Information security analyst jobs in Yuma, AZ

GovCIO is currently hiring for an Information System Security Engineer (ISSE) to support the 2ROPS accreditation process for small classified mobile systems to renew the current Authority to Operate (ATO) and provide ongoing cybersecurity sustainment support. This position will be located at Vandenberg Space Force Base, California and will be an onsite position with some flexibility for remote work with 2ROPS leadership approval. Responsibilities: Designs and implements information assurance and security engineering systems with requirements of business continuity, operations security, cryptography, forensics, regulatory compliance, internal counterespionage (insider threat detection and mitigation), physical security analysis (including facilities analysis, and security management). Assesses and mitigates system security threats and risks throughout the program life cycle. Validates system security requirements definition and analysis. Establishes system security designs. Implements security designs in hardware, software, data, and procedures. Verifies security requirements; performs system certification and accreditation planning and testing and liaison activities. Supports secure systems operations and maintenance. Participates with the client in the strategic design process to translate security and business requirements into technical designs. Configures and validates secure systems and tests security products and systems to detect security weakness; performs network scanning and vulnerability analysis. Ensures that the appropriate security features and safeguards have been implemented on all information systems as required by DoD/IC policy and directives, and industry best practices. Performs defense device system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of all implemented, maintained, and deployed systems. Provides security certification test and evaluation of assets, vulnerability management and response, security assessments, customer support and provides guidance on security issues. Qualifications: High School with 9+ years (or commensurate experience) Clearance Required: Secret Required Skills and Experience 5 years of experience as security engineer for hardware and software Linux (Red Hat/CentOS) system administration experience Experience configuring Assured Compliance Assessment Solution (ACAS) and performing scans Security+ Certification (or equivalent) required #D#DSGP L #CJ Company Overview: GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens. But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer? What You Can Expect Interview & Hiring Process If you are selected to move forward through the process, here's what you can expect: During the Interview Process Virtual video interview conducted via video with the hiring manager and/or team Camera must be on A valid photo ID must be presented during each interview During the Hiring Process Enhanced Biometrics ID verification screening Background check, to include: Criminal history (past 7 years) Verification of your highest level of education Verification of your employment history (past 7 years), based on information provided in your application Employee Perks At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including: Employee Assistance Program (EAP) Corporate Discounts Learning & Development platform, to include certification preparation content Training, Education and Certification Assistance* Referral Bonus Program Internal Mobility Program Pet Insurance Flexible Work Environment *Available to full-time employees Our employees' unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets. Posted Pay Range The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an “at-will position” and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors. Posted Salary Range: USD $120,000.00 - USD $140,000.00 /Yr.

Innovate here. And see your ideas come to life. It's an exciting time to work in tech at Edward Jones. We are making massive investments in emerging technologies to improve how we work with our clients and with each other. Relationships are the focus of our business model. And working in Technology here means using your skills to build, deliver and maintain the technologies that enable us to deepen and support those relationships. The best part? We develop and create our own industry-leading solutions internally. And you can be a part of it. Working with emerging new technologies. Creating platforms, programs and experiences that change how we work together - and support our client-first focus. Changing the future of our firm, the industry and the advisor-client relationship. Job Overview Position Schedule: Full-Time This job posting is anticipated to remain open for 30 days, from 01-Dec-2025. The posting may close early due to the volume of applicants. Team Overview: As an IAM Analyst you will work independently to identify and define IAM solution requirements for both existing capabilities and the expansion of new features. You will ensure that all platforms within your span of responsibility meet your customer's requirements; designed, built, documented, and maintained in adherence with the Firm's standards and architectural patterns; and are managed to the highest level for performance, stability, and security. Serving as a Security practicioner, you will bring deep industry knowledge and experience to understand the threat landscape and use that knowledge to shape the platforms that the Firm depends on for critical identity lifecycle functions. In this role you will regularly engage in leading-edge technology initiatives, including research, vetting, and adoption of emerging technologies, tools and methodologies in alignment with the overall security strategy. What You'll Do: Identify and implement opportunities to improve solutions that combat advanced and relevant threats while considering integration into the environment, stability, availability, disaster recovery, and cost-effectiveness. Serve as a subject matter expert for the identity management platform (Saviynt) and be a key contributor to stabilization and expansion efforts. Lead conversations centered on solving for complex business requirements in solution designs, and ensuring compliance with internal standards, policies, and regulatory requirements. Identify potential gaps in existing IAM processes or systems and recommending solutions to improve security and efficiency. Manage SOX compliance, auditing, and access review processes. Collaborate with internal teams and stakeholders to understand requirements and develop solutions. Effectively document solutions and configurations for future reference. Produce, maintain, and facilitate distribution of training resources to effectively empower key stakeholders with the information needed to meet Firm objectives and/or drive adoption of new processes. Establish and maintain effective communications and relationships across key departments, business areas, and vendors, including supporting engagements with key vendors to ensure the correct level of support to the Firm and drive solution roadmaps to meet Firm expectations. Creating and maintaining documentation for IAM processes, procedures, solution designs, requirements, etc. Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page. Hiring Minimum: $99200 Hiring Maximum: $168900 Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act. Edward Jones is prohibited from hiring individuals with certain specified criminal history as set forth in Section 3(a)(39) and 15(b)(4) and Rule 17a-3(a)(12) of the Securities and Exchange Act of 1934, and conducts background reviews consistent with FINRA Rule 3110(e). A copy of a notice regarding the provisions of the Los Angeles County Fair Chance Ordinance is available at: dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf. Read More About Job Overview Skills/Requirements What Experience You'll Need: Minimum 4-5 years experience In-depth understanding of Saviynt product functionality, including provisioning, access certification, SOD, analytics, RBAC, workflow, email notifications, etc. Experience designing JML flows for Saviynt automation. Experience integrating applications with Saviynt using various connectors. Solid understanding of workflows in ARS and the ability to leverage Saviynt analytics tools. Experience managing SOX compliance, auditing, and access review processes within Saviynt. Experience with configuration management of Rules Technical Users, UI Global Configurations, Backend configurations, and GSP files. Excellent written and verbal communication skills. Experience with APIs and integrations Strong analytical and problem-solving skills Excellent communication and collaboration skills Experience using ticketing systems (e.g., Jira) **Candidates that live within in a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office three days per week, with preference for Tuesday through Thursday.** Current INTERNAL home-based associates: While this role is posted as hybrid, if selected and accepted, you may retain your home-based status. Edward Jones intends in good faith to continue offering the role as home-based, though future business or regulatory needs may require on-site work. Read More About Skills/Requirements Awards & Accolades At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received. Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones Read More About Awards & Accolades About Us Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we're proud to be privately-owned, placing the focus on our clients rather than shareholder returns. Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging. People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career. View our Purpose, Inclusion and Citizenship Report. ¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating. Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law. #LI-HO

