Post Job

Information Security Manager Jobs Near Me

- 3,069 Jobs
jobs
Let us run your job search
Sit back and relax while we apply to 100s of jobs for you - $25
  • Security Engineer II, RSCI Vector Security

    Amazon Development Center U.S., Inc. 4.7company rating

    Information Security Manager Job In Virginia

    Do you have a passion for innovation and building technologies that make large-scale clouds more reliable, efficient, and scalable? Would you like to work within the most advanced and scaled clouds that support the most critical workloads for the US Intelligence and Defense communities? Do you want to build automation that will influence the national security and defense mission agency partners of AWS? The Regions Services Corporate Infrastructure (RSCI) is looking for a Security Engineer to help validate that our services, applications, and infrastructure are designed and implemented to the highest security standards. Similarly, our highly collaborative team is committed to each team member's growth as our business grows. The Security Engineer is responsible for ensuring the appropriate operational security posture is maintained for the US ADC Remote Management and Administration (RM&A) networks. As a Security Engineer, you will be responsible for analyzing the security of infrastructure, applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services. You are expected to be strong in multiple security domains and provide significant contributions to the Engineering team and to multiple groups throughout Amazon. You are expected to closely work with service teams to develop secure solutions to complex business problems and ensure we are holding a high security bar for our customers. You are also expected to mentor more junior engineers and be a security thought leader for the organization. You must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the org's team work and constantly seek opportunities for process improvement. You should also have a deep understanding of at least one specialty for which you are a sought - out resource (both within IT Security and by groups throughout Amazon), while having an understanding of the application of Information Security in a broad range of technical areas. You will be “Customer Obsessed”, working closely with our customers to understand their pain points and find resolution quickly and completely. You will have a keen eye for potential problems and inefficiencies, and the initiative and drive to provide a complete solution to the problem. You will communicate clearly and collaborate with others to deliver results with minimal supervision. This leader must be able to dive deep into the details of business, operations, and engineering. By working together on behalf of our customers, we are building the future one innovative product, service, and idea at a time. Are you ready to embrace the challenge? Come build the future with us. This position requires that the candidate selected must currently possess and maintain an active TS/SCI security clearance with polygraph. The position further requires the candidate to opt into a commensurate clearance for each government agency for which they perform AWS work. 10012 Key job responsibilities - Operate and maintain Tenable.SC - Conduct periodic reviews of information systems to ensure compliance with the security authorization package - Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and other security stakeholders prior to implementation. - Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly - Ensure all IS security-related documentation is current and accessible to properly authorized individuals - Maintain audit records and assess records against documented control criterion. - Identify cybersecurity vulnerabilities and assist with the implementation of the countermeasures for them - Document appropriate responses to IA Controls and make recommendations for remediation and compliance of controls. - Conduct continuous monitoring activities for RM&A environments. About the team We are dedicated to supporting our new team members. Our team has a broad mix of experience levels and Amazon tenures, and we're building an environment that celebrates knowledge sharing and mentorship. Why AWS Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. Utility Computing (UC) AWS Utility Computing (UC) provides product innovations - from foundational services such as Amazon's Simple Storage Service (S3) and Amazon Elastic Compute Cloud (EC2), to consistently released new product innovations that continue to set AWS's services and features apart in the industry. As a member of the UC organization, you'll support the development and management of Compute, Database, Storage, Internet of Things (IoT), Platform, and Productivity Apps services in AWS, including support for customers who require specialized security solutions for their cloud services. Inclusive Team Culture Here at AWS, it's in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve in the cloud. Mentorship and Career Growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Diverse Experiences Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. BASIC QUALIFICATIONS- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+, or Bachelor's degree - 4+ years of experience of years of progressive security architecture experience; preferably within a Microsoft Active Directory environment - 4+ years of experience designing and implementing a secure Active Directory domain architecture - 4+ years experience working with stakeholders across many job functions - Current, active US Government Security Clearance of TS/SCI with Polygraph PREFERRED QUALIFICATIONS- Master's Degree in Engineering, Information Technology or related technical discipline - 6+ years of prior experience as Network or Systems Engineer/Administrator. - 6+ years of experience in understanding of all aspects of Systems Engineering, including design and architecture. - Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.) - Experience in securing cloud services - Experience in Identity standards and frameworks Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit ********************************************************* for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner. Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit ******************************************************** This position will remain posted until filled. Applicants should apply via our internal or external career site.
    $136k-212.8k yearly 1d ago
  • IT Manager- Compliance and Security

