services + Experience operating large, distributed, continuously deployed services + Expertise in designing databases schemas in (NoSQL / SQL). + Knowledge on bridging security engineering requirements into the software development life cycle. + Security training and mentoring experience + Experience with statistical/mathematical predictive modeling + Experience with machine learning / artificial intelligence + Experience designing resilient systems that support quick recovery + Experience with container orchestration and management + History of collaborating and integrating processes with software development teams, data scientists, business and other technical roles + Experience with Java or Python development Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $109,200 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. We are seeking a skilled and motivated Microsoft Purview and Defender for Office Operations Engineer to join our cybersecurity team. The ideal candidate will be responsible for the administration, management, and optimization of Microsoft Purview and Microsoft Defender for Office platforms. This role requires a strong understanding of data governance, compliance, and security best practices, along with the ability to work collaboratively with cross-functional teams to enhance our information protection posture. **Key Responsibilities:** 1. **Platform Administration:** 1. Administer and support Microsoft Purview and Microsoft Defender for Office, ensuring optimal performance and availability of the platforms. 2. Configure and manage security settings, policies, and compliance features within Microsoft Purview and Defender for Office. 2. **Data Governance and Compliance:** 1. Implement and maintain data governance policies and procedures to ensure compliance with regulatory requirements and organizational standards. 2. Monitor and report on compliance metrics, data classification, and data loss prevention (DLP) policies. 3. **User Support:** 1. Provide technical support to end-users regarding Microsoft Purview and Defender for Office tools and best practices. 4. **Collaboration and Communication:** 1. Work closely with IT, security, and compliance teams to integrate Microsoft Purview and Defender for Office with existing systems and workflows. 2. Communicate effectively with stakeholders to report on security incidents, compliance metrics, and recommendations for improvement. 5. **Continuous Improvement:** 1. Stay updated on the latest features, updates, and best practices related to Microsoft Purview and Defender for Office. 2. Identify opportunities for process improvements and automation within the operations of Microsoft Purview and Defender for Office. 3. Automate activities through scripting (PowerShell, Python) and automation (Tines, PowerAutomate, etc.) 6. **Documentation and Reporting:** 1. Maintain accurate documentation of configurations, processes, and procedures related to Microsoft Purview and Defender for Office operations. 2. Generate reports on platform performance, security incidents, and compliance metrics for management review. **Qualifications:** + Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. + Proven experience in managing and supporting Microsoft Purview and Microsoft Defender for Office. + Strong understanding of data governance, compliance frameworks, and information security best practices. + Excellent problem-solving skills and attention to detail. + Strong communication and interpersonal skills. + Scripting experience, including PowerShell, Python, etc. + Ticket and change management experience in ServiceNow + Relevant certifications (e.g., Microsoft Certified: Security, Compliance, and Identity Fundamentals, Microsoft Certified: Azure Security Engineer Associate) are a plus. **Preferred Skills:** + Experience with data loss prevention (DLP) technologies and strategies. + Familiarity with compliance regulations (e.g., GDPR, HIPAA) and data protection laws. + Knowledge of cloud security concepts and technologies. **Work Environment:** This position may require occasional after-hours support and on-call availability. The Microsoft Purview and Defender for Office Operations Engineer will work in a collaborative team environment, contributing to the overall security and compliance posture of the organization. **What we offer you** At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more . + We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $77,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. + Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. + Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being. **Are you ready to shape your future with confidence? Apply today.** EY accepts applications for this position on an on-going basis. For those living in California, please click here for additional information. EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. **EY | Building a better working world** EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ************************** .