Why USAA? At USAA, our mission is to empower our members to achieve financial security through highly competitive products, exceptional service and trusted advice. We seek to be the #1 choice for the military community and their families. Embrace a fulfilling career at USAA, where our core values - honesty, integrity, loyalty and service - define how we treat each other and our members. Be part of what truly makes us special and impactful. The Opportunity We are seeking a dedicated Bank Information Security Governance Senior. We offer a flexible work environment that requires an individual to be in the office 4 days per week. This position can be based in our Phoenix, AZ; San Antonio, TX; Plano, TX; Colorado Springs, CO; Chesapeake, VA; Charlotte, NC or Tampa, FL offices. Relocation assistance is not available for this position. What you'll do: Supports the first line of defense in ensuring the effectiveness of Information Security (IS) governance, IS risk management, and compliance programs within the Bank Technology Office. Collaborates with Information Technology (IT) and IS teams, business stakeholders, Compliance, Risk Management, Audit Services, and external parties to support IS governance and IS risk and compliance-based initiatives. Acts as a key liaison between the Association's IS function and various Bank business units, ensuring alignment with enterprise security policies and standards. Continuously monitors IS environments to identify emerging risks related to cybersecurity, infrastructure, applications, and third-party services. Provides consultative services across Bank. Provides expert insights on the development, implementation, and continuous improvement of IT governance frameworks (e.g., COBIT, ITIL) tailored to the Bank organization's specific needs and strategic objectives. Analyzes incident trends and control gaps to anticipate potential risk scenarios and recommend preventive measures. Conducts forward-looking risk assessments for new technology initiatives, system changes, and digital transformation projects. Analyzes incident trends and control gaps to anticipate potential risk scenarios and recommend preventive measures. Partners with and leads IT/IS teams to embed IS risk considerations early in the project lifecycle and ensure timely mitigation strategies. Leads the development, implementation, and continuous improvement of IT governance frameworks (e.g., COBIT, ITIL) tailored to the organization's specific needs and strategic objectives. Defines, maintains, and enforces IS policies, standards, and procedures to ensure compliance with relevant laws, regulations, and industry best practices. Ensures IS risk compliance with legal, regulatory, and contractual requirements, coordinating audits and assessments. Provides governance oversight for IS related initiatives, ensuring they adhere to established standards, policies, and risk management practices. Mentors junior members of the IS governance team, providing guidance and support in their professional development. Enhances, and maintains awareness of the risk governance framework and its elements (RCSA). Performs root cause analysis to determine likelihood, impact, and mitigation approaches of identified risks. Prepares metrics reporting and participates in the metrics refresh process. Maintains awareness of cloud computing principles and AI and understands potential IS risks inherent within this discipline. Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures. What you have: Bachelor's degree in Information Technology, Computer Science, Business Administration, or a related field; OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree. 6 years experience supporting IS governance, IS risk management, compliance, or IT audit activities In-depth knowledge and application of IT governance frameworks such as COBIT, ITIL, ISO 27001, and NIST, CIS Controls and CMMC Experience working on and implementing IT and/or IS policies, standards, and procedures. Experience leading and coordinating IS audits and assessments and ensuring compliance with regulatory requirements. A strong understanding of regulatory and compliance requirements applicable to the organization. Ability to interpret complex IT/IS environments and detect early warning signals. Experience in identifying potential failure points and simulating risk scenarios. Proficiency in using data to identify trends, anomalies, and emerging risks. Understanding of cloud, cybersecurity, and digital transformation risks. Ability to articulate risk insights and influence stakeholders to take preventive actions. Familiarity with GRC platforms, vulnerability management tools, and risk dashboards. What sets you apart: Information Technology or Security certifications (e.g., CISA, CRISC, CISM, CISSP, CGEIT, CIA, NIST, COBIT, etc.). Familiarity with financial institutions regulations (GLBA, FFIEC Handbooks, PCI DSS) Work experience in highly regulated work environments including other large financial institutions Experience with data-driven analysis using AI tools and collaborating to drive process innovation Highly self-motivated individual capable of working independently and proactively handling their workload with minimal direct supervision. Strong analytical skills and demonstrated experience collaborating effectively with leadership at all levels within an organization. Compensation range: The salary range for this position is: $114,080-$218,030. USAA does not provide visa sponsorship for this role. Please do not apply for this role if at any time (now or in the future) you will need immigration support (i.e., H-1B, TN, STEM OPT Training Plans, etc.). Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market data of the position. The actual salary for this role may vary by location. Employees may be eligible for pay incentives based on overall corporate and individual performance and at the discretion of the USAA Board of Directors. The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job. Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals. For more details on our outstanding benefits, visit our benefits page on USAAjobs.com. Applications for this position are accepted on an ongoing basis, this posting will remain open until the position is filled. Thus, interested candidates are encouraged to apply the same day they view this posting. USAA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

At PriMed, your uniqueness is valued, celebrated, encouraged, supported, and embraced. Whatever your relationship with Hill Physicians, we welcome ALL that you are. We value and respect your race, ethnicity, gender identity, sexual orientation, age, religion, disabilities, experiences, perspectives, and other attributes. Our celebration of diversity and foundation of inclusion allows us to leverage our differences and capitalize on our similarities to better serve our communities. We do it because it's right! Job Description We are seeking a skilled Governance, Risk, and Compliance (GRC) Engineer to strengthen our security posture and ensure adherence to healthcare regulations. The GRC Engineer will play a vital role in designing, implementing, and maintaining risk management processes, compliance frameworks, and policies that align with healthcare regulations such as HIPAA and HITECH. The ideal candidate will have experience with tools like SAI360, CyberArk, and other compliance and security platforms. Job Responsibilities: Develop, implement, and maintain GRC policies, processes, and controls in alignment with industry best practices and regulatory requirements (e.g., HIPAA, HITECH, NIST, ISO 27001). Perform risk assessments and develop mitigation strategies for identified security risks. Administer and optimize SAI360 for governance, risk management, and compliance activities, including reporting and policy management. Collaborate with cross-functional teams to ensure new projects and systems are designed with security and compliance in mind. Monitor and report on compliance status, identifying gaps and proposing remediation strategies. Oversee third-party vendor risk assessments and ensure adherence to security requirements. Support internal and external audits by providing documentation, evidence, and responses to audit findings. Conduct security awareness training programs and promote a culture of compliance within the organization. Required Experience/Skills/Knowledge: 5+ years of experience in Governance, Risk, and Compliance roles or a related field. Strong knowledge of healthcare regulations, including HIPAA, HITECH, and other relevant standards. Proficiency in GRC tools such as SAI360 for compliance and risk management. Experience with privileged access management tools like CyberArk. Solid understanding of risk assessment methodologies and security frameworks, including NIST CSF, ISO 27001, or COBIT. Excellent communication and collaboration skills to engage with technical and non-technical stakeholders. Strong analytical and organizational skills with attention to detail. This role is critical in maintaining our organization's compliance with healthcare security standards and reducing risk exposure. Required Education: Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. Equivalent work experience may be considered in lieu of a degree.

Create the product vision, customer persona identification, product framework for IT's compliance practices including the scopes of SOX and GxP Our client is a public biopharmaceutical company that is regulated by different governmental agencies. It is important that IT operates in a manner that is consistent, accurate, and high quality so that they stay in compliance with GxP and SOX procedures, protocols and audits. This role collaborates with IT members, QA leadership, Finance/SOX leadership, to align plans and activities to achieve successful results for GxP and SOX. ESSENTIAL DUTIES/RESPONSIBILITIES: Manage our IT systems' SOX related Governance, Risk and Compliance (SAP-GRC) component, framework and operations to maintain high quality and transparent results. Collaborate and work closely with Finance teams to set expectation and align activities. Oversee the cyclical SOX evidence sample selection, collection, data analysis, corrective actions and actively participate with the internal and external audit processes Drive the SOX Segregation of Duty analysis and related actions Ensure that IT Product Owners and product teams operate their SOX procedures with exceptions Coordinate and collaborate with business partners (e.g. Finance SOX Operations, Corporate Quality Assurance) to set priorities and directions to achieve reliable and optimal results for accurate and quality operations with successful compliance results. Represent IT's philosophy and operational requirements to our business partners Experience: Minimum of 5 years of experience with SOX compliance. Minimum of 3 years of experience managing SAP-GRC, ITGC, and SOX Experience leading IT GxP compliance practices Experience with operating and testing SOX controls a plus (in accordance with Governance Risk Compliance framework). Knowledge, Skills and Abilities: General knowledge of the Sarbanes-Oxley Act and the application to IT General knowledge of SOX IT controls and the operations and execution of SOX IT Controls Advance skills and abilities managing consultants and Managed Service Providers Comprehensive experience with IT development lifecycle and support methodologies Comprehensive experience with project management The salary range provided for this contract role represents our good faith estimate for this position. Within the range, individual offers will vary based on the selected candidate's experience, industry knowledge, technical and communication skills, location and other factors that may prove relevant during the interview process (W2 or C2C). In addition to compensation, the company provides eligible W2 employees with a comprehensive and highly competitive benefits package. I.T. Solutions, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

