Information security analyst jobs in Washington - 328 jobs

A leading financial technology company based in Menlo Park, CA seeks an Offensive Security Engineer to enhance security and build resilience across their products. This role involves mentoring, conducting Red Team exercises, and collaborating on security findings with various teams. Ideal candidates have 5+ years of experience and strong communication skills. Attractive compensation includes health insurance and support for personal wellness. Join us to help democratize finance for all. #J-18808-Ljbffr

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Cybersecurity, Event Security, Security Audit, Splunk (Inactive) Certifications: None Experience: 8 + years of related experience US Citizenship Required: Yes Job Description: Cyber Security Analyst - Full time position, but must include working one weekend day (Sunday) Own your career as a Cyber Security Analyst at GDIT. Here, you'll have the opportunity to build strong lines of cyber defense using cutting-edge technologies. Your work in cyber security at GDIT will have an impact on securing our clients' missions and ensuring we anticipate the threats of tomorrow. At GDIT, people are our differentiator. As a Cyber Security Analyst you will help ensure today is safe and tomorrow is smarter. Our work depends on a Cyber Security Analyst joining our team of analysts, stationed in diverse CONUS and OCONUS locations tasked with monitoring and protecting the classified and unclassified systems of a major Intelligence Community Agency for fraud, waste, and abuse, to include inappropriate content, illegal activity, Identity leakage, and Insider threat activity. HOW A CYBER SECURITY ANALYST WILL MAKE AN IMPACT Gather and handle forensic evidence in accordance with Rules of Evidence and perform forensic analysis of digital information. Monitor, detect and report indicators of misuse, abuse, data spillage, insider threat, and security violations. Identify acceptable use policy infractions. Review event logs to determine events of interest. Monitor for fraud, waste and abuse, including content inappropriate to the workplace, Illegal Activity, Productivity Loss and Non-Compliant Activity, as well as Identity Leakage (PII). Prepare case evidence and incident reports. Work on special projects as assigned. WHAT YOU'LL NEED TO SUCCEED: Bachelor's Degree and 8+ years of relevant experience, equivalent combinations of education, certifications, and experience will be considered. DoD Approved Baseline 8570 IAT level III (CASP, CISSP, CISA, etc.) certification is required prior to start date. DoD Approved Baseline 8570 CSSP Auditor (CEH, CySA, CISA, etc.) certification is required prior to start date. Security Clearance Level: TS/SCI clearance and ability to obtain and maintain a Polygraph Preferred Skills: Splunk, Microsoft O365, Fidelis, Solera, Windows, and Linux Operating Systems Saturday and Sunday weekend Day Shift work required. Willing to work holidays supporting your assigned shift. Location: 100% On Customer Site Bolling AFB, Washington D.C. Reston, VA Colorado Springs, CO Riverdale, MD Pearl Harbor, HI Tampa is available for part time weekend only support GDIT IS YOUR PLACE: 401K with company match Comprehensive health and wellness packages Internal mobility team dedicated to helping you own your career Professional growth opportunities including paid education and certifications Cutting-edge technology you can learn from Rest and recharge with paid vacation and holidays The likely hourly rate for this position is between $61.30 - $82.94. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Onsite Work Location: USA DC Washington Additional Work Locations: USA CO Colorado Springs, USA FL MacDill AFB, USA HI Pearl Harbor, USA MD Riverdale, USA VA Reston Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

At SERVISS, we deliver cutting-edge cybersecurity and IT solutions to government and commercial clients, with a mission to secure systems, data, and critical infrastructure through innovation and expertise. As we expand our capabilities, we're seeking a highly skilled and talented Information Assurance Professional. Position Summary We are seeking a dynamic and versatile Information Assurance Professional to support a high-impact U.S. Government program. The ideal candidate brings a rare balance of hands-on technical acumen and governance expertise-able to move seamlessly between engineering, architecture, and GRC functions. This role is pivotal in ensuring that systems are not only compliant but also resilient, secure, and aligned with federal risk management frameworks. Key Responsibilities · Serve as a trusted IA advisor, bridging technical engineering efforts with cybersecurity policy, governance, and risk management. · Collaborate with system architects and engineers to design secure solutions that meet compliance and mission requirements. · Support the development, review, and maintenance of key authorization documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms). · Guide system owners and developers through the Risk Management Framework (RMF) process and associated controls (e.g., NIST 800-53, 800-171, CMMC, FedRAMP). · Translate complex technical risks and mitigation strategies into actionable GRC documentation and executive communications. · Conduct system security assessments, gap analyses, and continuous monitoring activities. · Coordinate with cybersecurity operations, incident response, and engineering teams to align IA strategy with operational realities. · Recommend and help implement security architecture improvements based on evolving threat and compliance landscapes. · Track and report on IA posture, risk status, and compliance progress across multiple systems or program areas. Required Qualifications · 10+ years of experience in information assurance, cybersecurity engineering, or GRC. · In-depth knowledge of federal compliance frameworks (e.g., NIST, FISMA, FedRAMP). · Strong technical foundation with the ability to understand complex systems, architectures, and security configurations. · Excellent verbal and written communication skills, including experience preparing formal security documentation and reports. · Demonstrated ability to work cross-functionally with engineering, architecture, operations, and policy teams. · Bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related field; or Associate's degree with 2+ years of additional relevant experience. Preferred Qualifications · Prior experience supporting U.S. federal agencies or DoD environments. · Professional certifications such as CISSP, CISM, CAP, CCSP, or Security+. · Experience with security automation tools and continuous compliance approaches. · Understanding of Zero Trust principles, DevSecOps environments, and modern system architecture. Why Join SERVISS Our goal as an employer is simple yet profound: to create an environment where you can be your best self, pursue your passions, and enjoy the freedom to thrive both personally and professionally. Your success is our success, and we're committed to supporting you every step of the way. Freedom to Thrive. · Be part of an exciting company with ground floor opportunities to include equity · Highly competitive compensation and best in class benefits · Opportunities for annual performance bonuses, growth incentives, and profit-sharing · 100% of medical, vision, dental, and life insurance premiums covered by SERVISS · 401(k) retirement plan with company match for the first 6% Note: This position is contingent upon contract renewal and funding from the sponsoring federal agency, anticipated end of May 2025.