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** Federal SOC Information Security Engineers will provide monitoring, triage, and escalation support for internal Federal SOC and External Customer operations. The SOC Information Security Engineers will work shifts to provide 24x7x365 coverage. SOC Information Security Engineers will work in tandem with other Information Security Engineers in the Global SOC and Federal NOC Organizations. **The Main Responsibilities** -Review SOC Shift end Summary and SOC activity logs, emails, tickets, cases and other monitoring tools for complete understanding of previous shift activities and incidents with the goal of maintaining the highest level of customer service by keeping track of the critical customer impacting issue. -Provide monitoring and responding to alerts and events within SLAs. Services and systems include but not limited to Splunk (internal/external SIEM), Firewalls alerts (MTIPS and MSS), TrendMicro Anti Virus, Tripwire File Integrity Checks, IDS/IPS for customers. -Monitor multiple ticketing systems and queues. Ensure tickets are created and notated within SLAs -Login to phone call queues to answer both internal and external calls -Work closely with FedNOC, the Federal SOC Tier II and Ops Eng teams -Escalate issues to Vendors, SOC Tier II and Ops Engineers as soon as there is a need -Adhere to all defined processes and procedures. -Provide process and operational improvement suggestions. -Performs a long-term project leadership role working towards the development of new solutions, processes, tools, systems that have company-wide and possibly industry-wide impacts. -Frequent contact with senior leadership of customers and contractors for the purpose of creating and presenting innovative long-term solutions and managing key relationships. Acts as a resource within the engineering and scientific communities to develop solutions or handle the most complex tasks for which existing methods and procedures may not apply. -Provides consultation and advice to Federal customers, engineers and management regarding work functions, processes, methods, procedures, and tools. Develops and delivers technical and process training, including, documentation in areas of expertise and innovative areas of technology. **What We Look For in a Candidate** -Tripwire, TrendMicro, Web Inspect, Tennable Nessus and Qualys vulnerability scanners, Splunk, Secure Log Management, Firewalls, Intrusion Detection. -Ability to diagnose Trip Wire Events, Trend Micro Events, System Events, Network Events from 4 Supported Environments with dissimilar architecture. -MFA provisioning, repair, revocation, re-provisioning, reporting, and troubleshooting experience. -Diagnose and identify reports and alerts within Splunk. -Isolate BGP alerts and notify customer and other operational teams of an event. -Perform Analytics on events from customer networks per CDM Framework. -Experience working out of a ticket queue and receiving inbound customer calls. -Experience managing Fortigates and Palo Alto Firewalls. -Equivalent educational experience. Above all, a motivated and trainable individual. Clearance: Government Suitability Clearance required. Certifications (preferred but not required): CEH, GIAC Certified Incident Handler (GCIH), CCNA, NSE4. Education: BS Computer Science or related areas with experience. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $66,375 - $88,500 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $69,694 - $92,925 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $73,013 - $97,350 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure **What to Expect Next** Requisition #: 337163 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 07/25/2025

We are seeking a full-time Cloud Cyber Security Engineer in our Olathe, KS location. In this role, you will be responsible for ensuring adherence to Garmin's cloud information security strategy, programs, and best practices. The selected individual will take an active role in the design and implementation of technical cloud security controls (CNAPP, CSPM, CWPP), threat management, vulnerability management, cloud platform protection controls, and logging. Cloud Security Engineer 2 is considered an expert in cloud security. They must respond promptly and effectively to possible breaches of security in the Garmin cloud ecosystem. Essential Functions * Serve as a technical resource in cloud services running on Azure and/or AWS * Provide security-focused technical guidance to engineers running services in the public cloud * Partner with the business to ensure services deployed in the cloud are secure, available, and meet Garmin and regulatory requirements for security * Provide expertise in operating and utilizing advanced cloud security tools, including cloud native application protection platform (CNAPP) tooling, to identify, analyze, and prevent public cloud exploits * Provide technical guidance in automating manual tasks with at least one scripting language Python, PowerShell, or BASH * Provide technical guidance in utilizing IAC templates such as JSON, ARM, Bicep, Cloud Formation * Perform in-depth security assessment testing for Garmin's cloud platforms, cloud compute, repositories, and containers on a global scale * Perform regular security audits from both a hands-on and theoretical standpoint. * Provide technical guidance on