WHO WE ARE: Headquartered in Southern California, Skechers-the Comfort Technology Company -has spent over 30 years helping men, women, and kids everywhere look and feel good. Comfort innovation is at the core of everything we do, driving the development of stylish, high-quality products at a great value. From our diverse footwear collections to our expanding range of apparel and accessories, Skechers is a complete lifestyle brand. ABOUT THE ROLE: Skechers is seeking a passionate Application Security Engineer to join our team and serve as a security champion who bridges the gap between development and security operations. This role is critical to strengthening our security posture by embedding security practices throughout the software development lifecycle and fostering a security-first culture across our development teams. The ideal candidate will be a hands-on security professional who thrives on collaboration, enjoys mentoring developers, and has the technical expertise to identify vulnerabilities while providing practical remediation guidance. You will play a pivotal role in scaling our application security program and ensuring our applications are secure by design. WHAT YOU'LL DO: Successfully integrate security practices into development workflows, resulting in measurable reduction of security vulnerabilities in production applications Conduct thorough security-focused code reviews that identify critical vulnerabilities while providing actionable feedback to development teams Establish and implement efficient processes for triaging, prioritizing, and tracking remediation of security findings with clear SLAs and accountability measures Enhance developer engagement through proactive security awareness initiatives, building trusted relationships that enable developers to implement secure coding practices throughout the development process. Assist with management and optimization of SAST, DAST, OSS, WAF, and other application security tools to maximize coverage and minimize false positives Provide analysis and support as needed during security incidents to contribute to faster resolution times WHAT YOU'LL BRING: Proficiency with application security tools including SAST, DAST, dependency scanning, and WAF technologies Strong understanding of common web application vulnerabilities (OWASP Top 10) and secure coding practices Experience with at least one programming language (Java, Python, JavaScript, C#, or similar) Knowledge of API security, authentication mechanisms, and authorization frameworks Familiarity with DevSecOps practices and CI/CD pipeline integration REQUIREMENTS: 3-5 years of hands-on application security experience with demonstrated expertise in secure code review Retail or e-commerce experience a plus The pay range for this position is $110,000-$155,000/yr USD.

We are seeking a Senior Cloud Security Engineer to join our client for a full-time, direct hire role that will be hybrid in Scottsdale, AZ. This role will design, deploy, and manage security technologies and modern automation tools for the enforcement of security controls across private and public cloud service platforms. Location: Hybrid in Scottsdale, AZ (4 days onsite) Compensation: This job is expected to pay about $130,000-150,000 plus benefits Relocation Assistance Available What You'll Do: Design, implement, and maintain custom and native security services across large-scale hybrid multi-cloud environments. Automate and orchestrate secure cloud migrations and operations using configuration management tools and workflows. Partner with architecture, engineering, and operations teams to deploy security controls aligned with business strategies and industry standards (NIST, CIS, ISO 27001/31000, CSA). Manage PKI services, certificate lifecycle, cryptographic solutions, SSH key management, CSPM, and CWPP platforms. Integrate DevSecOps practices into CI/CD pipelines, including vulnerability scanning (SAST, DAST, SCA), IaC scanning, and secure coding guidance. Maintain CSPM vulnerability dashboards for multi-cloud environments; generate compliance and leadership reports. Configure and optimize WAF, DDoS, and bot protection policies. Collaborate with SOC to develop Splunk event management, integrate cloud/SaaS logs, and enhance security alerting. Contribute to enterprise security standards, documentation, and architecture diagrams. Provide Tier III/IV support, knowledge transfer, and escalation for security and network operations. What Gets You the Job: 5+ years in cloud security and/or IT security engineering. Expertise in AWS, Azure, Salesforce, and Google Cloud; strong SaaS and application workload security knowledge. Background in Windows Server, Linux (RHEL), Apache, SAP Hybris, MySQL, Tomcat, and native cloud services. Strong understanding of network/web protocols (TCP/IP, UDP, IPSEC, HTTP/S, routing). Proficient in automation/scripting with Java, JSON, Python, Bash, or similar. 4+ years with LDAP/AD, cloud identity federation, OIDC/OAuth2, and SAML2 SSO. Skilled in PKI, certificate lifecycle, cryptographic solutions, and SSH key management. Knowledge of DevOps, Jenkins CI/CD, BitBucket, and secure coding practices for common vulnerabilities. Please send your resume to Hannah Xu, Senior Technical Recruiter for immediate consideration. Irvine Technology Corporation (ITC) is a leading provider of technology and staffing solutions for IT, Security, Engineering, and Interactive Design disciplines servicing startups to enterprise clients, nationally. We pride ourselves in the ability to introduce you to our intimate network of business and technology leaders - bringing you opportunity coupled with personal growth, and professional development! Join us. Let us catapult your career! Irvine Technology Corporation provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Irvine Technology Corporation complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

We are seeking an experienced Product Security Architect to join our Security Center of Excellence team and lead security initiatives across our cloud-based SaaS product portfolio. This role requires a unique blend of deep technical expertise, architectural vision, and collaborative leadership to ensure our products are built with security at their core. The ideal candidate will work at the intersection of security, development, and product design to create robust, secure solutions that protect our customers and their data. Key Responsibilities Security Architecture & Design Design and implement comprehensive security architectures for cloud-based SaaS products, ensuring security is embedded throughout the product lifecycle Conduct thorough threat modeling exercises for new and existing product features, identifying potential vulnerabilities and attack vectors Define security requirements, patterns, and best practices for product development teams Review and approve architectural designs from a security perspective, providing actionable guidance and recommendations Product Security Assessment Perform in-depth security assessments of products at the code, configuration, and architectural levels Identify security vulnerabilities, weaknesses, and gaps in existing and proposed product implementations Conduct code reviews with a focus on security, analyzing Java, Python, and React codebases for security flaws Evaluate third-party integrations, APIs, and dependencies for security risks Collaboration & Enablement Partner closely with development teams to integrate security controls and best practices into the software development lifecycle Work with QE teams to develop security test strategies, including penetration testing, vulnerability scanning, and security automation Provide security guidance and mentorship to engineering teams, fostering a security-first culture Translate complex security concepts into clear, actionable recommendations for technical and non-technicaål stakeholders Cloud & Infrastructure Security Design and implement security controls for cloud infrastructure and services (AWS, Azure, GCP) Architect and implement IAM strategies including role-based access control (RBAC), attribute-based access control (ABAC), least privilege principles, and identity federation Design secure network architectures including VPCs, security groups, network ACLs, microsegmentation, and zero-trust network access Establish cloud configuration security standards and guardrails to prevent misconfigurations and ensure secure-by-default deployments Ensure proper implementation of cloud security best practices including data encryption (at rest and in transit), secrets management, and compliance Monitor and respond to emerging cloud security threats and vulnerabilities Security Standards & Compliance Establish and maintain security standards, policies, and procedures aligned with industry frameworks Support compliance efforts including SOC 2, ISO 27001, GDPR, and other relevant standards Stay current with evolving security threats, vulnerabilities, and industry best practices Required Qualifications Experience 8+ years of experience in information security, with at least 5 years specifically in product security architecture Proven track record as a Product Security Architect in a SaaS or cloud-based company Extensive experience with threat modeling methodologies (STRIDE, PASTA, or similar) Hands-on experience identifying and remediating security vulnerabilities in production environments Strong background working collaboratively with development and QE teams in agile environments Technical Expertise Deep understanding of secure coding practices and common vulnerability patterns (OWASP Top 10, CWE/SANS Top 25) Proficiency in code-level security analysis across multiple languages, particularly Java, Python, and React/JavaScript Strong knowledge of cloud security architectures and services (AWS, Azure, or GCP) Expert-level knowledge of IAM principles and implementation including multi-factor authentication, single sign-on, privileged access management, service accounts, and identity lifecycle management Deep understanding of network security including firewalls, IDS/IPS, VPN, TLS/SSL, DDoS protection, API gateways, and secure network segmentation Extensive experience with cloud configuration security including infrastructure-as-code security, cloud security posture management, configuration drift detection, and automated compliance checking Experience with authentication and authorization frameworks (OAuth 2.0, OpenID Connect, SAML, JWT, RBAC, ABAC) Understanding of containerization and orchestration security (Docker, Kubernetes) Knowledge of API security, microservices architecture, and distributed systems security Familiarity with DevSecOps practices and security automation tools (SAST, DAST, SCA) Certifications CISSP (Certified Information Systems Security Professional) required Additional relevant certifications valued: Cloud security: CCSP, AWS Certified Security Specialty, Azure Security Engineer, Google Cloud Professional Security Engineer Security architecture: CSSLP, SABSA Penetration testing: CEH, OSCP, GPEN Network security: CCNP Security, GIAC certifications Preferred Qualifications Experience with Infrastructure as Code (Terraform, CloudFormation) and security policy as code Knowledge of zero-trust architecture principles and implementation Experience with security incident response and vulnerability management programs Background in software development or engineering Experience with regulatory compliance frameworks and security audits Published security research, conference presentations, or contributions to open-source security projects Master's degree in Computer Science, Cybersecurity, or related field Technical Skills Programming & Scripting: Java (enterprise application security) Python (security automation, scripting) JavaScript/React (frontend security) Additional languages a plus (Go, Rust, C/C++) Security Tools & Platforms: SAST/DAST tools (Checkmarx, Fortify, Veracode, etc.) Vulnerability scanners and penetration testing tools Security information and event management (SIEM) platforms Cloud security posture management (CSPM) tools Cloud Platforms & Configuration: AWS, Azure, or Google Cloud Platform IAM services (AWS IAM, Azure AD, GCP IAM, identity federation) Network security services (VPC, Security Groups, Network ACLs, WAF, Cloud Firewall) Cloud configuration management and security scanning tools Cloud-native security services and controls (GuardDuty, Security Hub, Azure Defender, Security Command Center) Secrets management (AWS Secrets Manager, Azure Key Vault, HashiCorp Vault) Serverless architecture security Development & DevOps: CI/CD pipelines and security integration Version control systems (Git) Containerization and orchestration Agile/Scrum methodologies Personal Attributes Strong analytical and problem-solving skills with attention to detail Excellent communication skills with the ability to influence and educate diverse audiences Self-motivated with the ability to work independently and as part of a team Passionate about security and staying ahead of emerging threats Pragmatic approach to balancing security with business needs and user experience What We Offer Opportunity to shape security architecture for cutting-edge Cybersecurity SaaS products Collaborative environment with highly talented engineering teams Professional development and growth opportunities Competitive compensation and benefits package We are an equal opportunity employer and value diversity in our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