Imagine what you could do here. At Apple, new ideas have a way of becoming extraordinary products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. We're a diverse collection of problem solvers and doers, continually reimagining our products, systems, and practices to help people do what they love in new ways. This is a deeply reciprocal place, where everything we build is the result of people in different roles and teams working together to make each other's ideas stronger. That same real passion for innovation that goes into our products also applies to our practices, strengthening our dedication to leave the world better than we found it! We are seeking a leader for our Security Services team. This role requires a strategic, results-driven leader to advance our security services portfolio while ensuring delivery excellence, operational efficiency, and exceptional customer outcomes. In this role, you will drive the evolution, optimization, and continuous improvement of security offerings, aligning capabilities with business objectives and emerging security needs. The ideal candidate brings a strong blend of security or technical expertise, proven people leadership, and a customer-centric mindset. We are seeking a strategic and results-oriented leader in Service Delivery to drive and advance our security service portfolio, ensuring consistent delivery excellence, operational efficiency, and customer satisfaction. This role will drive the evolution, optimization, and continuous improvement of our security service offerings, aligning capabilities with business objectives and emerging security needs. The ideal candidate will possess a strong blend of technical or security expertise, leadership skills, and a customer-centric approach. The Manager, Security Services will be responsible for influencing and driving transformational change to across the organization. This is an opportunity to play a key role in shaping the future of our security service offerings. You must be passionate about service excellence and continuous improvement. Experience in leading an MSP (managed service provider) or MSSP (managed security service provider) organization Expert knowledge of service management frameworks (e.g. ITIL) and security best practices. CISSP and related security certifications is a plus Demonstrated ability to manage, lead, and inspire teams while driving transformational organizational change Expertise with service delivery management; overseeing the end-to-end delivery of managed services Experience leading teams in a matrixed environment including working with security engineering, engineering managers, software developers, and other cross-functional teams Strong problem solving skills; with the ability to lead through ambiguity to deliver incremental value to our customers Exceptional communication and presentation skills

Job Description We is seeking a talented Cyber Security Analyst. As a Cyber Security Analyst, you will play a key role in ensuring the security and integrity of our organization's data and systems. Requirements Responsibilities: Monitor, detect, and respond to cyber threats and security incidents, Conduct vulnerability assessments and penetration testing to identify potential weaknesses in our systems, Develop and implement security measures and best practices to protect against cyber attacks, Stay up-to-date with the latest cyber security trends and technologies, Collaborate with cross-functional teams to identify security risks and implement appropriate solutions, Provide training and guidance to employees on cyber security awareness and best practices. Requirements: Bachelor's degree in Computer Science, Information Security, or a related field, Proven experience in cyber security or a related role, Strong knowledge of security protocols and tools, Ability to analyze and interpret complex data and make informed decisions, Excellent problem-solving and communication skills, Relevant certifications (e.g. CISSP, CISM) are preferred but not required. Benefits About Us Zone IT Solutions is an Australia-based Recruitment Company. We specialise in Digital, ERP and larger IT Services. We offer flexible, efficient and collaborative solutions to any organisation that requires IT, experts. Our agile, agnostic and flexible solutions will help you source the IT Expertise you need. If you are looking for new opportunities, your profile at *******************************. Also, follow our LinkedIn page for new job opportunities and more. Zone IT Solutions is an equal-opportunity employer, and our recruitment process focuses on essential skills and abilities.

Job Title: “Information Security Specialist” (Cyber security analysis) Duration: 9+ Months (with high possibility of extending into full time) Job Description: This position is in Corporate Information Security and under the direction of the Manager, Third-Party Cybersecurity Assessments. The Cybersecurity Assessment Analyst will perform cybersecurity assessments on new and existing third parties. The Analyst will construct detailed and summary reports of assessments, including customized reports, as needed. The Analyst will work with Subject Matter Experts (SME) to develop and apply risk assessment criteria (aligned with Policy) to new and existing suppliers using internal and external business intelligence. The Analyst will work with Third-Party Risk Management, Privacy and Legal Counsel, Procurement and Contract Managers, Compliance, and Business Owners to develop and maintain an internal service model that informs the business of key risks in a timely manner to limit unnecessary impediments and avoid bureaucracy. Specific responsibilities: - Coordinate the development of information security policies, standards and procedures. Work with key IT offices, data custodians and governance groups in the development of such policies. Ensure that company policies support compliance with external requirements. Oversee the dissemination of policies, standards and procedures to the user community - Coordinate the development and delivery of an education and training program on information security and privacy matters for employees, other authorized users, and vendors - Serve as the company compliance officer with respect to state and federal information security policies and regulations. Work with the -designated internal audit, SOX compliance, legal, and HR on compliance issues as necessary. Prepare and submit and submit required reports to external agencies. - Develop and implement an Incident Reporting and Response System to address security incidents (breaches), respond to alleged policy violations, or complaints from external parties. - Serve as the official company contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities. - Develop and implement an ongoing risk assessment program targeting information security and privacy matters; recommend methods for vulnerability detection and remediation, and oversee vulnerability testing. Required Qualifications: Talent management, results focus and inspirational leadership. Essential Functions • Conduct third-party cybersecurity risk assessments, applying established criteria • Support assessment team with quality assurance reviews over work product and reporting • Collaborate with internal partners and third parties to mitigate and otherwise resolve third-party cyber risks • Consistently deliver on commitments, deadlines and objectives while remaining in scope and leveraging appropriate tools, methods, frameworks, and professional standards • Demonstrate consistent credibility with business partners and leadership while recommending initiatives, identifying gaps, and potential issues • Continuously demonstrate the ability to work independently while representing the services of the department with the highest level of professionalism • Demonstrate the ability to appropriately influence business decisions, and the professional judgment for selecting the appropriate methods and techniques to do so Preferred Qualifications: • Solid background both educationally and via professional experience. No less than 3 years' professional experience in business operations, project/program management, finance, risk management, information security, business analytics or similar. • Experience in large companies and/or complex environments, or providing professional consulting services for them. • Demonstrated abilities in problem-solving and analysis: identifies issues, analyses information to assess root cause and relationships, risks, and potential risk responses. Proven ability to synthesize and summarize complex data into concise recommendations and reports. • Demonstrated strong business writing and professional oral communication skills. • Proven ability to balance multiple priorities, adapt to a constantly changing business environment, work independently, drive projects to completion, and meet deadlines in a fast-paced environment-with only periodic supervision. • Ability to work collaboratively and manage and initiate effective cross-functional relationships. • Strong computer skills, including MS Office products (e.g. Word, Excel, PowerPoint, Visio) and other business software to prepare reports, memos, summaries, and analyses. Desired • Analytical - Synthesizes complex or diverse information; Collects and researches data; employs intuition and experience to complement data; Designs work flows and procedures. • Quality Management - Looks for ways to improve and promote quality; Demonstrates accuracy and thoroughness. Applies feedback to improve performance; Monitors own work to ensure quality • Planning/Organizing - Prioritizes and plans work activities to achieve success; Sets and achieves goals and objectives; Develops realistic action plans • Professionalism - Reacts well under pressure; Keeps commitments; Accepts responsibility for own actions. • Career Growth: Focus on cyber security auditing with potential advancement goals in engineering or threat analysis roles • Self-directed team player with Agile environment experience Education Minimum Required • Bachelor's Degree • Equivalent experience is acceptable. License or Certification Desired: (one of the following): CISA (Certified Information Systems Auditor) GSEC (GIAC Security Essentials Certification) CompTIA - Security+ ECSA - EC-Council Certified Security Analyst SSCP (Systems Security Certified Practitioner) Other: Six Sigma, PMP or Agile certificates Other comments - suppliers: Organizational skills; office suite knowledge; and good communication skills are “must haves”. Cyber security analysis experience is preferred. Additional Information All your information will be kept confidential according to EEO guidelines.