    Hanwha Defense USA, Inc. 4.1company rating

    Information Security Manager Job In McLean, VA

    This position will be responsible for IT security, compliance, support build out and maintenance of security and compliance program with export controls, CUI data management, CMMC 2.0 compliance, and ultimately classified systems responsibilities. Essential Duties and Responsibilities: Develop and enforce security policies, practices and procedures to meet both internal and external cybersecurity requirements, including adherence to government regulations like NIST 800-53, DFARS, ITAR, FISMA, and other relevant frameworks. Ability to identify areas where FedRAMP requirements may apply within our systems and anticipated future state. Monitor and appropriately implement compliance with industry standards (e.g., ISO 27001, NIST Cybersecurity Framework) and ensure that all systems meet necessary security certifications and requirements. Develop and communicate cyber security risk management strategies and plans to executive team, staff, partners, customers, and stakeholders. Internal information technology and troubleshooting support. Cybersecurity threat and vulnerability identification and maintenance of systems to protect against these issues. Support mapping of contract requirements, regulations, federal contract information, and CUI; define authorization boundaries and architecture; scope, plan, and implement technical solutions; create policies, procedures, and artifacts to support the Company as it operates in this regulated environment; conduct self-assessment and support relevant audits. Lead strategic cyber security risk management planning to achieve business goals by prioritizing. Promote a “culture of risk awareness” by developing and executing a communications and education plan to create awareness through workshops, presentation, and direct interaction. Develop, implement, maintain, and communicate cyber security risk management policy and related standards incorporating metrics to enable measurement of effectiveness. Develop implement, maintain, and communicate cyber security policy management policy and process and execute against it. Remain informed on trends and issues in the security, including current and emerging technologies and prices. Advise, counsel, and educate executive and management teams on their relative importance and financial impact. Performs other related duties as assigned. Qualifications Must be a team player, highly motivated, must demonstrate a high degree of confidentiality, discretion, integrity, and professionalism in all aspects of the job. Excellent interpersonal skills. Ability to present ideas in business-friendly and user-friendly language. Exceptionally self-motivated and directed. Must be hands on. Superior analytical, evaluative, and problem-solving abilities. Excellent verbal and written communication skills. Excellent interpersonal and customer service skills. Excellent organizational skills and attention to detail. Excellent time management skills with a proven ability to meet deadlines. Proficient with Microsoft Office Suite. Education/Experience University degree in the field of Cyber Security, Risk Management, Information Systems Technology. CISSP, CISM, or other relevant security certifications preferred. At least 10 years of progressive technology security and compliance experience. Special Knowledge / Skills: Knowledge of Federal Risk and Authorization Management Program (FedRAMP). Knowledge of cyber security principles, risk management and network security. Experience with government contracts and security requirements (DFARS, ITAR etc). Experience with security frameworks (e.g., NIST, ISO 27001, CIS) and best practices. Ability to work harmoniously in a multi-cultural team environment. Must have experience working with Microsoft Government Community Cloud High (GCC High) Tenant or Azure Government environments. Physical Demands / Work Environment: Normal amount of sitting or standing, average mobility to move around an office environment, able to conduct normal amount of work at a computer. Must be able to lift 20 pounds. Vision abilities required by this job include close vision and ability to adjust focus. This job position may include access to controlled information or technology covered under applicable U.S. export control laws. As such, employment for this job position maybe contingent on either verification that an applicant falls under the definition of a "U.S. Persons" (which included US citizens, US lawful permanent residents, and those granted U.S. asylum or refugee status) or on the company timely obtaining any necessary export license required under federal laws. The Company evaluates such export license situations on a case-by-case basis and may decline to procced with a job applicant in its sole discretion since export license applications can take many weeks to be processed. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. No Unauthorized Referrals from Recruiters & Vendors Please note that HDUSA does not seek or accept unsolicited resumes or offers from third party recruiters or staffing agencies associated with any published or unpublished employment opportunities. Any unsolicited information sent to HDUSA will be considered as unencumbered and free from any fee or charge whatsoever. Only members of our Human Resources Team have the authority to engage or authorize recruiting services, which must be agreed upon before the unsolicited resume or offer is received.
    $105k-142k yearly est. 14d ago
  • Information Security Manager

    Redbeard Solutions

    Remote Information Security Manager Job

    The Information Security Manager will oversee the Information Security and work with the Director of Information Security as well as the Desktop and Server teams to help protect the information assets of the Firm. They will oversee the assist with implementing and supporting information security policies, security operations, and audit/risk. The Information Security Manager is responsible for coordinating analyst deliverables and is expected to stay up-to-date with current and emerging trends to help reduce the Firm's exposure to new and existing threats. Active monitoring and rapid response to security events is critical to this role. Although not common, some of the security events may happen outside of normal work hours which will require after-hours response and support. The Information Security Manager is responsible for keeping track of current IS projects and ensuring timely completion of deliverables. They will be responsible for tracking progress of Infosec team members on identified projects and following up when necessary to ensure timely and accurate completion of projects that meet both firm and user expectations. The IS Manager will establish and maintain SLA's for team deliverables, and ensure that common tasks are formally documented. They will also assist the team in tracking progress and following up on team work. Responsibilities: PHISHING Coordinate scheduled phishing campaigns for content, delivery, follow-up, and reporting. Communicate with the helpdesk for phishing-related issues as well as respond to user inquiries. Actively take steps to reduce phishing risk. MONITORING AND ALERTING Work with outside security vendors to monitor systems events and ensure coverage. Oversee first-level response incoming events for MDR vendor and Defender. Triage alerts and follow appropriate procedures to determine severity. Maintain and ensure the confidentiality of client and firm data. Monitor and respond to tickets for Information Security Group. VULNERABILITY MANAGEMENT Coordinate the Firm's vulnerability scanning software to identify, classify, prioritize, mitigate, and remediate software vulnerabilities. Work with the infrastructure team and desktop engineering team to remediate the biggest risks. Monitor and document progress toward security goals. Track overall progress on reducing vulnerability risk. OPERATIONS Oversee security events from Microsoft Security Products. Actively work to improve security posture through vulnerability management, attack surface reduction, and environment hardening. Support compatibility with Mac laptops for normal firm tasks. Support project for remote browser capability. Work with a third party for annual penetration tests. Coordinate threat hunting and research trending CVE's. AUDIT Oversee evidence gathering for ISO audit. Manage policies and procedures to ensure accuracy and timely reviews. Supervise timely and accurate reviews of Outside Counsel Guidelines, Client Security Assessments, and responses to RFP's/RFI's. ADDITIONAL DUTIES INCLUDE Assist in preparation and tracking of client security assessments. Work with Director of Information Security on Security budget. Work with desktop and server teams for patch management. Interface with networking team as needed. Support evidence collection and preservation for ISO 27001 audit. Assist in annual testing of disaster recovery and business continuity plans. Special projects as assigned. Assume additional responsibilities as requested. This role requires 60% in office presence; remote work is permissible 40% of the time. Qualifications: Bachelor's degree in Cybersecurity or Computer Science required. Minimum of 6 years Information Security experience and prior experience managing staff is required. Previous experience working in a law firm or professional services strongly preferred. Knowledge of threat hunting tactics and incident response. Working knowledge of TTP's (Threats, Tactics, and Procedures) of Threat Actors. Demonstratable knowledge of vulnerability scanning tools (Tenable, Rapid7, or Qualys). Familiarity with popular cybersecurity tools for threat hunting and vulnerability scanning. Experience with outsourced MDR (SentinelOne, eSentire, Rapid7 IDR, Cybereason, etc). Strong knowledge of Microsoft Defender suite of products CompTIA Security+, CEH, CISA, CRISC, CISM, or preferably CISSP. Possess excellent verbal and written .communication skills with an ability to influence others. Ability to function in a fast-paced, service-oriented environment, prioritize multiple projects on a daily basis, and adjust to shifting priorities. Strong planning, project management and organizational skills. Strong sense of urgency. Facility analyzing, working with and presenting data. Ability to collaborate and gain the respect, trust, and confidence of the Firm's attorneys and professional staff. Possess a “hands-on” tactical approach. Creative and proactive approach to problem-solving. Facilitate teamwork and identify opportunities to develop new processes/infrastructure. Demonstrated ability to grasp and implement new concepts quickly. Strong analytical abilities, resourcefulness, and attention to detail. Ability to work independently and as part of a team with a proactive and positive style that fosters collaborative working relationships. Demonstrated ability to motivate and develop teams. Proven leadership and management abilities. Demonstrated experience in employee relations, performance improvement and separations. Outstanding sense of customer service, with demonstrated ability to instill this in others. Deep personal commitment to integrity, excellent judgment, and the highest standards of ethics. Must display the highest level of diplomacy, tact and discretion, with comfort in handling and maintaining confidential information. Excellent computer skills, including proficiency in using Microsoft Word, Outlook, Excel and PowerPoint. Ability to quickly get up to speed and master new applications and software is critical.
    $100k-145k yearly est. 7d ago
  • Chief Information Security Officer