modern security, infrastructure, software development, and application technologies * Support security capabilities for microservice and cloud-native applications in a CI/CD automated, multi-tenant application environment * Automate deployments through CI/CD tools such as GitHub Actions and Jenkins * Utilize and secure code and image repositories such as GitHub, Bitbucket, Harbor, Docker Hub, ACR, and ECR. * Operate and secure enterprise level container-based systems in public and private cloud environments (EKS, AKS, OpenStack, Docker, CRI-O, Kubernetes, etc.) * Deploy, manage, and secure public cloud infrastructure such as network, storage, databases, compute, and application load balancing * Provide technical knowledge, training, and mentoring to junior members to improve the overall capabilities of the team * Provide technical guidance on special projects concerning cloud information security, including identifying new solutions, testing, and implementation of security capabilities * Utilize program and project management best practices to drive large-scale projects to completion * Identify associate development and training needs to raise the skill level of cyber security associates * Participate in the evaluation, cost analysis, and vendor comparisons for new and existing security tooling * Communicate effectively regarding system operations and environment changes * Participate and adhere to SOX, PCI, and other regulatory requirements as dictated * Ensure that all security requirements are met or exceeded * Provide technical guidance and contributions in defining team roadmap and priorities * Develop reliable solutions to complex problems which require the regular use of ingenuity and creativity * Develop a broad understanding of Garmin's business model, including Engineering, Operations, Finance, Sales and Marketing * Research new technologies and propose cost effective solutions Basic Qualifications * Bachelor's Degree in Computer Science, Information Technology, Management Information Systems, Business or related field AND a minimum of 2 years relevant experience OR an equivalent combination of education and experience * Demonstrated experience with public cloud services, with a focus on security * Demonstrated experience with container-based platforms and related services * Demonstrated experience with developer tooling such as code repositories and CI/CD platforms * Demonstrated strong and effective verbal, written, and interpersonal communication skills in a small team setting * Must be team-oriented, possess a positive attitude and work well with others * Driven problem solver with proven success in solving difficult problems * Excellent time management and follow-up skills * Consistently demonstrates quality and effectiveness in work documentation and organization Desired Qualifications * In-depth working knowledge of cloud environments and security principles * Certifications in public cloud technologies (Azure Solutions Architect Expert, AWS Solutions Architect Associate, etc.) * Certifications in cybersecurity (CISSP, CCSP, etc.) Garmin International is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, veteran's status, age or disability. This position is eligible for Garmin's benefit program. Details can be found here: Garmin Benefits

Mainframe Security EngineerRemote - United StatesJR011549 **About the role and what you'll be doing:** **This is a Mainframe Security Administration position, working on IBM z/OS operating systems. Experience using TSO, JCL, ISPF, JES2, and IBM Utilities will be required.** **A passing of a Federal Background Check is required for this position.** + Hands-on security administration experience with RACF, ACF2 and Top-Secret logon ID's, datasets, and resource rules. + Top Secret security administration experience required for this position, ACF2 and RACF experience desired. + Provision user access in response to tickets opened in Service Now within defined SLAs. + Monitor system security policy and violations/incidents. + Perform and review daily, weekly, and monthly audit reports. + Liaison with business areas and other technical support areas. + Provide customer support by preparing ad hoc reports and giving presentations. + Monitors the environment for adherence to security standards. + Must be available 24 x 7. On-call support will be required. + Experience using Vanguard and/or IBM zSecure security products. + iSeries security knowledge a plus. **Technical Skills:** + Excellent TSO, JCL, IBM UTILITIES, JES2, and ISPF a must. + Experience with REXX or any programming language is desired. + Experience with CICS security administration preferred. + Experience using Vanguard and/or IBM zSecure security products is desired. + Experience with IAM, MFA and PAM is desired. **General Knowledge:** + z/OS experience is highly desired + PC Skills (Microsoft Outlook, Word, Excel, PowerPoint) **Personal Skills:** + Strong written and verbal communication skills. + Strong organisational skills with the ability to manage multiple concurrent project deliverables and the ability to work as a global team. + Ability to work on own initiatives. + Strong analytical skills and problem-solving skills + Must be an excellent team player with the ability to work independently in a fast-paced environment + Self-starter, detail-oriented and ability to multitask + Excellent Communication skills required + Good written skills are required **Education:** + CISSP, CISA, CISM or ITIL Certification a plus + Bachelor's or master's degree preferred + Other mainframe security products a plus **Why Ensono?