GW Information Technology (GW IT) provides empowering tools and caring support for all members of The George Washington University (GW) community. We are focused on driving digital transformation and innovation to enable the academic and operational excellence of our students, faculty, staff, and researchers. At GW IT, we are committed to cultivating a team culture that values diversity, inclusion, respect and collaboration, and invests in each of our team members to grow in their technology and career skills. The Senior Cloud Security Analyst is a mid-level position within GW IT's Application Security team that will collaborate on application security risk assessments, threat modeling, vulnerability assessments specific to GW IT's cloud environment. Primary Responsibilities: Experience evaluating security controls and the application of commonly used cyber risk standards and frameworks: e.g., NIST 800-171, NIST -800-53, CIS , OWASP . Familiarity with cloud computing environments (e.g., AWS , Azure) Experience in the secure design of cloud-based solutions to measurable performance and security standards Familiarity with cloud-managed security services such as Amazon Inspector, AWS WAF and Shield, and AWS Directory Service. Ability to translate security risks and misconfigurations into product security rules and controls to map against standards, policies and procedures. Familiarity with AWS and Azure core cloud infrastructure capabilities, features, and services. Review cloud logging reports for events that occur in the cloud environment. Performs other related duties as assigned. The omission of specific duties does not preclude the supervisor from assigning duties that are logically related to the position Minimum Qualifications Qualified candidates will hold a Bachelor's degree in an appropriate area of specialization plus 5 years of relevant professional experience, OR, a Master's degree or higher in a relevant area of study plus 3 years of relevant professional experience, OR a Bachelor's degree in an appropriate area of specialization plus 3 years of relevant professional experience PLUS a relevant IT Security certification. Degree must be conferred by the start date of the position. Degree requirements may be substituted with an equivalent combination of education, training and experience. Preferred Qualifications 4 years of relevant experience with cloud security requirements Experience working within a distributed team via collaborative tools Certifications: 1+ security certification (e.g., CISSP ) Familiarity with Linux and Windows in cloud environments Experience in secure design of cloud-based solutions to measurable performance and security standards Ability to perform forensic file system analyses to identify indicators of compromise system timeline Experience evaluating log data and cloud-hosted virtual machines to detect security incidents and initiate appropriate steps as a first responder Experience assessing cloud-based security controls using security tools and threat modeling Work Schedule Monday - Friday, 8am - 5pm (occasional evenings and weekends)

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance and protect these exciting experiences. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: * Secure the Magic by protecting information systems and platforms. * Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. * Strengthen the business through optimizing execution, application, and technology used to protect the Company. * Innovate by investing in core capabilities to enhance operational efficiency. Team Description: As a member of the Cyber Remediation Operations team, you will work closely with the Disney Entertainment business teams in protecting Disney's highly respected Disney Entertainment portfolio, including ESPN, Disney+, Hulu, and ABC. Responsibilities of Role: * Review reports, assessments, and findings to develop and prioritize appropriate remediation or corrective action plans. * Collaborate with IT, security teams, business partners, and operational teams to drive remediation of security deficiencies. * Regularly communicate portfolio health results to stakeholders, including technical and non-technical audiences. * Develop and document risk mitigation strategies when compliance cannot be achieved. * Analyze business areas and develop improvement plans to strengthen security posture. * Drive improvement to security baselines, policies and standards. * Verify implemented remediation and corrective action activity achieves compliance with TWDC policies and standards. * Stay updated on evolving cybersecurity threats, vulnerabilities, trends, technologies, and best practices and incorporate them into IT and business practices. * Consolidate data from multiple sources into clear, concise, actionable presentations for senior management, communicating data-driven insights. * Support the on-time delivery of security and compliance initiatives. Must Haves: * Minimum of 5+ Years of related cybersecurity experience * Demonstrated experience facilitating cyber remediation and vulnerability management. * Ability to handle confidential information with integrity. * Ability to work well with individuals and teams with varying technical and business backgrounds. * Understanding of security frameworks and standards. * Strong analytical, problem-solving, and critical-thinking skills with attention to detail. * Established problem-solving skills with an ability to develop creative alternatives to complex problems, as well as continuous process improvement skills. * Experience working in a security program for a large and complex organization. Nice to Haves: * Working knowledge of industry compliance programs such as PCI, SOX, etc. * One or more general security certifications including Security+, CySA+, AWS, GSEC, GICSP, CISSP, or other relevant certifications * One or more vulnerability assessment or auditing certification including CISA, CISM, GCCC, GSNA or other relevant certifications Education: * Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience #DISNEYTECH The hiring range for this position in Glendale, CA is $117,500 to $157,500 per year and in Seattle, WA is $123,000 to $165,000 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered. About The Walt Disney Company (Corporate): At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe. About The Walt Disney Company: The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate). Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information or disability, or any other basis prohibited by federal, state or local law. Disney champions a business environment where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a constantly evolving world. Apply Now Apply Later Current Employees Apply via My Disney Career Explore Location