    Bigrio

    Remote Information Security Manager Job

    Job Title: Chief Information Security Officer (CISO) Type: Full-Time About Us: Our Client is a leading provider specializing in laboratory testing services, dedicated to delivering accurate, timely, and high-quality diagnostic results. Their commitment to innovation and excellence is paired with a steadfast focus on patient care and confidentiality. To maintain our high standards and ensure the security of sensitive patient information, we are seeking a dynamic and experienced Chief Information Security Officer (CISO) to join our leadership team in Houston, TX. Role Overview: As the CISO, you will be responsible for establishing and maintaining the enterprise-wide information security vision, strategy, and program. You will oversee the protection of sensitive healthcare and laboratory data, ensuring compliance with all relevant regulations (e.g., HIPAA, HITECH, and GDPR). Reporting directly to the CIO (or CEO), you will collaborate with leadership, IT teams, and external stakeholders to safeguard the organization against emerging cyber threats. Key Responsibilities: Strategic Leadership: Develop and implement a comprehensive information security strategy aligned with the organization's goals. Lead the security governance program to protect sensitive patient, laboratory, and organizational data. Risk Management: Conduct regular risk assessments and vulnerability analyses of systems, networks, and applications. Develop risk mitigation strategies and ensure effective incident response plans are in place. Regulatory Compliance: Ensure compliance with healthcare-specific regulations such as HIPAA, HITECH, and CLIA. Stay updated on global and regional data protection laws and ensure compliance with applicable standards (e.g., GDPR, PCI-DSS). Technology and Operations: Oversee the implementation of advanced cybersecurity technologies, including data encryption, endpoint protection, and SIEM solutions. Evaluate and manage third-party security tools, including those supporting laboratory operations. Ensure secure integration of laboratory information management systems (LIMS) with other healthcare systems. Incident Management: Establish and lead a robust incident detection and response framework. Oversee investigations and coordinate remediation for any security breaches or incidents. Collaboration and Communication: Provide regular updates to executive leadership on the state of the organization's cybersecurity posture. Partner with IT, compliance, legal, and clinical teams to align security initiatives with operational goals. Qualifications: Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced degree (e.g., MBA, MS in Cybersecurity) is a plus. Experience: Minimum of 10 years of progressive experience in information security, with at least 5 years in a leadership role. Experience in the healthcare industry, particularly in laboratory testing, is strongly preferred. Proven track record of managing cybersecurity in highly regulated environments. Certifications: CISSP, CISM, or equivalent certifications required. CRISC, CEH, or healthcare-specific certifications (e.g., HCISPP) are a plus. Skills: In-depth knowledge of healthcare-specific regulations (e.g., HIPAA, HITECH). Expertise in cybersecurity frameworks (e.g., NIST CSF, ISO 27001). Strong leadership and communication skills, with the ability to present complex security concepts to non-technical stakeholders. Experience in securing cloud environments, mobile devices, and remote work infrastructures. Equal Opportunity Statement BigRio is an equal opportunity employer. We prohibit discrimination and harassment of any kind based on race, religion, national origin, sex, sexual orientation, gender identity, age, pregnancy, status as a qualified individual with disability, protected veteran status, or other protected characteristic as outlined by federal, state, or local laws. BigRio makes hiring decisions based solely on qualifications, merit, and business needs at the time. All qualified applicants will receive equal consideration for employment.
    $101k-153k yearly est. 7d ago
  • Cyber Security Specialist

    Vanderhouwen 3.9company rating

    Information Security Manager Job In Fort Belvoir, VA

    Status: Direct Hire Job Title: Cyber Security Specialist Salary: $140,000 - $195,000 About the company: We are a well-established employee-owned company specializing in aerospace engineering, providing comprehensive support to various branches of the military and government sectors. Founded in 1977, our team has grown to over 2,200 employee-owners. By joining us, you become an owner and stockholder, contributing to a culture that values people, quality, integrity, and profitable growth. Our services encompass engineering, programmatic, and technical support, primarily for the Department of Defense and other national security clients. Hiring and retaining top talent is key to our mission, aligning with our commitment to personal growth and continual improvement. We blend the values of a small company with the capabilities of a larger organization. Our management team is actively involved in strategic planning, ensuring diverse perspectives are integrated into our efforts to deliver advanced technology solutions, empower employees, and secure new business. Cyber Security Specialist: Our client is seeking a skilled and motivated Cyber Security Specialist to join a dynamic, mission-focused team. The successful candidate will act as a subject matter expert (SME) for the program office's cybersecurity and information assurance requirements, supporting various stages of system lifecycle development. Cyber Security Specialist Responsibilities: Evaluate and conduct top-level system architecture design, integration, testing, installation, and troubleshooting from a cybersecurity perspective. Translate military operational and mission requirements into system design concepts and performance specifications. Prepare and review cybersecurity-related test plans, procedures, and reports for technical adequacy. Integrate cybersecurity, COMSEC, and TEMPEST requirements throughout the system lifecycle. Assess system performance against cybersecurity requirements, monitor field performance, and manage risk. Support the preparation of cybersecurity acquisition documents, ensuring compliance with regulations and policies. Implement the DoD Risk Management Framework (RMF), collaborating with the ISSM to ensure successful security controls. Provide input on policy, budget, and doctrinal issues related to cybersecurity. Prepare recommended IA approval documentation and support network security architecture development. Analyze vulnerabilities, conduct risk assessments, and manage security certifications and accreditations. Manage computer incident coordination with local NECs and CERTs, ensuring timely response. Support compliance with the DoD IG Cybersecurity Self-Assessment and Federal Information Security Management Act (FISMA). Participate in organizational inspections, review corrective actions, and develop innovative cybersecurity strategies. Act as a consultant and mentor on cybersecurity matters to other team members. Cyber Security Specialist Qualifications: U.S. Citizenship is required due to the sensitivity of the position. Master's Degree in Cybersecurity and 20 years of relevant experience. Active Secret Clearance. CISSP and Sec+ Certification. Broad experience and recognition in the cybersecurity field, with the ability to work independently and lead initiatives. Strong operational cybersecurity accreditation and certification background for embedded systems accredited at Secret level and below. In-depth understanding of AR 25-2 and the DoD Risk Management Framework (RMF), with recent experience using RMF and eMASS software for system accreditation. Extensive experience in preparing IA approval documentation, network security architecture, and understanding DoD cybersecurity standards.
    $140k-195k yearly 12d ago
  • Cyber Security Specialist