At Balance Staffing, we're obsessed with your success! The Workstation Security Engineer I is an individual contributor who will participate in and manage all aspects of information and network security, including intrusion detection, incident response, vulnerability assessment, application security, and compliance with the corporate information security policy for all Client Device endpoints. This person Will primarily be responsible for designing, implementing, administrating, operating, and improving security technologies, including but not limited to Client device endpoints, Azure Microsoft Defender, Al Security tools, Network Access Control, End Point Protection, Two Factor Authentication, and their procedures and processes. ESSENTIAL FUNCTIONS Workstations Security Engineering - Design, build, test and deploy new security technologies, which include the development of the operational manual and run books Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement Investigates, recommends, evaluates, deploys and integrates operational security tools and techniques to improve our ability to protect corporate assets and infrastructure Participate in technical risk assessments and security exposure analyses of systems, networks and business applications Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost effectiveness Responsible for conducting vulnerability assessments and penetration testing, analyzing vulnerability data and prioritizing remediation efforts, and developing vulnerability policies and procedures with the collaboration of GRC. Oversees the installation, configuration, and supportive processes of security technologies Participate in or lead the Incident Response activities Interacts With internal and external clients on security operations requirements, identifies security process and develops strategies/solutions to security issues Keeps fully abreast of trends and changing technologies as they relate to IT and Network Engineering and Information Security fields Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders Security Operations / Administration - Monitor and manage our networks and infrastructure environment for attacks, malicious software, and possible intrusions, which includes the follow-up of complete remediation of infected systems Implement changes to our security technologies/infrastructure in accordance with standard and change control policies/procedures Evaluate, implement, tune, and operate security solutions such as IPS, Vulnerability scanning tools, encryption capabilities, etc Monitor and recommend improvements of security technologies and their various reports Risk Management / Security Audit/Assessment Support / Ad-hoc support - Support security audit/assessment related activities and compliance reviews Performs other tasks, duties and projects as assigned Provide Ad-hoc support as required REQUIREMENTS Bachelor's Degree in Computer Science, Information Systems or related field, or equivalent experience Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering / Planning / Operations Experience in medium to complex computing environments, with advanced knowledge in security technologies and services Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention / Detection Virtual private Networks; SSL, IPSec and Site-to-Site Enterprise Class Stateful Inspection Firewalls Network Access Controls in context to Identity management Windows server OS & Desktop OS Network Packet Inspection Directory Services including LDAP, AD and Secure Authentication Technologies Experience in implementing Information Security technologies and/or processes required. Experience in defining Information Security strategies and frameworks Experience integrating security technologies into corporate operations frameworks. Ability to communicate effectively with client staff at all levels, from technical to executive Multi-task oriented in a team environment Demonstrated ability to pay close attention to detail Knowledge of Information security risk assessment methodologies and standards Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers Ability to work independently, undertaking and completing project tasks on schedule with minimal supervision Balance Staffing is proud to be an equal-opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, Veteran status, or any other characteristic protected by federal or state law.

PENNYMAC Pennymac (NYSE: PFSI) is a specialty financial services firm with a comprehensive mortgage platform and integrated business focused on the production and servicing of U. S. mortgage loans and the management of investments related to the U. S. mortgage market. At Pennymac, our people are the foundation of our success and at the heart of our dynamic work culture. Together, we work towards a unified goal of helping millions of Americans achieve aspirations of homeownership through the complete mortgage journey. A Typical Day We are seeking a highly motivated and experienced Technology Risk Analyst to join our IT Risk and Compliance team. In this critical role, you will be responsible for overseeing technology risk within our Cybersecurity domain area. As a key member of the 1st Line of Defense, you will play a pivotal role in developing and maintaining robust policies and procedures, ensuring the effectiveness of our control environment through quality assurance, and supporting our compliance initiatives spanning internal and regulatory audits and SOC2 examinations. This position requires a strong understanding of risk management principles, a keen eye for detail, and the ability to collaborate effectively across various teams. The Technology Risk Analyst will: Design and execute comprehensive QA controls testing against established policies and procedures, across the technology environment to validate the effectiveness of security controls and identify control deficiencies. Act as a proactive member of the 1st Line of Defense, identifying, assessing, and monitoring technology risks associated with cybersecurity processes. Lead and coordinate all regulatory examinations, investor questionnaires, and internal/external audits (including SOX/SOC compliance) for the Cybersecurity domain, acting as the primary liaison and ensuring comprehensive evidence submission Perform technology vendor risk assessments and due diligence reviews to evaluate third-party security posture and adherence to organizational policies and regulatory standards. Support and maintain the Cybersecurity Policy and Procedure framework, ensuring alignment with industry best practices, regulatory requirements (e. g. , SOC 2, ISO 27001, NIST CSF), and organizational risk tolerance. Manage the policy exception process, reviewing, analyzing, and documenting all requests for exceptions to security policies, ensuring appropriate compensating controls and risk acceptance are in place. Develop and oversee Cyber Risk Assessments based on Pennymac's ERM framework. Stay current with emerging technology risks, regulatory changes, and industry trends related to cybersecurity. What You'll Bring Required: Deep understanding of cybersecurity risk management frameworks and standards (e. g. , NIST CSF, ISO 27001, COBIT, CIS Controls). Expertise in designing and performing IT/Cybersecurity controls testing and assurance activities, including control gap analysis and remediation planning. Strong knowledge of relevant regulations and reporting standards (e. g. , NYDFS, GLBA, NIST CSF, CRI Profile, GDPR, CCPA, SOC 2, various financial/sector-specific regulations). Proven ability to manage regulatory/client audit processes, including evidence gathering, response coordination, and interaction with external parties. Excellent analytical and critical thinking skills for evaluating complex technical controls, assessing vendor security, and determining appropriate risk mitigation strategies. Exceptional written and verbal communication skills for drafting clear policies and procedures, communicating risk to non-technical stakeholders, and articulating complex risk concepts to both technical and non-technical audiences. Experience supporting internal audits and SOX/SOC compliance initiatives. Must be highly proficient in GSuite or Microsoft Excel, Word, and PowerPoint. Excellent analytical, problem-solving, and decision-making skills. Must be a team player with strong attention to detail and able to work independently. Ability to manage multiple priorities, and meet deadlines in a fast-paced environment. Highly Desired: Experience with Governance, Risk, and Compliance (GRC) programs and methodologies. Experience using risk, issue and compliance management tools such as Jira, Confluence, AuditBoard, and ServiceNow. Financial Services and, if possible, mortgage industry experience preferred. Relevant professional certifications such as CRISC, CISM, CISSP, or CISA are highly desirable. Education & Experience: Bachelor's Degree from an accredited college or equivalent work experience. 3+ years of relevant work experience in IT Risk and Compliance and/or Audit. Why You Should Join As one of the top mortgage lenders in the country, Pennymac has helped over 4 million lifetime homeowners achieve and sustain their aspirations of home. Our vision is to be the most trusted partner for home. Together, 4,000 Pennymac team members across the country are guided by our core values: to be Accountable, Reliable and Ethical in all that we do. Pennymac is committed to conducting a business that makes positive contributions and promotes long-term sustainable growth and to fostering an equitable and inclusive environment, where all employees and customers feel valued, respected and supported. Benefits That Bring It Home: Whether you're looking for flexible benefits for today, setting up short-term goals for tomorrow, or planning for long-term success and retirement, Pennymac's benefits have you covered. Some key benefits include: Comprehensive Medical, Dental, and Vision Paid Time Off Programs including vacation, holidays, illness, and parental leave Wellness Programs, Employee Recognition Programs, and onsite gyms and cafe style dining (select locations) Retirement benefits, life insurance, 401k match, and tuition reimbursement Philanthropy Programs including matching gifts, volunteer grants, charitable grants and corporate sponsorships To learn more about our benefits visit: ********************* page. link/benefits For residents with state required benefit information, additional information can be found at: ************ pennymac. com/additional-benefits-information Compensation: Individual salary may vary based on multiple factors including specific role, geographic location / market data, and skills and experience as defined below: Lower in range - Building skills and experience in the role Mid-range - Experience and skills align with proficiency in the role Higher in range - Experience and skills add value above typical requirements of the role Some roles may be eligible for performance-based compensation and/or stock-based incentives awarded to employees based on company and individual performance. #TPO Salary $95,000 - $155,000 Work Model REMOTE