Job Title: Information Systems Security Officer (ISSO) Salary: - $110,000 $120,000 / yr Roles and Responsibilities: Services to support IS Security performed by the Senior Cloud Information System Security Officer (ISSO), at a minimum, shall consist of the following activities: Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS Provide liaison support between the system owner and other IS security personnel Ensure that selected security controls are implemented and operating as intended during all phases of the IS lifecycle Ensure that system security documentation is developed, maintained, reviewed, and updated continuously Conduct required IS vulnerability scans according to risk assessment parameters. Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities Manage the risks to ISs and other agency assets by coordinating appropriate correction or mitigation actions and oversee and track the timely completion of (POAMs) Coordinate system owner concurrence for correction or mitigation actions Monitor security controls for agency ISs to maintain security Authorized To Operate (ATO) Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase Ensure that changes to an agency IS, its environment, and operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM) Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR Provide baseline security controls to the system owner, contingent upon the ISs security categorization, type of information processed, and entity type Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems impact levels and ISs authorization boundary Ensure that new entities are created in the GRC application with the security categorization of agency ISs Initiate, coordinate, and recommend to the agency Authorizing Official all Interconnection Security Agreements (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an agency IS with any non-agency or joint-use IS Perform an independent review of the System Security Plan (SSP) and make approval decisions Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the agency Authorizing Official Schedule security control assessments in coordination with the system owner. Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the agency Authorizing Official for a security ATO decision Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number Advise the agency's authorized official on IS vulnerabilities and residual risks. Ensure that all POA&M actions are completed and tested Coordinate initiation of an event-driven reauthorization with the agency Authorizing Official Ensure the removal and retirement of agency ISs being decommissioned in coordination with the SO, ISSM, ISSE, and ISSR What are the 3-4 non-negotiable requirements of this position? Active U.S. Government (DoD-Issued) Top Secret Security Clearance with SCI and a CI-Polygraph eligibility. At least 5 years serving as an Information Systems Security Officer (ISSO) at a cleared facility DoD Instruction 8570.1 Information Assurance Management (IAM) Level III Certification What are the nice-to-have skills? A bachelors and/or advanced degree in computer science, business management, or IT-related discipline

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Salary range is $104k to $206k with a midpoint of $155k. New hires typically receive between minimum and midpoint, however, we may go slightly higher based on experience, internal equity and market. Sound Transit also offers a competitive benefits package with a wide range of offerings, including: Health Benefits: We offer two choices of medical plans, a dental plan, and a vision plan all at no cost for employee coverage; comprehensive benefits for employees and eligible dependents, including a spouse or domestic partner. Long-Term Disability and Life Insurance. Employee Assistance Program. Retirement Plans: 401a - 10% of employee contribution with a 12% match by Sound Transit; 457b - up to IRS maximum (employee only contribution). Paid Time Off: Employees accrue 25 days of paid time off annually with increases at four, eight and twelve years of service. Employees at the director level and up accrue additional days. We also observe 12 paid holidays and provide up to 2 paid floating holidays and up to 2 paid volunteer days per year. Parental Leave: 12 weeks of parental leave for new parents. Pet Insurance discount. ORCA Card: All full-time employees will receive an ORCA card at no cost. Tuition Reimbursement: Sound Transit will pay up to $5,000 annually for approved tuition expenses. Inclusive Reproductive Health Support Services. Compensation Practices: We offer competitive salaries based on market rates and internal equity. In addition to compensation and benefits, you'll find that we provide work-life balance, opportunities for professional development and recognition from your colleagues. GENERAL PURPOSE: Under general direction, the Information Security Engineering Manager oversees and operates several essential Information Security functions including Security Engineering and information security tool management. The Information Security Engineering Manager's role is to lead and support service owners, system owners, and relevant stakeholders in ensuring their respective (or proposed) systems are compliant with the Agency's information security standards. In addition, the Information Security Engineering Manager supports the operations of several other functions of the Agency's Information Security Management System (ISMS). ESSENTIAL FUNCTIONS: The following duties are a representative summary of the primary duties and responsibilities. Incumbent(s) may not be required to perform all duties listed and may be required to perform additional, position-specific duties. Acts as Service Owner for related Information Security Engineering services of the Information Security business unit. Support Information Security Architecture and Security Operations services Manages personal for the Information Security Engineering components of the Information Security Division. Provides guidance to the technical professionals that comprise the Security Engineering functions of the Information Security Division Participates in the overall implementation of the agency's information security program, under the direction of the Chief Information Security Officer (or delegate), where appropriate. Participates in the creation of information security governance documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Chief Information Security Officer (or delegate), where appropriate. Identifies and assesses technology-related risks to information security associated with prospective technology solutions; and recommends appropriate mitigating controls. Influences the design of any prospective technology solution for adherence to documented agency standards, policies, and regulatory responsibilities. Evaluates, implements, and supports security-focused tools and services required to support information security controls. Collaborates with other IT engineering and administration disciplines to ensure security best practices are incorporated into design, implementation and sustainment of systems and services within the agency. Consults with internal customers on risk assessment, threat modeling and mitigation of vulnerabilities Conducts security assessments, evaluates controls, and provide feedback to management and system owners on the design and effectiveness of control processes. Conducts regular security reviews of both software and processes. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats Participates in ongoing information security education, awareness, and outreach activities. Participate with information security incident investigation and response efforts, leading as needed. Participate with computer and network forensic investigations in support of incident response activities. Prepares regular reports on relevant metrics for different stakeholders. Coaches, manages, mentors, and develops staff. Focuses on keeping professional skills current. Keeps up to date on latest information security threats and countermeasures. Champions and models Sound Transit's core values and demonstrates values-based behaviors in everyday interactions across the agency. Contributes to a culture of diversity, equity and inclusion in alignment with Sound Transit's Equity & Inclusion Policy. It is the responsibility of all employees to follow the Agency safety rules, regulations, and procedures pertaining to their assigned duties and responsibilities, which could include systems, operations, and/or other employees. It is the responsibility of all employees to integrate sustainability into everyday business practices. Other duties as assigned. MINIMUM QUALIFICATIONS: Education and Experience: Bachelor's degree in Computer Science, Information Technology, Business Administration, Engineering, or closely related field. Five years of information technology experience with a focus on security engineering and operations, OR an equivalent combination of education and experience. Three years of leadership, budgetary, planning and workforce management experience. Required Licenses or Certifications: Certified Information Systems Security Professional (CISSP), orobtain within 12 months of hire. Preferred Licenses or Certifications: One or more of the following certifications is strongly preferred: Certified Information Security Manager (CISM) Information Technology Infrastructure Library (ITIL) Certified Ethical Hacker (CEH) Certified Cyber Forensics Professional (CCFP) GIAC Certified Incident Handler (GCIH) Required Knowledge and Skills: Strong command of ITIL core processes and principles. Strong command and experience with information security architecture and engineering principles General knowledge of the NIST 800 series standards, PCI DSS standard, and the ISO 27001/2 frameworks. Demonstrated work experience in a few of the following areas: Information Security, Security Architecture, Security Engineering, Security Operations and implementing best practices, tools and technology. Strong understanding of information technology and security controls. Strong understanding of and experience with security-related technologies, systems, and tools. Proven competency in the use of MS Office applications (Microsoft Project, Word, Excel, PowerPoint, and SharePoint) Strong team leadership and communicational (verbal/written) skills. Ability to work in highly collaborative environments. Strong workload prioritization and self-organization skills Strong project management skills. Preferred Knowledge and Skills: Understanding of Cloud Computing environments (Microsoft Azure preferred). Physical Demands / Work Environment: Work is performed in a hybrid office environment. This position is responsible for communicating with stakeholders, and using specialized security tools; may be subject to bending, hearing, sitting, standing, talking, seeing, and carrying and lifting 25 lbs or less. The Agency promotes a safe and healthy work environment and provides appropriate safety and equipment training for all personnel as required. Sound Transit is an equal employment opportunity employer. No person is unlawfully excluded from employment action based on race, color, religion, national origin, sex (including gender identity, sexual orientation and pregnancy), age, genetic information, disability, veteran status or other protected class.