    Peregrine Search Solutions

    Information Security Manager Job In Fairfax, VA

    About the Company - Our client is seeking a skilled, motivated Cybersecurity Analyst to join a dynamic mission-focused team at Fort Belvoir, VA. This position will serve as a subject matter expert for all aspects of the program office's cybersecurity and information assurance technology requirements. About the Role - Essential Job Functions: Evaluates and conducts top level system architecture design, development, integration, testing, installation, and troubleshooting efforts from a cybersecurity viewpoint to ensure integration of all required cybersecurity products and adequacy of the analyses. Translates military operational and mission requirements into practical systems concepts and design performance requirements. Prepares and reviews cybersecurity related test plans, procedures, and reports on technical adequacy on assigned programs as well as related failure reports for both Government and contractor tests as well as related failure reports. Coordinates integration of cybersecurity, COMSEC, and TEMPEST into the entire system life-cycle design, development, and deployment. Reviews and evaluates system performance against cybersecurity related requirements; monitors and assesses field performance; and assesses risk of meeting user requirements. Assists product management office with cybersecurity related acquisition documents (i.e., Cybersecurity Strategies) and statutory/regulatory/policy compliance. Implements the Defense (DOD) Risk Management Framework (RMF) and assists the Information System Security Manager (ISSM) to ensure successful implementation of associated security controls and reviews all RMF documentation packages, and system fielding, operations, or upgrade requirements. Assists with policy, programmatic, budget and doctrine issues associated with Cybersecurity within the organization. Prepares recommended IA approval and supporting documentation, understands systems engineering processes, and possesses extensive experience in Network Security Architecture. Assists on matters relating to vulnerabilities and threats to IT Systems, National Security Systems (NSS), and Automated Information Systems (AIS). Performs security, analyses and risk/vulnerability assessments. Executes daily certification and accreditation activities for a project team. Identifies issues and briefs PM on possible courses of action and their impact. Manages computer incident coordination and notification with the local Network Enterprise Centers (NEC) and servicing Computer Emergency Response Teams (CERT). Supports DoD Inspector General (IG) Cybersecurity Self-Assessment checklist compliance and Federal Information Security Management Act (FISMA). Assists with implementing audit measures to ensure compliance with regulatory requirements, participate in organizational inspections and surveys of computer systems, provide inspection results, and assess the adequacy of corrective actions taken. Participates in post awards, program and design reviews, and IPTs as the cybersecurity specialist/engineering representative on assigned programs. Serves as consultant to other team members and mentors workforce on Cybersecurity matters. Establishes new and innovative cybersecurity strategies. Qualifications - Required Skills: Due to the sensitivity of customer related requirements, U.S. Citizenship is required. MS Cybersecurity AND 20 years relevant experience. Secret clearance required. Certified Information Systems Security Professional (CISSP) Certification. Sec+ Certification. Possesses the breadth of experience and knowledge, and recognition in the cybersecurity community, to lead efforts on assigned programs and work independently with minimal oversight from the Government lead. Extensive experience in operational cybersecurity accreditation and certification of embedded systems accredited at Secret level and below. Extensive understanding of AR 25-2 and the DoD Risk Management Framework (RMF) to include current experience (less than 2 years old) in obtaining system accreditation using the DoD RMF and the Enterprise Mission Assurance Support Service (eMASS) software. Extensive experience preparing recommended IA approval and supporting documents; understands systems engineering processes; and possesses extensive experience in Network Security Architect experience. Extensive understanding of the DoD standards guiding the development of cybersecurity policy, requirements, integration, engineering, and certification and accreditation.
    $77k-108k yearly est. 3d ago
  • Analyst, IT Security Senior