At AMEWAS, we don't just support defense- we shape it. For over 40 years, we've been a trusted partner of the Department of Defense (DoD) by providing cutting-edge engineering, testing, and evaluation for U.S. Navy weapons systems. Our people are the heart of our mission. Across our headquarters in California, Maryland, and offices in Orlando, FL, and San Diego, CA, you'll find a diverse and driven team committed to making a real impact for our Nation's Warfighters. If you're ready to grow your skills, be challenged by meaningful work, and contribute to something bigger…this is where you belong. Come do work that matters. Join AMEWAS. The Position: AMEWAS is seeking a highly motivated and talented Information Security Analyst-Journeyman to support Digital and Electro Magnetic Spectrum. The salary range of this position is $120,000.00 - $153,000.00 and is commensurate with experience. This position is not eligible for remote work; on-site support is required. About the location: Point Mugu, CA: To learn more about the Point Mugu surrounding area, please click here: ******************* A typical day as an Information Security Analyst-Journeyman may include: Plans, implements, upgrades/monitors security measures for the protection of computer networks and information Assesses system vulnerabilities for security risks and proposes/implements risk mitigation strategies Ensures appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure Responds to computer security breaches and viruses Works with ISSO and Cybersecurity Lead to respond to computer security breaches and viruses Integrates security into a continuous integration, continuous delivery and continuous deployment pipeline to minimize vulnerabilities in software code Ensures the entire DevOps team, to include developers and operations teams, share responsibility for following security best practices Enables automated security checks at each stage of software delivery by integrating security controls, tools and processes into the DevOps workflow Assists in the continuous integration, continuous delivery/deployment (CI/CD), continuous feedback and continuous operations cycle Must-haves: BS/BA Degree in a Computer or Information Science field: A relevant technical discipline may qualify OR BS Degree may be substituted with 6 years of additional relevant work experience (9 years total) OR BS Degree may be substituted with relevant AS Degree with 4 years of additional work experience (7 years total) 3 years of relevant work experience CompTIA Security+ Certification IAM Level 2 qualifications as per DoD Directive 8570.01 Experience working with Risk Management Framework (RMF) processes Strong DEVSECOPS and Linux background Excellent communication and interpersonal skills (verbal, non-verbal, written, listening) The ability to communicate with staff, customers and organizations at formal and informal levels The ability to work independently Experience with Microsoft Office suite programs (MS Word, Excel, Access and PowerPoint) The ability to write and maintain a POA&M and SSP The ability to maintain a DoD Top Secret Security Clearance-Top Secret Clearance required to start Desired Skills: Chief Information Security Officer (CCISO) Certification Cloud Security Professional (CCSP) Certification Governance, Risk and Compliance (CGRC) Certification CompTIA Cloud+ CompTIA Security+ CompTIA SecurityX (formerly CASP+) Systems Security Certified Practitioner (SSCP) Skills Crucial to Success at AMEWAS: Candidates must demonstrate a customer-focused mindset, professionalism, and discretion, while working collaboratively with management and teams to meet objectives. Candidates should be hard-working individuals with strong attention to detail and the ability to foster a positive, team-oriented culture. Physical Environment and Working Conditions: The physical environment for this position requires the employee to work in an office, sitting in a cubicle or at a desk, looking at a computer for most of the workday. Work is physically comfortable. The employee has discretion about sitting, walking, standing, etc. The employee may be required to travel short distances to offices/conference rooms and buildings on site or near the work site. On rare occasions, overnight travel may be required. Refer a friend: We're always on the lookout for top talent. If you know someone who would be a great fit for this role, please share our post with them! Here's an added perk: If you're a current AMEWAS employee and your referral is hired, you could earn a referral bonus! Our Excellent Benefits and Perks: Staying connected to our core values sets us apart from our competition! AMEWAS recognizes and rewards performance, dedication, and creativity. We are committed to investing in our employees and their future by providing them with competitive compensation, creative work teams, and the opportunity to grow in their career. We also provide a robust benefits package, including: Medical, dental, vision, 401(k), Life/AD&D/STD/LTD insurance Paid vacation, holiday and sick leave Generous tuition and training assistance program Relocation assistance Sign-on bonuses Employee longevity recognition Community involvement and outreach Team building events Recognition program Wellness program Employee Assistance Program (EAP) Mobile service discount Fitness reimbursement program AMEWAS is committed to equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, religion, color, national origin, age, sex, disability, protected veteran status, or any other basis protected by applicable federal, state, or local law. If you are interested in applying for employment and need special assistance or an accommodation to apply for a posted position, contact our Recruiting department via phone at ************ or email at *********************. AMEWAS participates in E-Verify to confirm eligibility to work in the United States. Please note: AMEWAS does not accept unsolicited resumes from third-party staffing agencies, recruiters, or headhunters. #LI-Onsite

Details: Stefanini Group is hiring! Stefanini is looking for an Information Security Analyst for San Francisco, CA/Salt Lake City, UT/Los Angeles, CA (Onsite Role). For quick Apply, please reach out to Rahul Kumar: ************/ ************************* W2 candidates only! Responsibilities: Knowledge of SPL and use of Splunk; experience with KQL(Kusto Query Language) Coding experience or knowledge, preferably in Python and/or R Knowledge of SQL and database experience Proficiency in Microsoft Office applications, especially Excel and PowerPoint Knowledge of Level 1 & 2 SOC operations Public speaking skills #LI-RK1#LI-HYBRID Details: Qualifications: Peraton high BG check or secret clearance Bachelor's degree in Cyber Security, Information Security, Computer Science, or 3+ years of experience in Information Security or Cyber Security Preference is local to SF, open to remote Splunk experience, SQL Microsoft Office Cyber kill chain/incident response SOC experience programming experience-python Listed salary ranges may vary based on experience, qualifications, and local market. Also, some positions may include bonuses or other incentives. Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied. We also speak with you about the process including interviews and job offers. About Stefanini Group: The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence. We are CMM Level 5 company.