** Ensono is a place to make better happen - for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices. Some of our benefits include: + Unlimited Paid Days Off + Three health plan options through Blue Cross Blue Shield + 401k with company match + Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts + Paid Maternity Leave, Paternity Leave, and Sabbatical Leave + Education Reimbursement, Student Loan Assistance or 529 College Funding + Enhanced fertility coverage + Wellness program + Depending on location, ability to take Flexible work schedule + Advantage of fitness centers As of the date of this posting, a good faith estimate of the current pay scale for this role is $75,000 to $123,000 annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program. Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP's pay transparency policy can be found on OFCCP's website (*********************************************************************************************** . If you need accommodation at any point during the application or interview process, please let your recruiter know or email ****************************** . JR011549

The Meta Security team is responsible for improving the security posture of the software and services used throughout our company. Our work spans Facebook, Instagram, WhatsApp, Oculus, and all of the underlying systems and infrastructure that power these products behind the scenes.We are seeking a committed and experienced security engineer to join our Security Risk Management (SRM) team to help design and build solutions to:* Drive better understanding of security risk and enable investment decisions through automation, monitoring, and tracking of Meta's security tools, systems, and controls* Enable security and software engineers to seamlessly respond to requests to prove effective design and operation of security capabilities* Increase maturity of security capabilities through control improvements and redesign **Required Skills:** Security Engineer - Security Risk Management Responsibilities: 1. Work with a team of software, data, and security engineers that design, build, and own software solutions that scale high fidelity security risk contextualization, tracking, and reporting 2. Understand and influence evolution of security capabilities across various domains to scale and automate: a) monitoring the effectiveness, and b) increasing the maturity of those capabilities 3. Design and build solutions to scale managing and responding to risk management & compliance related requests **Minimum Qualifications:** Minimum Qualifications: 4. Bachelor's degree or equivalent experience in information security 5. 5+ years work experience securing enterprise-scale infrastructure software and services 6. 3-5+ years programming experience with at least one of the following languages: Python, PHP, Ruby, or similar scripting languages 7. Experience remediating infrastructure security gaps across broad corporate boundaries using influence and relationships 8. Experience with security control automation/monitoring or "compliance as code" implementations 9. Experience thinking critically and defending solutions with solid communications skills in a cross-functional setting to influence decision makers across all levels of technical background **Preferred Qualifications:** Preferred Qualifications: 10. Networking and system administration experience of server (Linux, Windows) and client (Windows, mac OS, Linux) operating systems 11. Experience influencing software engineers to build products meant to scale security solutions 12. Experience generating automated metrics to measure service and program effectiveness and consistency 13. Experience with common risk & compliance program activities (e.g., controls, risk, policy management) **Public Compensation:** $147,000/year to $208,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

At Oracle Cloud Infrastructure (OCI) we build the future of the cloud for Enterprises. We act with the speed and attitude of a start-up along with the scale and customer focus of the leading enterprise software company in the world. **About the team:** The Enterprise Engineering SRE team is tasked with ensuring the security and compliance of internal systems by conducting regular audits, identifying potential gaps in existing standards and proactively improving the organization's overall security posture. The team plays a critical role in safeguarding the integrity, confidentiality and availability of all systems while driving risk management initiatives across departments including disaster recovery planning and execution. We are also responsible for liaising with various internal teams during audits, ensuring data sharing is concise, accurate and aligned for successful audit outcomes. **Ideally, the candidate will possess several of the following skills:** Supports the strengthening of Oracle's security posture, focusing on one or more of the following: regulatory compliance; risk management; incident management and response; security policy development and enforcement; Threat and Vulnerability Management; Incident Management and response and similar focus areas. + **Regulatory