    Loram Maintenance of Way 4.4company rating

    Remote Information Security Manager Job

    Job Title: IT Security Analyst Senior FLSA Status: Exempt Department: Information Technology Reports to: Manager of Information Technology Flex qualifies for the Flexible Work Policy. Employees receive 75 work days annually to work remote! The initial amount of days is prorated for the first year based on start date. JOB DESCRIPTION: This position will work with the Director of IT to monitor the network for security breaches and conduct investigations of violations. The analyst takes part in designing and implementing security protocols, applications, and processes designed to secure the company, data, and applications Loram utilizes. The role installs and maintains security software and/or systems including Access Control, segmentation, firewalls, MFA, remote access, spam, and web filters. Monitors for security-related events and ensures data is protected from unauthorized users. Produces security reports for management, security committee, and board. Assists technology services with device hardening, vulnerability remediation, and security violations. Regular testing including a review of processes and penetration testing will be used to review company compliance with the security roadmap that has been laid out. KEY DUTIES AND RESPONSIBILITIES: Analyzes security logs to identify threat events; triage and respond accordingly to security incidents following internal security protocols Configures security controls in all systems and IT infrastructure by policy, standards, and procedures Tests network security controls; coordinating remediation efforts and closure of any identified issues Acts as the first line of support for triage and remediation of support tickets related to security and tracks ongoing support issues Stays current with IT security trends and standards through local special interest group involvement and monitoring online information sources Stays current with released security features of internal IT systems and software Maintains confidentiality and integrity in dealing with sensitive information systems and processes Works with Infrastructure and Application teams to establish a Disaster Recovery solution and the testing of it Works with facilities teams to ensure that physical security systems are operational and implemented correctly ESSENTIAL JOB FUNCTIONS: Problem Solving and Decision Making Anticipate or recognize the existence of a problem Commit to a solution promptly, and develop a realistic approach for implementing Critical and Analytical Thinking Possess sufficient logic, inductive, and deductive reasoning ability to perform the job successfully Concludes from relevant and/or missing information Planning and Organizing Develop and execute security plans for all environments which include new functionality, migrations, and expansion Ability to prioritize, approach work in a methodical manner; work concurrently on several tasks, plan, and schedule tasks so that work is completed on time Communication Express relevant information appropriately to individuals or groups considering the audience and the nature of the information Create documentation of environment configuration and how each area should be supported Compliance Abide by a Code of Ethics for professional conduct. Follow governance, risk management, and compliance guidelines BEHAVIORAL COMPETENCIES: Values Based Action Oriented Creating a Service Reputation Problem Solving Technical Learning REQUIRED QUALIFICATIONS: Education: Bachelor's degree in information technology or related field Experience: 5+ years of information security experience including defining security programs within companies Experience with the translation of penetration testing and security assessments preferred Understanding of firewalls, network switches, proxies, SIEM, antivirus, and IDPS concepts Good verbal & written communication skills Able to work with very little supervision in a fast-paced environment Facilitates administrator and end-user IT security training *Or 9+years equivalent combination of education and applicable experience PREFERRED QUALIFICATIONS: Knowledge, Skills, and Abilities: Microsoft Security Certification Computer Hardware, Windows 10 OS, and other software support. Azure AD and broader Azure applications PowerShell scripting, Power Platform applications (Power Apps, Power Automate), MS Intune, SCCM WORKING CONDITIONS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of the role. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Office deskwork, requiring sitting, walking, using phone & computer May lift up to 30 lbs. occasionally Ability to travel up to 10% including international travel Rev: January 2024 Loram is an Equal Opportunity Employer and will make all employment-related decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, marital status, familial status, status with regard to public assistance, membership or activity in a local commission, protected veteran status, or any other status protected by applicable law #LI-KK1 #LI-HYBRID
    $86k-115k yearly est. 60d+ ago
  • Information Security Architect

    Technology Ventures 4.6company rating

    Information Security Manager Job In Reston, VA

    Hiring for a Senior Information Security Architect position primarily focusing on AWS. This position requires deep expertise in Information Security principles including Business Security Architecture, Threat Modelling, Data Security (data encryption, masking, tokenization, data access controls), AWS Cloud and Systems architecture. This individual must be able to architect and ensure the security and compliance of the cloud environments based on enterprise cloud security policies, standards, procedures and industry best practices and frameworks (NIST, OWASP) This is a potential contract to hire (not necessarily but need the option) after 6 months. Candidate is expected to come to Reston office once a week Self-starter and Senior Architect who can lead the AWS Security architecture program in multiple projects simultaneously by collaborating with numerous stakeholders (Product owners, Enterprise Architect) Required Skills Public Cloud: AWS Experience Deep Expertise and proven Track record in AWS Architecture and AWS Services (Compute, IAM, RDS, Resource Policies, Network, Messaging, Data Storage, CI/CD, AI/ML, ETL, Serverless, ECS/EKS). Experience with AWS security pillars, best practices and well designed architecture. Experience in AI/ML is preferable. Information Security Architecture Key experience: Application security, Threat Modelling, API Security, DevSecOps, Pipeline security, Infrastructure security, AuthN/Z, Encryption, Key Management, Data discovery and encryption, SIEM, CSPM, CWPP, Access Controls, Container Security Industry security standards and frameworks (OWASP, NIST CIS, FED Ramp, ISO, SOX etc.). Experience designing Architectures based on Security Standards and threat model the designs to identify issues and design mitigating controls. Systems Architecture Key experience: System Design, API Driven architecture, Open Standards, stateless, Resiliency, High Availability, System and SaaS Integrations. Preferred Skills AWS advanced Certification (Professional, Specialty), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) or equivalent
    $109k-154k yearly est. 2d ago
  • Cyber Security Engineer

    Richard, Wayne & Roberts 4.3company rating

    Information Security Manager Job In Arlington, VA

    A client is looking for a Cybersecurity Engineer, to sit out of their Arlington, Virginia office. The responsibilities include: Responsibilities: Develop reference architectures that can be used to solve common requirements or mitigate trends in security findings in a repeatable way following (and identifying) recommended best practices. Lead threat modeling and partner with technical delivery teams to integrate security requirements and practices into solutions. Drive security architecture reviews of platforms & applications in complex multi-tenant, multi-provider, and vendor-cloud environments. Deliver strategic roadmaps - Research and investigate new effective ways of delivering security as code, automation into the existing security architecture assessments and processes and other service delivery optimizations. Ensure assessments are known, documented, and properly performed to produce consistent, timely, high-quality deliverables. Develop and maintain technical proficiency and related certifications for core products and solution areas. Experience designing and implementing security solutions for cloud-based systems, including IAM, network security, data protection, DevSecOps and compliance preferred. Experience in a role that has designed and implemented NIST 800-53, FISMA and FedRAMP Moderate/High controls is required. Strong understanding of cloud security best practices, controls, policies, encryption, authentication, authorization, and audit capabilities. Key Qualifications include: Bachelor's degree or equivalent experience in business, computer science, or management information systems 10+ of professional experience solving business problems with technology solutions at an energy facility or related industry Preferred industry recognized experience in security (e.g., CISSP, CCSK, CISA, CISM, CEH) Minimum of 5 years of experience in IT security risk assessments and related frameworks (e.g., NIST 800 series, ISO 27000 series, IT General Controls) Knowledge of Identity and Access Management (IAM), Cryptography / Key Management, Access Controls and Security Protocols, secrets modernization, secrets management e.g., Multi-factor, SAML, OAuth, OIDC etc.
    $87k-119k yearly est. 12d ago
  • Information System Security Officer (ISSO)