Thornton Tomasetti applies engineering and scientific principles to solve the world's challenges. An independent organization of creative thinkers and innovative doers collaborating from offices worldwide, our mission is to bring our clients' ideas to life and, in the process, lay the groundwork for a better, more resilient future. We provide support and opportunities to our employees to achieve their full potential and cultivate a rewarding career. The Role The Electronic Security Systems Project Engineer is responsible for all security technology design on a wide range of commercial, educational, sports, entertainment, government, and infrastructure project types. This position will integrate with a dynamic, diverse and growing Thornton Tomasetti security team conducting Threat, Vulnerability, Risk Assessments, as well as physical security design and consulting, and will include advising our clients through planning, design, and construction. The engineer will be responsible for providing innovative security technology solutions through design and consulting in addition to supporting RFP/RFQ responses for obtaining new project work. This role will require some travel to project sites to attend meetings with clients. The success of this position will be delivered through innovative solutions, communications, and teamwork, as well as a proactive attitude and a strong drive for excellence. Responsibilities Responsible for Electronic Security System design and consulting. Integration of technical and system security requirements, including, but not limited to Access Control, intrusion detection systems (IDS), video surveillance systems (VSS), and duress systems, into the overall security design drawings/models. Maintain familiarity with current and emerging electronic security vendors and solutions such as access control, video surveillance, intrusion detection, biometrics, barriers, etc. Conduct large scale security audits and assessments. Work closely with vendors to develop solutions that exceed our clients' expectations. Write technical reports summarizing results, recommended security solutions, risk mitigation measures, and transition to technology implementation. Create and maintain product specifications. Coordinate directly with clients and other project team members. Requirements Bachelor's Degree in technical/STEM discipline 5+ years of relevant work in security technology and integration preferred Experience supporting DoD , Federal Government IT infrastructure, and/or Data Centers including IT infrastructure for Electronic Security Systems (ACS / IDS / VSS / Biometrics), is strongly preferred Revit Modeling Experience (navigating models and developing drawings) PSP certification preferred Excellent verbal and technical writing skills Self-motivated and team-oriented with a passion to innovate Capable of attaining a United States Security Clearance Compensation The rate for this position generally is $90,000 - $115,000 annually. Actual pay rates may vary from the range, as permitted by District of Columbia Equal Pay Transparency Law. Compensation offers will be based on various factors, including operational needs, individual education, qualifications and experience, work location and comparison to employee already in the role, as well as other considerations permitted by law. A potential new employee's pay history will not be used in compensation decisions. Benefits Depending on your employment status, benefits may include: Medical, Dental, Vision, Life, AD&D, Disability and other voluntary benefits Flexible Spending Accounts for Medical and Childcare Paid Time Off, Family Leave for New Parents, Volunteer Time Tuition Reimbursement Commuter Transit (where available) 401k retirement savings with Company matching on employee contributions and/or qualified student loan repayments Fitness Reimbursement And other various wellness, diversity/inclusion and employee resource programs and initiatives Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Thornton Tomasetti is proud to be an equal employment workplace. Individuals seeking employment at Thornton Tomasetti are considered without regards to age, ancestry, color, gender (including pregnancy, childbirth, or related medical conditions), gender identity or expression, genetic information, marital status, medical condition, mental or physical disability, national origin, protected family care or medical leave status, race, religion (including beliefs and practices or the absence thereof), sexual orientation, military or veteran status, or any other characteristic protected by federal, state, or local laws. Thornton Tomasetti Global Terms of Use and Privacy Statement Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at Thornton Tomasetti are conditioned on your acceptance and compliance with these terms. Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application you will be asked to confirm your agreement with the terms. Beware Of Recruitment Fraud: Scammers may attempt to impersonate Thornton Tomasetti. Messages from our firm come only from the ThorntonTomasetti.com domain, Thornton Tomasetti does not use any third-party recruiters. When in doubt, please contact us through our web form here and see how you can protect yourself online here.

Job Description About the Role We're hiring a senior security, risk, and compliance leader to build and scale our governance, risk, and compliance (GRC) program at a rapidly growing investment firm. In this highly visible role, you will own our compliance strategy end-to-end, from SOC 2 and SOX readiness to third-party risk, audit management, and control frameworks. You'll partner directly with the CTO and work cross-functionally with Engineering, IT, Legal, Finance, and business operations to embed security and compliance into how the company operates. This is a hands-on leadership role for someone who enjoys building structure, driving accountability, and creating scalable programs that support business growth in a regulated, high-stakes environment. Role Overview As our senior compliance and risk leader, you will be responsible for designing, operating, and continuously improving our security and compliance infrastructure. You will: Own and manage our SOC 2 and SOX compliance programs, including audit readiness, execution, and remediation Lead third-party risk management and vendor security assessments Operate and optimize our GRC platform (Vanta, LogicGate, Secureframe, or similar) Manage external audits and coordinate with auditors and internal stakeholders Design and maintain control frameworks aligned with NIST 800-53, ISO 27001, and HITRUST Partner with Engineering and IT to ensure controls are built directly into systems and processes Work closely with Legal, Finance, and business leaders to ensure compliance supports business objectives - not slows them down You'll report directly to the CTO and serve as a trusted advisor to executive leadership as the organization continues to scale. Must-Have Qualifications 8-10+ years of experience in IT compliance, information security, risk management, or related roles within regulated or high-growth environments Proven ownership of SOC 2 and/or SOX compliance programs, including audit readiness, execution, and remediation Hands-on experience implementing and operating GRC platforms such as Vanta, LogicGate, Secureframe, or similar Deep experience leading third-party risk management programs and conducting vendor security assessments Demonstrated success managing external audits and driving remediation efforts across technical and business teams Strong working knowledge of security and control frameworks including NIST 800-53, ISO 27001, and HITRUST Ability to partner cross-functionally with Engineering, IT, Legal, Finance, and executive leadership Track record of building scalable compliance programs that support business growth rather than slow it down Why Join Us Be a key player in building and shaping the security and compliance infrastructure at a rapidly growing investment firm Work in commercial real estate, one of the most dynamic and resilient sectors in finance Collaborate with a focused, high-performing team where your impact is immediately visible Opportunity for professional growth as the organization scales Competitive compensation package including base salary, performance bonus, and comprehensive benefits Benefits Generous time off policy Company-sponsored medical, dental, and vision insurance Company-paid life insurance Company-paid short- and long-term disability insurance Paid parental leave 401(k) plan with company match 11 paid holidays