Compliance:** Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, CMMC, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance + **Risk Management:** Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. Conduct and document very complex information security risk assessments and assist in the creation and implementation of security solutions and programs + **Cloud Security:** In-dept knowledge of cloud security principles and best practices, including securing cloud infrastructure, services, and applications in platforms, OCI experience is a plus + **Threat and Vulnerability Management:** Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required + **Incident Management and response:** Brings advanced level skills to respond to security events and responding in line with Oracle incident response playbooks to mitigate vulnerabilities + Mentors and trains other team members + Compiles information and reports for management **Qualifications:** + Bachelor's degree in computer science, Information Security, or a related field. Master's degree preferred + 10+ years of experience in cybersecurity, security architecture, or a related technical security role securing cloud environments and developing automation workflows, incident detection, response, and vulnerability remediation + Industry certifications such as CISSP, OSCP, CISM, GIAC, or OCI/AWS/Azure Security Specialty highly preferred. + Proven experience in security architecture, threat modeling, and risk management at an enterprise level. + Expertise in network security, cloud security (OCI, AWS, Azure, GCP), endpoint security, Operating systems (Linux, Windows), MiddleTier, Database and identity management. + Develop and enforce security policies, governance frameworks, and compliance controls (NIST, ISO 27001, SOC 2, GDPR, HIPAA, etc.). + Hands-on experience with firewalls, SIEM tools, IDS/IPS, EDR solutions, and security automation. + Oversee security incident response, forensic analysis, red/blue teaming experience, containment, and remediation of cyber threats + Strong knowledge of cryptography, secure coding practices, zero-trust architecture, and IAM. + Scripting experience with one or more scripting languages: bash, python, perl, YAML or infrastructure as code tools such as Terraform or Cloudformation. + Familiarly with container orchestration technologies such as Kubernetes, Openshift, EKS, AKS, container image scanning and vulnerability management + Excellent communication skills with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders. Exhibits excellent written and verbal communication skills Career Level - IC4 **Responsibilities** + Develop and manage information security governance, including creating policies, procedures, standards, baselines, and guidelines to ensure the secure operation of information systems. + Collaborate with cross-functional teams to establish and maintain robust security policies and procedures, ensuring alignment with industry best practices + Build application security frameworks review process (e.g., OWASP Top 10) to identify vulnerabilities such as SQL injection, XSS, and insecure APIs. + Designing secure system architectures, both on-premise and in the cloud, with knowledge of zero-trust security models, segmentation, and access control models + Evaluate and implement encryption at rest and in transit to secure sensitive data using encryption algorithms (e.g., AES, RSA), public key infrastructure (PKI), SSL/TLS, secrets in vault and key management practices. + Build security patterns for hosting platforms (compute, OKE, containers, cloud native services), SaaS, and PaaS services, conduct security architecture and design review + Perform code reviews, security testing (e.g., SAST, DAST), and the implementation of secure coding practices within SDLC pipeline, and utilizing CI/CD tools (Jenkins, Git, GitHub Actions, Artifactory, sonarqube), as well as managing secrets, SCA, and open-source tools + Build, develop and monitor systems configuration management automation and infrastructure as code (IaC) strategies to achieve secure by design framework + Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends to IT or executive management. + Proven leadership abilities with experience leading security projects and initiatives independently with Agile or Waterfall methodologies + Architects, designs, implements, maintains and operates information system security controls and countermeasures; supervises and trains operators in the administration of these systems; documents the operation, use, and expected outputs of these systems + Develop and maintain cybersecurity documentation such as the System Security Plan (SSP), Privacy Impact Assessment (PIA), Configuration Management Plan (CMP), Plan of Action and Milestones (POA&M), and Standard Operating Procedures (SOP) as necessary + Write stakeholder reports to explain the assessment, audit results, and recommendations. Create and provide metrics for cybersecurity leadership. Brief executive leadership on compliance matters + Participate in internal and external audit and provide executive leadership with briefings on compliance issues, assessment findings, audit results, and recommended actions. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $109,200 to $223,400 per annum. May be eligible for bonus and equity. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.