    Hruckus

    Information Security Manager Job In Dahlgren, VA

    Veteran Firm Seeking a Mid-Level Information System Security Officer (ISSO) with a Top Secret Clearance w/ SCI and a CI-Polygraph eligibility for an Onsite Assignment in Dahlgren, VA My name is Stephen Hrutka. I lead a Veteran-owned consulting firm in Dahlgren, VA. Focused on strategic sourcing, supply chain management, and IT Staffing. We are looking to fill a Senior Cloud Information System Security Officer (ISSO) role for one of our newest clients, a cyber intelligence-driven firm primarily focused on assisting the Federal Civilian, DoD, and U.S. Intelligence Communities. The ideal candidate has 5+ years of experience serving as an Information Systems Security Officer (ISSO) at a cleared facility, a minimum of 7 years of experience in a computer science or Cybersecurity-related field, and has a current Top Secret Clearance w/ SCI and a CI-Polygraph eligibility. If you're interested, I'll gladly provide more details about the role and further discuss your qualifications. Thanks, Stephen M Hrutka Principal Consultant *************** Executive Summary: HRUCKUS seeks an Information System Security Officer (ISSO)-mid-Level (TS/SCI w/ CI-Polygraph Eligibility) for a role in Dahlgren, VA. Position Description: The program provides support in the areas of Cybersecurity and Management to improve the Information Assurance (IA) posture of a federal customer. The contract's support functions are IA Management, Federal Information Security Management Act (FISMA) coordination and reporting, Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support. Roles and Responsibilities: Services to support IS Security performed by the Information System Security Officer (ISSO), at a minimum, shall consist of the following activities: Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS Provide liaison support between the system owner and other IS security personnel Ensure that selected security controls are implemented and operating as intended during all phases of the IS lifecycle Ensure that system security documentation is developed, maintained, reviewed, and updated continuously Conduct required IS vulnerability scans according to risk assessment parameters. Develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities Manage the risks to ISs and other agency assets by coordinating appropriate correction or mitigation actions and oversee and track the timely completion of (POAMs) Coordinate system owner concurrence for correction or mitigation actions Monitor security controls for agency ISs to maintain security Authorized To Operate (ATO) Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase Ensure that changes to an agency IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM) Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR Provide baseline security controls to the system owner, contingent upon the IS's security categorization, type of information processed, and entity type Provide a recommendation to the Authorizing Official, in consultation with the system owner, regarding systems' impact levels and ISs' authorization boundary Ensure that new entities are created in the GRC application with the security categorization of agency ISs Initiate, coordinate, and recommend to the agency Authorizing Official all Interconnection Security Agreements (ISAs), Memorandum of Understanding (MOUs), and Memorandum of Agreement (MOAs) that permit the interconnection of an agency IS with any non-agency or joint-use IS Perform an independent review of the System Security Plan (SSP) and make approval decisions Request and negotiate the level of testing required for an IS with the Enterprise Information Security Section and the agency Authorizing Official Schedule security control assessments in coordination with the system owner. Coordinate IS security inspections, tests, and reviews with the Security and system owner. Submit the final SAA package to the agency Authorizing Official for a security ATO decision Ensure that the Security ATO Electronic Communication (EC) is serialized into Sentinel under the applicable case file number Advise the agency Authorizing Official of IS vulnerabilities and residual risks. Ensure that all POA&M actions are completed and tested Coordinate initiation of an event-driven reauthorization with the agency Authorizing Official Ensure the removal and retirement of agency ISs being decommissioned in coordination with the SO, ISSO, and ISSR Position Qualifications and Requirements: Current U.S. Government Top Secret Clearance w/ SCI and a CI-Polygraph eligibility Must be a U.S. citizen At least 5 years serving as an Information Systems Security Officer (ISSO) at a cleared facility Minimum of 7 years of work experience in a computer science or Cybersecurity related field Familiarity with the use and operation of security tools, including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications Hold at least one of the following certifications: Certified Information Systems Security Professional (CISSP) Global Information Security Professional (GISP), the CompTIA Advanced Security Practitioner (CASP,) or other certifications exemplifying skill sets such as those described in DoD Instruction 8570.1 Information Assurance Management (IAM) Level II proficiency Position Desired Requirement: A bachelor's and/or advanced degree in computer science, business management, or IT-related discipline Employee Benefits: Competitive salary for well-qualified applicants 401(k) plan Annual performance bonus Certification and advanced degree attainment bonuses Student Loan / Tuition reimbursement Health Care Insurance (medical, dental, vision) Up to four weeks of paid vacation 10 Federal Holidays and 3 Floating Holidays Team bonding events Location and Work Set-Up: 100% Onsite role in Dahlgren, VA The target annual salary is $110,000 - $125,000.
    $110k-125k yearly 12d ago
  • Information Systems Security Officer 3

    Warcollar Industries, LLC

    Information Security Manager Job In Chantilly, VA

    Job Title: Information Systems Security Officer (ISSO) 3 MUST Possess An Active TS/SCI with Full Scope Poly Position Overview: We are seeking an experienced and highly motivated Information Systems Security Officer (ISSO) 3 to join our team. In this role, you will manage the information security posture of both classified and unclassified systems, ensuring the protection of sensitive data and compliance with established security frameworks. You will work collaboratively with government stakeholders, technical teams, and subject matter experts (SMEs) to safeguard information, perform risk assessments, and lead security authorization efforts. Your expertise in security best practices, risk management, and system documentation will be pivotal in ensuring the continuous monitoring and defense of our organization's IT infrastructure. Key Responsibilities: Security Management: Oversee the entire lifecycle of information security for classified and unclassified systems, including research, testing, implementation, training, and program management to protect sensitive information from potential threats and vulnerabilities. Risk Management Framework (RMF): Apply comprehensive knowledge of RMF processes, identifying, assessing, and mitigating risks to IT systems. Lead risk analysis efforts, ensuring effective risk management strategies are implemented across the organization. Authorization and Compliance: Lead and support Authority to Operate (ATO) and Authority to Proceed (ATP) efforts. Provide independent recommendations and work directly with government leads to ensure the successful authorization of IT systems. Vulnerability and Compliance Analysis: Conduct detailed analysis of vulnerability scans, penetration tests, and other audit activities to identify potential threats. Provide actionable insights and recommendations for system improvements and risk mitigation. Documentation & Reporting: Create, review, and maintain key security documentation, including but not limited to System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), Configuration Management Plans, Contingency Plans, and Risk Assessments. Ensure compliance with security requirements and provide clear, accurate status reports to stakeholders. Agile Participation: Actively engage in Agile Planning events, contributing technical insights and providing expert security input to ensure security is integrated throughout the development lifecycle. Continuous Monitoring & Security Posture Management: Ensure the security posture of IT systems is maintained across on-prem, cloud, and hybrid environments. Lead continuous monitoring efforts to identify and resolve emerging security risks. Required Qualifications: Education & Experience: Bachelor's degree in a relevant field and 5-8 years of direct experience in information security, or 7 years of related experience with expertise in IT systems security. Security Clearance: Active TS/SCI clearance with CI Polygraph. Core Competencies: Strong understanding of the NIST Risk Management Framework (RMF), including NIST SP 800-53, SP 800-30, SP 800-60, FIPS 199, FIPS 140-2, and other federal security standards. Proven experience in developing and maintaining System Security Plans (SSPs) and other security-related documentation. Experience with vulnerability management tools such as Tenable Nessus, Security Center, or similar platforms. In-depth knowledge of cloud computing technologies and services, including AWS, Microsoft Azure, and VMware. Expertise in analyzing test results (vulnerability scans, audits, penetration tests) and determining associated risk levels. Proficiency with Microsoft Office 365 Suite (Word, PowerPoint, Excel, SharePoint). Soft Skills: Strong communication skills, with the ability to articulate complex security concepts and status updates to non-technical stakeholders. Self-starter with the ability to work independently and within a team, building strong relationships across various divisions. Comfort with briefing security issues and presenting security posture to government customers. Desired Qualifications: Familiarity with Scaled Agile Framework (SAFe), Agile development practices, and DevSecOps methodologies. Experience with security management in virtualized environments, including VDI and VMware. Familiarity with security tools such as Jira, Jira Align, or ServiceNow. Cybersecurity program experience within federal government agencies. Relevant certifications such as CISSP, CCSP, AWS Certified Security Specialty, Microsoft Azure Security Engineer, CISA, CAP, or SAFe 6.
    $73k-100k yearly est. 15d ago
  • Information System Security Officer