Guide security policy and participate in broader Information Security governance efforts. Develop and maintain the Information Security Management System (ISMS) in collaboration with regional information security SMEs and technical consultants. Oversee and manage the ISMS and recommend appropriate mitigating controls. Oversees Information Security Risk Management activities, including risk identification, assessment, and communication to relevant interest holders. Provide valuable expertise and leadership directly to the governing Joint Board executive leadership, including sharing metrics to reflect the performance of the regional security program functions, executive risk score reports, and other guidance on a variety of information security topics. Facilitate a committee of Information Security SMEs across the Agencies to ensure both regional compliance and concurrence on information security-related matters, recommending solutions, and working from the regional perspective to achieve optimal solutions. Collaborate with the Systems Integrator, other vendors, and partner Agencies to ensure security best practices, standards, policies, and regulatory requirements are incorporated into core payment system design, implementation, and sustainment, as well as support other future phase projects. Conduct regular security reviews of both software and processes, advising on information security practices. Reviews and creates threat models and recommends security enhancements consistent with information security strategy and evolving threats. Support external IT security audits and assessments that focus on operation. Develop, update, implement, and conduct information security training programs to support the ISMS objectives. Manage approvals for Identity and Access Management (IAM) and Access Control Administration. Act as Incident Commander for Security Incident Response activities, whenever the Information Security Incident Response Plan is invoked by the regional program; play an interest holder and oversight role if the plan is invoked by other partners or vendors. Participate in information security incident investigation and response efforts; perform root-cause analysis when incidents occur and prepare incident reports. Evaluate change requests to determine potential impacts to Information Security, including IT systems, processes, policies, and provide appropriate input to the Change Management process. Coach future Regional Operations Team (ROOT) information security personnel as the ISMS becomes complete and mature. Keep up to date on latest information security trends, "best practices", threats, and countermeasures. Required Skills and Qualifications: Enterprise-level information security plans, policies, standards, guidelines, methods, and practices based on current industry standards, best practices, tools, and techniques. Information Security Management Systems, and applicable industry standards (ISO 27001/2). Pertinent federal, state, and local laws, codes, and regulations; particularly those that affect information security for payment systems. Environments subject to the Payment Card Industry Data Security Standard (PCI DSS), including compliance-related duties. Knowledge and understanding of developing and administering information-security standards, practices, audits, risk management, and policy compliance. Information Security Audit principles and practices. Knowledge of one or more governance frameworks such as COBIT 5, ISO, NIST, or COSO. Strong understanding of IT Service Delivery (ITIL) core processes and methodologies. Principles, methods, and techniques used in the facilitation of managing projects and leading teams. Relevant experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography. In-depth knowledge of security software threats and vulnerability mitigation techniques. Working knowledge of cloud platforms such as Azure/ AWS and relevant security controls. Establishing and maintaining collaborative working relationships with other department staff, management, vendors, and other interest holders. Documenting and explaining risks, recommendations, and incident data to technical interest holders. Interpreting and administering information security policies, standards, and procedures sufficiently to administer, discuss, resolve, and explain them to staff and other constituencies. Leading or supporting an Information Security Management System. Generating metrics and preparing reports to facilitate decision-making on security-related activities. Utilizing personal computer software programs affecting assigned work and in compiling and preparing spreadsheets and reports. Responding to inquiries with effective oral and written communication. Researching, analyzing, and evaluating new security processes, products, and techniques. Excellent time management skills including the ability to prepare, prioritize, and complete work plans. Working effectively under pressure, meeting deadlines, and adjusting to changing priorities. Writing of technical documentation and standards, including skill in English usage, spelling, grammar, and punctuation Required Certifications or Licenses: At least one of the following (in valid status): Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM). Certified Information Security Auditor (CISA). Other industry relevant certifications in the fields of information security, project management, auditing and/ or risk management, such as the Certification in Risk and Information Systems Control (CRISC) Preferred Skills and Qualifications: Knowledge of Governance, Risk, and Compliance (GRC) tools. Principles of leadership, supervision, training, and performance evaluation. Extensive knowledge of risk-based methodologies, and one or more of the following frameworks: ISO 27001/2:2017, 27005:2011, and 31000; PCI-DSS; or NIST 800-53. Duration:11/07/2025 to 2/28/2026 Location: Downtown Seattle (Hybrid) M-F: 8 AM to 5 PM Hybrid: 3 days work onsite Pay: $75 per hour