Dynamic Solutions Technology, LLC, a premier strategic services firm that meets IT and Service needs for commercial and government clients. We are is seeking a full-time Information Security Analyst to support DoD customer. This position is to provide support in the China Lake, CA area. Responsibilities: Serves as a team member providing network monitoring and scanning functions. Provides network vulnerability scanning to ensure IAVA compliance and remediation. Provides antivirus management using antivirus tools. Provides wireless scanning using network detection software. Implements system security policies, and scans Provides Cybersecurity reporting requirements to appropriate authorities. Provides assistance for personnel / users needing information/assistance with Information Assurance (IA) related issues. Directly supports Information Assurance (IA) requirements, within the immediate area of responsibility (AOR), managing and tracking system administrator elevated level of access to network resources. Works with team members to identify IA trends and suggests long-term strategies to help mitigate IA issues. Assesses procedures and identifies opportunities to improve customer service. Champions customer service and sets and monitors parameters for customer service excellence. Qualifications Requirements: Active SECRET clearance Bachelor's Degree in Engineering, Computer Science, or Information Assurance 6 years' additional work experience may be substituted for a Bachelor's Degree Min 3 to 10 years of relevant focused experience Must meet specific certification and training requirements in accordance with DoD 8570.1-M, DoDD 8570.1 Experience and Skills: Excellent oral and written skills. Excellent critical thinking skills. Proficient in Microsoft applications such as Word, Excel, PowerPoint, and Outlook. Ability to work independently and as a team member

What We're Doing: Lockheed Martin's, Rotary & Mission Systems (LM RMS), F-35 Cyber Security invites you to step up to one of today's most daunting challenges: the protection of exquisite government capabilities leading to warfighter supremacy against our peer and near peer adversaries. As a cybersecurity professional at Lockheed Martin, you'll safeguard the sensitive information and warfighting capabilities that our citizens and the world depend upon to protect U.S. and ally interests. Here, you'll work alongside other cybersecurity experts, related departments, and military members to support their military operational objectives by providing them with a safe and secure operating environment. In this fast-paced, real-world environment, you'll draw on all your education and experience as well as the resources of Lockheed Martin to keep these exquisite capabilities protected. The Work: This Information System Security Manager (ISSM) position is responsible for the F-35 cybersecurity program at MCAS Yuma and leads the Information System Security Officer(s) (ISSO) in developing, maintaining, and overseeing the cybersecurity of assigned classified and/or unclassified F-35 systems. Typical responsibilities of the ISSM include but are not limited to: Developing and maintaining the site's F-35 cybersecurity program for assigned systems. Leading and managing assigned ISSO(s) in successful execution of the site's F-35 cybersecurity program, to include assuming responsibilities of the ISSO(s) in their absence. Ensuring all applicable cybersecurity policy, plans and procedures are followed. Ensuring required cybersecurity controls are implemented and validated, to include continuous monitoring actions for assigned systems. Developing and maintaining cybersecurity related plans, procedures and guidance. Monitoring and recognizing non-compliance, suspicious and anomalous activity (i.e., threats), and effectively reporting such activity and associated risks to the appropriate parties. Ensuring plans of actions and milestones or remediation plans are in place for vulnerabilities identified during monitoring activity, audits, inspections, etc. and implementing, or overseeing, required corrective actions. Conducting role-based cybersecurity training for assigned users. Creating, collecting and retaining data to meet reporting requirements. Monitoring and correlating data (e.g., logs, events, activity, etc.) from a variety of sources (e.g., Splunk, ELA, ePO, ESS, ACAS, etc.) to identify and mitigate threats, vulnerabilities and non-compliance. Investigating, analyzing and responding to cyber events, incidents and non-compliance, to include trend analysis, assembling detailed written reports and briefing the appropriate parties. Identifying, implementing, and enforcing overall security requirements for the proper handling and storage of Government data and electronic media. Conducting self-inspections and preparing for customer inspections. Communicating and interacting professionally during the enforcement of security policy and procedures. Assigned systems may vary in classification, capabilities, and complexity. Mission requirements may require other than first-shift work and additional responsibilities as assigned. Who we are: Lockheed Martin is a Cyber Security pioneer, partner, innovator, and builder. In support of our many customers, the amazing members of our team are responsible for providing all aspects of cybersecurity support in a complex environment. In a rapidly growing enterprise, this role offers the opportunity to grow and hone the unique skills and experiences required as a cybersecurity expert to create, design, and build solutions to some of the world's hardest engineering problems. Basic Qualifications ul> Final Transferable Secret security clearance; last Periodic Reinvestigation must be within the last five (5) years or enrollment in Continuous Vetting program. Ability to obtain and maintain Special Access Program (SAP) access. Possess a valid certification that meets or exceeds DoD 8570.01-M IAM II requirements. Meets: CASP+ CE, CGRC, CISM, CISSP (or Assc), GSLC, CCISO, HCISPP Prior experience in a cyber workforce role, as categorized by the NICE or DoD workforce frameworks. Prior experience as an ISSO, ISSM or related DoD Cyber Workforce Role on one or more F-35 information systems. Prior experience ensuring compliance with applicable laws, regulations, guidance and policies as they relate to DoD cybersecurity and SAPs (e.g., DoDI 8510.01, JSIG, DoDM 5205.07, NIST SP 800 series). Prior experience with the system authorization process, associated artifacts and their requirements (e.g., SSP, SCTM, Security CONOPs, SOPs). Lockheed Martin is an equal opportunity employer. Qualified candidates will be considered without regard to legally protected characteristics. The application window will close in 90 days; applicants are encouraged to apply within 5 - 30 days of the requisition posting date in order to receive optimal consideration. * At Lockheed Martin, we use our passion for purposeful innovation to help keep people safe and solve the world's most complex challenges. Our people are some of the greatest minds in the industry and truly make Lockheed Martin a great place to work. With our employees as our priority, we provide diverse career opportunities designed to propel, develop, and boost agility. Our flexible schedules, competitive pay, and comprehensive benefits enable our employees to live a healthy, fulfilling life at and outside of work. We place an emphasis on empowering our employees by fostering an inclusive environment built upon integrity and corporate responsibility. If this sounds like a culture you connect with, you're invited to apply for this role. Or, if you are unsure whether your experience aligns with the requirements of this position, we encourage you to search on Lockheed Martin Jobs, and apply for roles that align with your qualifications. Other Important Information By applying to this job, you are expressing interest in this position and could be considered for other career opportunities where similar skills and requirements have been identified as a match. Should this match be identified you may be contacted for this and future openings. Ability to work remotely Onsite Full-time: The work associated with this position will be performed onsite at a designated Lockheed Martin facility. Work Schedule Information Lockheed Martin supports a variety of alternate work schedules that provide additional flexibility to our employees. Schedules range from standard 40 hours over a five day work week while others may be condensed. These condensed schedules provide employees with additional time away from the office and are in addition to our Paid Time off benefits. Security Clearance Information This position requires a government security clearance, you must be a US Citizen for consideration. Pay Rate: The annual base salary range for this position in California, Massachusetts, and New York (excluding most major metropolitan areas), Colorado, Hawaii, Illinois, Maryland, Minnesota, New Jersey, Vermont, Washington or Washington DC is $113,900 - $200,905. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. (Washington state applicants only) Non-represented full-time employees: accrue at least 10 hours per month of Paid Time Off (PTO) to be used for incidental absences and other reasons; receive at least 90 hours for holidays. Represented full time employees accrue 6.67 hours of Vacation per month; accrue up to 52 hours of sick leave annually; receive at least 96 hours for holidays. PTO, Vacation, sick leave, and holiday hours are prorated based on start date during the calendar year. This position is incentive plan eligible. Pay Rate: The annual base salary range for this position in most major metropolitan areas in California, Massachusetts, and New York is $131,000 - $227,125. For states not referenced above, the salary range for this position will reflect the candidate's final work location. Please note that the salary information is a general guideline only. Lockheed Martin considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/ training, key skills as well as market and business considerations when extending an offer. Benefits offered: Medical, Dental, Vision, Life Insurance, Short-Term Disability, Long-Term Disability, 401(k) match, Flexible Spending Accounts, EAP, Education Assistance, Parental Leave, Paid time off, and Holidays. This position is incentive plan eligible.