    Apex Systems 4.6company rating

    Information Security Manager Job In Arlington, VA

    We are seeking a dedicated and experienced Information System Security Officer (ISSO) to join our team at our headquarters in Herndon. The ideal candidate will have 3-5 years of experience in information security, particularly within the Department of Defense (DoD) environment. Key Responsibilities: Oversee and manage the Authorization to Operate (ATO) process. Ensure compliance with NIST 800-53 and 800-171 standards. Review and secure systems to meet compliance requirements. Build and configure machines to specified requirements. Implement and maintain Security Technical Implementation Guides (STIGs). Maintain and update security documentation and policies. Collaborate with Information System Security Managers (ISSM) and other stakeholders to ensure security measures are in place. Qualifications: 3-5 years of experience as an ISSO or ISSM. Familiarity with the ATO process. Proficiency in Windows technology. Experience in building and configuring machines to specifications. Strong understanding of NIST 800-53 and 800-171 standards. Experience with implementing and maintaining STIGs. Excellent communication and collaboration skills. EEO Employer Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at ******************************** or ************.
    $74k-99k yearly est. 3d ago
  • Information System Security Officer [Job ID: 81334]

    Logix

    Information Security Manager Job In Arlington, VA

    MUST HAVE an active TS/SCI clearance Job Summary: Seeking a highly skilled, Senior Information Systems Security Operator (ISSO) to join our team. Job Description & Requirements: The ideal candidates will be responsible for ensuring the security and integrity of our information systems by implementing and maintaining robust security measures. This includes developing and enforcing security policies, conducting regular security audits, and staying up to date with the latest cybersecurity threats and trends.
    $74k-100k yearly est. 12d ago
  • Senior Information Security Engineer - Incident Response

    Linkedin 4.8company rating

    Remote Information Security Manager Job

    LinkedIn is the world's largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We're also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that's built on trust, care, inclusion, and fun - where everyone can succeed. Join us to transform the way the world works. At LinkedIn, we trust each other to do our best work where it works best for us and our teams. This role offers a hybrid work option, meaning you can both work from home and commute to a LinkedIn office, depending on what's best for you and when it is important for your team to be together. This role will be based in our Mountain View, CA campus. About the team LinkedIn's members entrust us with their information every day and we take their security seriously. Our core value of putting our members first powers all the decisions we make, including how we manage and protect the data of our members and customers. We never stop working to ensure LinkedIn is secure. We follow industry standards and have developed our own best practices to stay ahead of the increasing number of threats facing all Internet services and infrastructure. LinkedIn is looking for an experienced Senior Incident Response Engineer to be an integral part of our Information Security organization. The Incident Response team is responsible for protecting our infrastructure, applications, and, most importantly, our members. This role will be responsible for playing a key role in our security monitoring and incident response team. The role is a Senior position, coming in with years of real world experience in responding and leading incident investigations, developing playbooks, and continually striving to improve processes and response times. Additionally as a Senior, a successful candidate will help lead the continued improvements, mentor more junior team members, while acting as a lead during large scale incidents. Responsibilities: · Independently triage security alerts and incident reports. · Investigate incidents using available resources, forensic and threat hunting skills. · Drive small to medium scale incidents with multiple team members and partner teams to closure. · Conduct host, network, and log analysis in support of incident response investigations · Enhance our in-house incident response platforms and build new capabilities. · Participate in oncall activities. · Work with partner teams including: PR, HR, Legal, Compliance, Investigations, Microsoft CDOC, Engineering, EPE. · Work in a team environment to drive large scale incidents to closure and full remediation. · Contribute to improving processes, procedures and technologies used by the team. · Provide feedback to detection engineering team about accuracy and quality of detections · Provide proactive and accurate data to all stakeholders for internal communication · Help uplift entire team by providing demonstration of new processes or training on systems · Support mentoring and technical development of incident response engineers Basic Qualifications: · BA/BS degree in Information Security, CyberSecurity, Computer Science, or other related technical disciplines, or equivalent practical experience · 4+ years experience in Information Security, with 3+ years experience in Incident Response as part of that experience. · Incident response experience should include: · Experience with triaging security alerts. · Experience with incident lifecycle and incident handling. · Experience with log analysis · Experience with SIEM solutions · Experience with Windows and Unix operating systems logs. · Experience with Web Server logs. · Experience with EDR solutions · Experience with system level analysis - windows, linux, and mac. · Experience with 1 or more of these areas: · System Forensics · Network Forensics · Cloud Forensics · SOAR/Security Orchestration · Threat Intelligence Preferred Qualifications: · Master's degree in Information Security, CyberSecurity, Computer Science, or other related technical disciplines. · Developer experience, the ability to understand source code and develop scripts. · Practical threat hunting experience with open source tool chain · Scripting knowledge to automate repetitive, time consuming and error prone activities using a general purpose scripting language (ex: Python) · Prior experience with malware analysis Suggested Skilles: · Incident Response · Information Security · Incident response investigations · Threat Hunting LinkedIn is committed to fair and equitable compensation practices. The pay range for this role is $121,000-198,000. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location. This may be different in other locations due to differences in the cost of labor. The total compensation package for this position may also include annual performance bonus, stock, benefits and/or other applicable incentive compensation plans. For more information, visit ************************************** Equal Opportunity Statement LinkedIn is committed to diversity in its workforce and is proud to be an equal opportunity employer. LinkedIn considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. LinkedIn is an Affirmative Action and Equal Opportunity Employer as described in our equal opportunity statement here: *********************************************************************************************************** Please reference ******************************************************************************************** and ************************************************************************************************ for more information. LinkedIn is committed to offering an inclusive and accessible experience for all job seekers, including individuals with disabilities. Our goal is to foster an inclusive and accessible workplace where everyone has the opportunity to be successful. If you need a reasonable accommodation to search for a job opening, apply for a position, or participate in the interview process, connect with us at accommodations@linkedin.com and describe the specific accommodation requested for a disability-related limitation. Reasonable accommodations are modifications or adjustments to the application or hiring process that would enable you to fully participate in that process. Examples of reasonable accommodations include but are not limited to: -Documents in alternate formats or read aloud to you -Having interviews in an accessible location -Being accompanied by a service dog -Having a sign language interpreter present for the interview A request for an accommodation will be responded to within three business days. However, non-disability related requests, such as following up on an application, will not receive a response. LinkedIn will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by LinkedIn, or (c) consistent with LinkedIn's legal duty to furnish information. Pay Transparency Policy Statement As a federal contractor, LinkedIn follows the Pay Transparency and non-discrimination provisions described at this link: ******************************** Global Data Privacy Notice for Job Candidates This document provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: ***************************************
    $121k-198k yearly 28d ago
  • Senior Cloud Security Engineer