Manager Information Security- Renton, Washington Schedule- Full Time/ Days Oversees day-to-day operations and staff of the Security team. Prioritizes workloads of the group and acts in a supervisory role. Responsible for security policy and procedure development, enterprise security awareness and working to ensure compliance with internal and external regulatory standards such as HIPAA and DIACAP related to information security. Providence caregivers are not simply valued - they're invaluable. Join our team at USFHP and thrive in our culture of patient-focused, whole-person care built on understanding, commitment, and mutual respect. Your voice matters here, because we know that to inspire and retain the best people, we must empower them. Benefits and perks: + Competitive pay (including holiday pay & shift pay differentials) + Best-in-class benefits - full medical, dental and vision coverage from your first day + 401(k) plan with employer matching & complementary retirement planner + Generous paid time off for vacation, sick days and holidays + Tuition reimbursement & student loan forgiveness programs + Wellness & mental health assistance programs + Back-up child & elder care to help with care disruptions for your family + Voluntary benefits, like pet, auto and home insurance, and more! Required Qualifications: + Bachelor's Degree in Information technology Or Equivalent IT technical and managerial experience. + 3 years of Managing technical and/or security staff. + Demonstrated experience developing customer service work processes in the area of technology. Preferred Qualifications: + Upon hire: CISSP, CISA, CHP, CHSS, GIAC, MCSE, MCSA certifications + Experience in a healthcare IT setting. Why Join Providence? Our best-in-class benefits are uniquely designed to support you and your family in staying well, growing professionally and achieving financial security. We take care of you, so you can focus on delivering our mission to advocate, educate and provide extraordinary care. Accepting a new position at another facility that is part of the Providence family of organizations may change your current benefits. Changes in benefits, including paid time-off, happen for various reasons. These reasons can include changes of Legal Employer, FTE, Union, location, time-off plan policies, availability of health and welfare benefit plan offerings, and other various reasons. About Providence At Providence, our strength lies in Our Promise of "Know me, care for me, ease my way." Working at our family of organizations means that regardless of your role, we'll walk alongside you in your career, supporting you so you can support others. We provide best-in-class benefits and we foster an inclusive workplace where diversity is valued, and everyone is essential, heard and respected. Together, our 120,000 caregivers (all employees) serve in over 50 hospitals, over 1,000 clinics and a full range of health and social services across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. As a comprehensive health care organization, we are serving more people, advancing best practices and continuing our more than 100-year tradition of serving the poor and vulnerable. Posted are the minimum and the maximum wage rates on the wage range for this position. The successful candidate's placement on the wage range for this position will be determined based upon relevant job experience and other applicable factors. These amounts are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities. Providence offers a comprehensive benefits package including a retirement 401(k) Savings Plan with employer matching, health care benefits (medical, dental, vision), life insurance, disability insurance, time off benefits (paid parental leave, vacations, holidays, health issues), voluntary benefits, well-being resources and much more. Learn more at providence.jobs/benefits. Applicants in the Unincorporated County of Los Angeles: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Unincorporated Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. About the Team Pacific Medical Centers (PacMed) is a private, not-for-profit, primary and integrated multi-specialty health care network with outpatient clinics and primary and specialty care providers in King, Snohomish and Pierce counties. We combine decades of patient-centered care with cutting-edge technology, first-class facilities and board-certified providers. Our strong team environment and respect for our people-at all levels and from all backgrounds-allow us to provide authentic care that achieves the highest-quality patient outcomes, backed by the strong network of resources and support through our affiliation with the Providence family, including local partners like Swedish Health Services. Providence is proud to be an Equal Opportunity Employer. We are committed to the principle that every workforce member has the right to work in surroundings that are free from all forms of unlawful discrimination and harassment on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law. We believe diversity makes us stronger, so we are dedicated to shaping an inclusive workforce, learning from each other, and creating equal opportunities for advancement. For any concerns with this posting relating to the posting requirements in RCW 49.58.110(1), please click here where you can access an email link to submit your concern. Requsition ID: 408336 Company: Pacific Medical Jobs Job Category: Information Security Job Function: Information Technology Job Schedule: Full time Job Shift: Day Career Track: Leadership Department: 3060 WA USFHP Address: WA Renton 620 Naches Ave SW Work Location: Blackriver Corporate Park-Renton Workplace Type: On-site Pay Range: $74.17 - $117.10 The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.

Bellevue Telecommunications Services Exp 10-15 years Deg Bachelors Relo Bonus Job Description The Information Security Manager, working with in Corporate Information Security Team will be responsible for liaising with assigned business units on behalf of Corporate Information Security (CIS). These responsibilities will include understanding business-driven projects that involve network and information security, applications, networking and web based technologies. They will be responsible for understanding the Business Unit's processes and priorities and working with them to manage business impact and threats, through a risk based methodology. Ensures through positive engagement that business goals are met in a secure and compliant manner, according to industry standard regulations Qualifications Ideal Candidate will have: Candidate must have strong technical, influential and organizational skills. Prefer six years' experience in information security related discipline, in addition to several years' relevant systems and/or network administration experience. Expert relationship building and partnering skills, including persuasion, negotiation and consensus building. Experience translating emerging IT and business trends into meaningful risk reduction opportunities. Demonstrated ability to work effectively in a complex matrixed environment. Outstanding verbal and written communication skills. Ability to interpret business strategy and align to appropriate security enhancements to achieve business enablement. Ability to translate security requirements into business risks and impacts. Experience with high level design Architecture, Firewall, Internet, LAN Router, Network, Protocols, Web Services and SOA. Strong understanding of encryption, obfuscation and/or tokenization technologies or compensating controls. Appropriate industry certifications, such as CISSP, CISA or CCIE. Preferred skill: Bachelor degree in Computer Science, Information Security, Information Management, or other related discipline. Telecommunications industry expertise, Six Sigma Training, Audit, Compliance & Network experience preferred. Skills and Qualifications: A broad, enterprise-wide view of the wireless (or similar) business and understanding of strategy, processes and capabilities, enabling technologies, and governance. Experience in telecommunications, internet service provider, or application service providers a plus. The ability to apply Information Security principles to business solutions. Extensive experience planning and deploying both business and technology security initiatives. Exceptional communication skills and the ability to convey results in a summarily and persuasive manner to business owners. This includes written and verbal communications as well as visualizations. The ability to act as liaison conveying information needs of the business to technology teams and technology constraints to the business. Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus. Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI. Good understanding & experience applying CoBIT, ISO, ITIL, NIST frameworks. Understanding of Local (Wired & Wireless), Wide area, and mobile networks. A good understanding of Network Security, Firewalls, Intrusion Detection and Prevention, AVS, VLANS. Strong background and experience in IP Networking and Routing Protocols. Fluency in the use of all MS Office applications, including SharePoint services. Qualifications · Preferred: Any of the following CISSP, CISA, CISM, C-RISC, CCNA, CCIE, Six Sigma Yellow/Green/Black Belt Education Minimum Required High School Diploma/GED Education/Vocational Training/Experience Preferred Bachelor's degree in Computer Science, Information Technology or related field from an accredited 4-year college or university 10 years of system, network, and application design and architecture experience. Preferably in the wireless communications space CISSP and or CISM Certification (required; experience may be substituted for Cert requirements (4 years minimum) CISA Certification (preferred but not required; experience may be substituted for Cert requirements (4 years minimum) Responsibilities What you will do: Make proactive assessments of threat information in and outside the public domain, understanding the threat as it relates to its customers, and implementing measures to combat the threat. Understand the operations of the business and comprehend how these create value and risk for the organization. Collaborate with team members, peers and the business unit management team to determine technical information security requirements, planned remediation, and advocate for the program to gain resources to implement appropriate protection technologies and processes. Implement and monitor controls necessary to ensure operational processes are performed and are effective to protect the environment from all forms of malicious cyber activity. Assist the Governance group in the development and refinement of technical security standards, key performance indicators and other necessary processes to maintain effective operational security, as it relates to the business. Make risk-based decisions on a daily basis that has the potential to impact our ability to operate and communicate. Ensure the information and network security controls for us are appropriate and operating as intended; includes solutions that are directly controlled as well as security solutions that are operated by other internal and external groups. Provide status reports on a weekly, monthly and quarterly basis to business managers and other management activities that demonstrate the health of the program. Interact with internal audit, third party auditors, and appropriate regulatory bodies. Support the Information Security policy lifecycle throughout, including all aspects of intake, creation, review, approval, implementation, publishing, communication and maintenance. Liaise with and assist outsourced security service providers with vulnerability assessments of business applications, systems and architectures. Additional Information All your information will be kept confidential according to EEO guidelines. Direct Staffing Inc