Responsibilities Secure Division Support. The GCC provides CSSP responsibilities and conducts DODIN Operations and DCO - Internal Defensive Measures (IDM) to protect the DODIN IAW the DoDM 8530.01 and the DoD Cybersecurity Services Evaluator Scoring Metrics (ESM). These responsibilities are broken into five (5) CSSP functions; Identify, Protect, Detect, Respond, and Recover. GCC is responsible to conduct these functions for its assigned portion of the DODIN for both unclassified and classified networks/ systems. The division provides support services for the protection, monitoring, analysis, detection, and response to unauthorized activity within the DoD Information Systems and Networks. DCO-IDM services are required to defend against unauthorized activity on all Army assets residing on the NIPRNet and SIPRNet. The division provides defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. The division provides sensor management and event analysis and response for network and host-based events. For sensor management, the division provides management of in-line Network Intrusion Protection System/Network Intrusion Detection System (NIPS/NIDS) sensors monitoring all CONUS DoDIN-A NIPRNet and SIPRNet Enterprise traffic to detect sensor outages and activities that attempt to compromise the confidentiality, integrity, or availability of the network. In coordination with GCC Operations, DCO initiates defensive security procedures upon detection of these attacks. Event analysis and response includes the processes involved with reducing multiple cyber incidents to actual malicious threat determinations and mitigating those threats IAW guidance received from GCC Government leadership. Support the Government in providing services for CSSP services on both the NIPRNet and SIPRNet IAW Appendix E: Secure Division Workload Assessment in support of the CONUS portion of the DoDIN-A. Develop reports and products, both current and long-term, in support of CSSP and course of action development. Prepare Tactics, Techniques, and Procedures (TTP), SOPs, Executive Summary (EXSUMS), trip reports, and information/point papers. Contribute during the preparation of agreements, policy, and guidance documentation such as Memorandums of Understanding / Agreement (MOU/A), Service Level Agreements (SLA). • Cyber Defense Operations (CDO) Support. Provide sufficient staffing to maintain on-site capability IAW PWS paragraph 5.4: Place of Work and Work Hours to work directly with GCC Operations personnel in conducting initial triage/cyber incident analysis to include, review correlated events, system/device logs, and SIEM event data to determine and recommend/take immediate DCO-IDM response actions. Immediate response actions can include submission of a cyber-incident response ticket, making an initial determined category of cyber incident (IAW Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510), and/or notifying DCO/ARCYBER/Higher Headquarters IAW Commander's Critical Information Requirements (CCIR) reporting requirements. All other CDO operations must have an on-call capability to take actions as required to respond to cyber incidents IAW policy and/or Government direction. • Incident Analysis and Mitigation. Provide incident analysis and mitigation support by conducting incident analysis and recommending mitigation measures in response to general or specific Advanced Persistent Threats (APT), (attempted exploits/attacks, malware delivery, etc.) on Army networks. In support of incident analysis and mitigation, the Contractor shall: • Block/deny access by hostile sites or restrict access by specific ports/protocols and/or applications. • Provide recommendations to the supporting operations and maintenance organization to take necessary action where the CSSP-D Division does not administratively control the sensor grid. • Provide justification of IDMs and/or operational impact (implied or accepted risk) to a Configuration Control Board (CCB) and/or Authorizing Official (AO), as required, for mitigation action (IDM) approval. If deemed appropriate (or as requested), the internal defensive measure may involve coordination of a Network Damage Assessment (NDA), Network Assistance Visit (NAVs), or other version of the Computer Defense Assistance Program (CDAP) mission. • Monitor all sensors and agents managed by the GCC for security event analysis and response and maintain/update the triage database with current threat data and response methods in real-time with follow-up recurring within 72 hours of last response. The Contractor shall respond to a detected event and perform triage, ensure proper handling of the associated trouble ticket (TT), and process events accordance with appropriate TTPs. • Provide all initial cyber incident reports to Law Enforcement and Counterintelligence (LE/CI) agencies and: • Maintain an up-to-date POC list for LE/CI agencies as routinely provided by the Major Cybercrimes Unit (MCU) and Cyber Counterintelligence agencies. • In cases where an active investigation will be opened, LE/CI agencies will provide written request that will include the official case number, specific data logs, and other required information IAW local TTPs. • Provide support and expertise include the provision of the required data along with a summary or analysis of the data. Data and answers provided in the analysis shall pertain specifically to requirements in the LE/CI official request or within CSSP-D TTPs. • Provide all initial cyber incident investigation reports to LE/CI . • Maintain a Master Station Log (MSL) to document high visibility cyber incidents, defined as events identified in an ARCYBER Task Order, a Named Operation, or a Category 1 (CAT1), with status, discuss DCO topics, share internal tasks between shifts, document call outs, and share any additional relevant instructions between shifts and up through GCC Leadership and Operations reporting channels. The MSL must be available for Government inspection at any given time to ensure accurate tracking of the above information. Qualifications Basic Qualifications: 2 years with BS/BA; 0 years with MS/MA; 6 years with no degree Certifications: DCWF Code 422 Intermediate: TBD Secret Clearance 2-6 years of relevant experience to include all of the following: Demonstrated experience in information security or related field Demonstrated experience developing data security standards Experience in application level, database, file system and full disk encryption Peraton Overview Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure. Target Salary Range $51,000 - $82,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. EEO EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

Why PlayStation? PlayStation isn't just the Best Place to Play - it's also the Best Place to Work. Today, we're recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation 5, PlayStation 4, PlayStation VR, PlayStation Plus, acclaimed PlayStation software titles from PlayStation Studios, and more. PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Group Corporation. PlayStation is looking for an Information Security Analyst to join our team and operate the day-to-day Information Security, Risk and Compliance management processes. This is a mixture of processing requests from the business and driving internal security projects such as security audit and assessment. This role requires a sound understanding of technical and engineering terminology, outstanding ability to articulate risk across any security domains (technical and governance) with the demonstrable ability to work independently and process high volumes of security requests on a weekly basis. This role also provides ample opportunity to work across technical and game-related projects with studio and PlayStation engineering teams and therefore requires risk advisory and influencing experience. Based in San Diego, the candidate will be the key business relationship partner on behalf of Information Security and work on Information Security processes as well as strategic projects across PlayStation and the Studios group. This role will collaborate closely directly with business, technical and third party collaborators, as well as work multi-functionally with our other Information Security specialist teams across the globe to protect PlayStation's intellectual property, data and infrastructure whilst delivering new and evolving games, services and hardware to the market. This is an opportunity to provide security directly to the global PlayStation business, our PlayStation Network and global Studios and their game development. What you will be doing: Serve as a primary partner to PlayStation Studios, supporting security risk management across global game development and studio environments. Triage and manage technical and strategic security risks across studios, ensuring alignment to security strategy and policy compliance. Engage directly with technical teams and studio leadership to strengthen risk posture, manage vulnerabilities, and drive mitigation strategies. Act as a trusted advisor to studio teams, driving a culture of embedding “security by design” principles. Support the creation of risk insights, reporting, and executive briefings that inform leadership on studio security health and emerging trends. Maintain broad knowledge of emerging security trends, risks, adn technologies that are applicable to the studio business and Sony at large. Advance the Information Security program through collaborative and cross-team partnerships. Required Experience: 3+ years of experience in information security, with demonstrated expertise in risk identification and mitigation. 2+ years conducting risk assessments and providing actionable recommendations to technical and business stakeholders. 2+ years working in vulnerability management, including detection, analysis, reporting, or remediation tracking. 2+ years of hands-on experience managing or evaluating cloud environments, networks, and security infrastructure. 2+ years of experience communicating risk and security insights to leadership and cross-functional partners. Preferred Experience & Attributes: Background in the gaming or entertainment industry. Experience leading projects or programs in a security or risk management capacity. Technical and Security focused certifications a strong preference Confident communicator able to translate complex security risk concepts for both technical and non-technical audiences. Comfortable working in a dynamic, fast-paced environment balancing innovation and security priorities. Proven success working independently to establish relationships, deliver requirements, and communicate effectively. #LI-GM1 Please refer to our Candidate Privacy Notice for more information about how we process your personal information, and your data protection rights. At SIE, we consider several factors when setting each role's base pay range, including the competitive benchmarking data for the market and geographic location. Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge, skills, experience, and location. In addition, this role is eligible for SIE's top-tier benefits package that includes medical, dental, vision, matching 401(k), paid time off, wellness program and coveted employee discounts for Sony products. This role also may be eligible for a bonus package. Click here to learn more. The estimated base pay range for this role is listed below.$140,000-$210,000 USD Equal Opportunity Statement: Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category. We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond. PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.

Select Cyber, an Information Security recruitment specialty firm, seeks to fill the following role for our client: Network Security Analyst I Be part of a cutting-edge Computer Incident Response Team, (CIRT) for a fortune 500 company. We are looking for individuals that want to learn a new field and grow with the company. Training provided. The selected candidate will be a part of the Security Operations Center (SOC) and its mission to improve the information security of our customers using a Security Information and Event Management (SIEM) tool to detect and analyze IT security incidents. Responsibilities: Perform the following functions as individual assignments or as part of a team: · Monitoring client networks for signs of adversarial activity. · Respond to alerts from various monitoring systems and platforms providing indicators for enterprise defensive measures. · Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). · Triage potentially malicious events to determine severity and criticality of the event. · Follow procedures to analyze and escalate security incidents which vary from customer to customer. Experience · 1+ years technical experience in the Information Technology field. · Experience with Intrusion Detection & Prevention Systems (IDS/IPS) or Firewalls & Log Analysis a plus. · Technical degree, Associate or Bachelor's degree from an accredited institution in Computer Science or information technology field preferred. · CompTIA Network+/Security+ certifications is a plus

LinkedIn is the world's largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We're also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that's built on trust, care, inclusion, and fun - where everyone can succeed. Join us to transform the way the world works. At LinkedIn, our approach to flexible work is centered on trust and optimized for culture, connection, clarity, and the evolving needs of our business. This role may be remote or hybrid. At LinkedIn, hybrid roles are performed both from home and from a LinkedIn office on select days, as determined by the business needs of the team. Remote roles are performed from the designated home work location upon time of hire, and any changes to this home work location requires a review of remote status and approval. LinkedIn's members entrust us with their information every day and we take their security seriously. Our core value of putting our members first powers all the decisions we make, including how we manage and protect the data of our members and customers. We never stop working to ensure LinkedIn is secure. We follow industry standards and have developed our own best practices to stay ahead of the increasing number of threats facing all Internet services and infrastructure. LinkedIn is looking for an experienced Engineering Manager to lead the Detection Engineering team in the US and to be an integral part of our Information Security organization. The Detection Engineering team is responsible for developing and maintaining threat detection capabilities, security monitoring systems, and detection rules to protect our infrastructure, applications, and, most importantly, our members. This is a key role in supporting and growing our security detection and monitoring capabilities. Responsibilities: Leadership and Team Management + Lead and manage the detection engineering team, including hiring, training, and mentoring team members. + Develop and maintain detection engineering policies, procedures, infrastructure, and guidelines. + Coordinate and oversee all activities of the detection engineering team during threat detection development and implementation. Detection Development and Management + Serve as the primary point of contact for all threat detection development and enhancement initiatives. + Ensure timely development, testing, and deployment of detection rules and monitoring capabilities. + Conduct post-deployment analysis and create detailed reports on detection effectiveness with KPIs, including tuning recommendations and optimization strategies. Communication and Coordination + Communicate detection development status, updates, metrics and reporting, and capabilities to senior management, stakeholders, and security teams regularly. + Coordinate with internal and external teams, including security operations, defense infrastructure, incident response, and product engineering teams to develop and maintain effective detection capabilities. + Develop and maintain an effective detection engineering communication plan. Continuous Improvement + Continuously evaluate and improve detection engineering processes, tools, and capabilities. + Conduct and report on regular detection testing and validation exercises to test and refine detection rules and monitoring systems. + Stay current with emerging threats, attack techniques, and detection technologies to enhance the detection engineering program. Reporting and Documentation + Maintain comprehensive documentation of all detection rules, including development rationale, testing results, and performance metrics. + Prepare and present detection engineering reports and metrics to senior leadership and stakeholders. + Ensure compliance with regulatory requirements and industry standards related to threat detection and monitoring. Training and Awareness + Develop and deliver detection engineering training programs for team members and other relevant personnel. + Promote security detection awareness and best practices across the organization. + Ensure the detection engineering team is up-to-date with the latest tools, techniques, and procedures. Budget and Resource Management + Manage the detection engineering budget and allocate resources effectively. + Evaluate and recommend tools, technologies, and services to enhance the detection engineering program. + Ensure the team has the necessary resources and support to perform their duties effectively. Basic Qualifications: + Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related technical discipline, or equivalent practical experience. + 1+ year(s) of management experience or 1+ year(s) of staff level engineering experience with management training. + 7+ years of experience in cybersecurity, with a focus on detection engineering, security monitoring, threat intelligence, incident response, or related security roles. + Experience leading or managing a cybersecurity, incident response, or detection engineering team. + Experience in cybersecurity frameworks and standards (e.g., NIST, MITRE ATT&CK, OCSF). + Experience in detection engineering tools and technologies (e.g., Query Languages, CI/CD, YARA, Sigma rules, threat intelligence platforms). + Experience with threat analysis, detection rule development, automation engineering, and security monitoring optimization. + Project management experience with managing budgets and resources. Preferred Qualifications: + Master's degree in Cybersecurity, Information Assurance, or a related field. + 10+ years of experience in cybersecurity, with significant experience in detection engineering, threat intelligence, or incident response. + 3+ years of management experience in building small to medium-sized teams, demonstrating growth and a track record of successful deliveries. + Ability to work under pressure and manage multiple detection development projects simultaneously as well as managing an oncall team. + Relevant certifications (e.g., CISSP, CISM, GCIH, GCFA, SANS). + Experience in developing and delivering detection engineering training and awareness programs. + Strong proficiency in Kusto Query Language (KQL) and SQL. + Proficiency in programming or scripting languages (e.g., Python, Go, etc.) for automating detection development and testing processes. + Experience with cloud security and detection engineering in cloud environments especially Azure. + Knowledge of advanced threat detection techniques, including threat hunting and behavioral analysis as well as applied threat intelligence. + Familiarity with detection engineering frameworks and best practices (e.g., Sigma, YARA, STIX/TAXII, OCSF). + Strong communication skills, both written and verbal, with the ability to convey complex technical information to non-technical stakeholders. Suggested Skills : + Security Information and Event Management (SIEM) + Query languages (KQL, SPL, SQL, Elastic, etc.) + Detection Rule Development (YARA, Sigma) + Scripting and Automation (e.g., Python, PowerShell, SQL) + Threat Intelligence Integration + Cloud Security (e.g., Azure, GCP) You will Benefit from our Culture We strongly believe in the well-being of our employees and their families. That is why we offer generous health and wellness programs and time away for employees of all levels. LinkedIn is committed to fair and equitable compensation practices. The pay range for this role is $152,000 - $248,000. Actual compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years & depth of experience, certifications and specific office location. This may differ in other locations due to cost of labor considerations. The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For additional information, visit: ************************************** **Equal Opportunity Statement** We seek candidates with a wide range of perspectives and backgrounds and we are proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful. If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at accommodations@linkedin.com and describe the specific accommodation requested for a disability-related limitation. Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to: + Documents in alternate formats or read aloud to you + Having interviews in an accessible location + Being accompanied by a service dog + Having a sign language interpreter present for the interview A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response. LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information. **San Francisco Fair Chance Ordinance ** Pursuant to the San Francisco Fair Chance Ordinance, LinkedIn will consider for employment qualified applicants with arrest and conviction records. **Pay Transparency Policy Statement ** As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: ******************************** **Global Data Privacy Notice for Job Candidates ** Please follow this link to access the document that provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: ********************************************

Come Join Our Team! DKW Communications, Inc. (DKW) is a government contractor providing professional and technical services to various government agencies i.e. defense, law enforcement and security. We are currently looking for an Senior Information Assurance Analyst to join our winning team. The individual hired for this position will provide support for our government customers located in the Greater San Diego area. This is an onsite position. Overview The IA Analyst will support our NAVY SWMFTS contract, and be responsible for duties such as (but not limited to): Collect and maintain data needed to meet system cybersecurity reporting Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture. Participate in an information security risk assessment during the Security Assessment and Authorization process. Participate in the development or modification of the computer environment cybersecurity program plans and requirements. Recognize a possible security violation and take appropriate action to report the incident, as required Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. Provide technical documents, incident reports, and findings from computer examinations, summaries, and other situational awareness information to higher headquarters Develop and maintain RMF Assess and Authorize documentation required to achieve an Authority to Operate (ATO). Prepare and maintain information systems ATO record on the Navy's Enterprise Mission Assurance Support Service (eMASS) Run vulnerability assessment tools; ACAS vulnerability scanner, Security Content Automation Protocol (SCAP), STIG Viewe Manage system/network vulnerabilities using the Vulnerability Remediation and Assets Manager (VRAM) Qualifications/Requirements MUST have or be able to obtain an active Secret Security Clearance. Minimum of Bachelor's Degree in Computer Science, Information Systems or a relevant technical discipline. An Associate's degree + 3 years of experience may be substituted for degree requirement. 3-5 years of cyber security experience in secure network and system design, analysis, procedure/test generation, test execution and implementation of computer/network security mechanisms. Must have an IAT Level II Certification or higher. **All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.**