Anthropic's mission is to create reliable, interpretable, and steerable AI systems. We want AI to be safe and beneficial for our users and for society as a whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We're looking for an Operating Systems Security Engineer to harden and secure the OS layer of our infrastructure. You'll be responsible for designing and implementing OS-level security controls, from kernel hardening to runtime protection, ensuring our systems can withstand sophisticated attacks while maintaining the performance required for AI model training. This is a hands-on role where you'll work with cutting-edge hardware and implement novel security solutions for environments that don't exist anywhere else in the world. You'll need to balance extreme security requirements with the operational needs of researchers training models at unprecedented scale. What You'll Do: Design and implement hardened OS configurations for AI workloads across diverse hardware platforms Minimize attack surfaces by removing as many unnecessary components as possible from kernelspace and userspace Develop kernel security policies using SELinux, AppArmor, and custom Linux Security Modules and runtime enforcement mechanisms Implement and maintain full-disk encryption solutions for diverse storage systems Build security infrastructure for AI systems, research environments, and production services Create OS-level attestation and integrity monitoring systems Apply security patches, develop patches for custom kernel modules, and kernel hardening configurations Design secure boot processes and trusted execution environments Work with container teams to ensure proper workload isolation at the kernel level Design privilege separation and mandatory access control policies Implement secure update mechanisms for OS components Build tooling for security configuration management and compliance verification Serve as a subject matter expert for OS security questions and designs Who You Are: 5+ years of experience in operating systems security or kernel development Deep knowledge of Linux internals, including kernel subsystems and security frameworks (SELinux, AppArmor, seccomp, etc.) Experience with kernel hardening techniques and exploit mitigation Strong programming skills in C and systems programming languages Experience with eBPF for security monitoring and enforcement Understanding of virtualization and containerization security Track record of identifying and fixing OS-level security vulnerabilities Experience with security-focused Linux distributions Strong candidates may also have: Kernel development experience or contributions to Linux kernel Experience with real-time or embedded operating systems Knowledge of hardware security features and their OS integration Experience with secure boot technologies Experience with confidential computing and memory encryption technologies (SEV, TDX, SGX) Background in vulnerability research, exploit development, or fuzzing Experience with formal methods for OS verification Knowledge of hardware security features and their OS integration (TPM, HSM, secure enclaves) Deadline to apply: None. Applications will be reviewed on a rolling basis. The annual compensation range for this role is listed below. For sales roles, the range provided is the role's On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role. Annual Salary:$300,000-$405,000 USDLogistics Education requirements: We require at least a Bachelor's degree in a related field or equivalent experience. Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices. Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this. We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team. Your safety matters to us. To protect yourself from potential scams, remember that Anthropic recruiters only contact you ******************* email addresses. Be cautious of emails from other domains. Legitimate Anthropic recruiters will never ask for money, fees, or banking information before your first day. If you're ever unsure about a communication, don't click any links-visit anthropic.com/careers directly for confirmed position openings. How we're different We believe that the highest-impact AI research will be big science. At Anthropic we work as a single cohesive team on just a few large-scale research efforts. And we value impact - advancing our long-term goals of steerable, trustworthy AI - rather than work on smaller and more specific puzzles. We view AI research as an empirical science, which has as much in common with physics and biology as with traditional efforts in computer science. We're an extremely collaborative group, and we host frequent research discussions to ensure that we are pursuing the highest-impact work at any given time. As such, we greatly value communication skills. The easiest way to understand our research directions is to read our recent research. This research continues many of the directions our team worked on prior to Anthropic, including: GPT-3, Circuit-Based Interpretability, Multimodal Neurons, Scaling Laws, AI & Compute, Concrete Problems in AI Safety, and Learning from Human Preferences. Come work with us! Anthropic is a public benefit corporation headquartered in San Francisco. We offer competitive compensation and benefits, optional equity donation matching, generous vacation and parental leave, flexible working hours, and a lovely office space in which to collaborate with colleagues. Guidance on Candidates' AI Usage: Learn about our policy for using AI in our application process

Required Qualifications A Bachelor's degree and three (3) years professional experience OR a combination of education and experience totaling seven (7) years from which comparable knowledge and abilities are acquired. Preferred Qualifications Experience developing operational information security procedures and technical training materials. Demonstrated experience with working within formal project management frameworks. Experience with the Splunk application, to include developing searches, reports, and other automated routines. Experience with security reviews of firewall, file system, and other forms of access control lists. Experience with digital forensics software and processes. Demonstrated ability to appropriately prioritize multiple tasks, projects, or assignments. Expert knowledge of Windows, Linux, and Apple operating systems.

Aditi Staffing is an MBE certified, IT Staffing firm in the US offering contract, contract-to-hire & direct hire career opportunities with Fortune Firms. Recently recognized as one of the fastest growing staffing firms and top diversity firm by the Staffing Industry Analysts, Aditi Staffing has been a partner of choice for candidates and clients. Visit our website: http://www.aditistaffing.com/ Job Description Role: Information Security Analyst Location: Information Security Analyst 6-8 years of experience in information security / technology or related field. Advanced verbal and communication skills with diverse cross functioning groups. Strong background and experience in policy development, program administration. In depth knowledge and experience in incident response activities and compliance. Ability to plan, organize and prioritize tasks to complete independently and within time frame established. While technical knowledge of information technology and security issues is highly desirable, technical expertise and resources will be available from units such as Security Operations to support the information security and privacy program. Strong technical writing abilities. Very good understanding of security controls, control systems, and business drivers that impact security controls. Knowledge of SEC, FFC, Sarbanes-Oxley (SOX) and or Gramm-Leach Bliley Act regulatory policies & guidelines. Strong background in security authentication, security applications development methodologies, security architecture and operational procedures, organization, business continuity skills, disaster recovery skills, identity management skills and hands on experience implementing products / solutions e.g. NetIQ, Entrust, Netegrity, Oblix, PKI, and some director service, RSA, strong understanding of the development and maintenance of RBAC s (Role Based Access Controls). Ability to work collaboratively with a broad range of constituencies essential. A demonstrated ability to work with diverse cross functional groups of people is required. Good to Have: Knowledge of the following technologies a plus: Intrusion Detection / Prevention Systems for networks and hosts Security Event Management Systems Vulnerability Assessment Systems Secure transfer protocols such as SSH, SCP and Connect Direct Secure Plus Diagnostic tools such as packet capture/decode and WAN probes IP Networking Windows Systems administration and security tools Experience with remote access, terminal servers, etc a plus Experience in the administration of UNIX Solaris, HP/UX, or Linux and Windows operating systems a plus Experience in developing and administering an information security program desirable Working knowledge of and experience in the policy and regulatory environment of information security, especially in higher education is desirable Additional Information Regards, Arun Kumar R arunkr(AT)aditistaffing.com D: 425-457-7916