    Glocomms 4.3company rating

    Information Security Manager Job In Tysons Corner, VA

    We are partnered with a top smart-home security technology company to bring on a highly skilled Senior Security Engineer with a specialty in AWS. This role is headquartered in the *DMV area; the ideal candidate will play a crucial role in shaping the security strategy for their cloud-based services and ensure their systems meet industry-leading standards. Role Responsibilities Develop, implement, and manage security protocols to protect cloud infrastructure, applications, and data. Lead efforts in continuous security monitoring, threat detection, and incident response, ensuring prompt mitigation of security risks. Ensure adherence to relevant security standards (e.g., ISO, NIST) and maintain compliance with industry regulations and company policies. Perform regular security risk assessments, identify vulnerabilities, and apply effective countermeasures. Work closely with cross-functional teams, including software development, IT, and product management, to integrate security best practices at all stages of the development lifecycle. Develop automated processes for security audits, vulnerability scanning, and continuous security validation. Maintain comprehensive documentation of security processes, policies, and incidents. Prepare reports and present findings to management and other stakeholders. Stay updated on the latest security technologies, emerging threats, and trends in cloud security. Propose and implement solutions to enhance the company's security posture. Qualifications Bachelor's or Master's degree in Computer Science, Information Security, or related field. A minimum of 5-7 years of experience in cloud security engineering or related roles. Deep understanding of AWS cloud platform. Strong background in cloud-native security services and solutions. Hands-on experience with security frameworks like Zero Trust Architecture and Identity Access Management (IAM). Proficiency in scripting and automation tools (e.g., Python, Terraform). Experience with container security (e.g., Docker, Kubernetes). Relevant security certifications such as CISSP, CISM, AWS Certified Security - Specialty, or equivalent. If you or someone you know are interested in the opportunity, please apply in directly! *This is a hybrid opportunity of Tysons, VA
    $108k-148k yearly est. 7d ago
  • Security Project Manager (Remote - CST/EST time zone)

    Insight Global

    Remote Information Security Manager Job

    Role Overview: As a Security Project Manager, you will play a critical role in managing and executing cybersecurity initiatives. Your primary responsibility will be to oversee security programs, collaborate with cross-functional teams, and drive security-related projects to successful completion. Qualifications: 7+ years of experience in project management. Experience managing projects in the security, cybersecurity, security operations space. Ability to roll up sleeves and drive change/results. Key areas: Identity Access Management (IAM) Cloud Security Application Security Network Security Experience working in a Palo Alto environment Comfortable working w/ Execs and CSuite on a daily basis Able to understand risk based approach
    $72k-105k yearly est. 12d ago
  • Sr. Cyber Security Engineer

    Tekstream Solutions 4.5company rating

    Information Security Manager Job In Newport News, VA

    unlimited vacation + competitive benefits (4% 401k match immediately vested) Must have an active Secret (or higher) clearance with Sec+ and CISSP certifications Duties & Responsibilities: Deploy and configure security tools, technologies, and solutions to protect against cyber threats. Conduct regular vulnerability assessments to identify and address potential security weaknesses and coordinate remediation efforts in a timely manner Investigate and analyze security incidents, providing timely and accurate reports to management. Stay up-to-date of the latest cybersecurity trends, threats, and vulnerabilities to adjust security measures accordingly. Implement and manage SIEM/MDR systems for real-time monitoring of network activities and respond to potential security incidents including conducting thorough investigations to determine the root cause. Configure and maintain security settings for operating systems, applications, and network devices. Participate in the development and delivery of security awareness programs and training for employees Maintain accurate and up-to-date documentation of security processes, procedures, and incident response activities. Audit, router, switch, firewall configurations, change control, and monitoring. Create workstation and server baseline configuration. Required qualifications: 10+ years of experience in related field. Security+, CISSP Certifications required. Support activities of the information Systems Security Manager (ISSM) in developing in and enforcing security policies and procedures to ensure compliance with industry standards and regulations. Collaborate with IT teams to ensure the effective deployment and maintenance of security technologies. Collaborate with external partners and internal teams to conduct periodic audits, pen test and tabletop exercises Ensure network security best practices are implemented through. Required Education: Master's Degree or higher in Computer Science, Information Systems, Business or similar.
    $79k-109k yearly est. 10d ago
  • Product Security Architect

    Globallogic 4.4company rating

    Remote Information Security Manager Job

    Bachelor's or master's degree in computer science, Information Security, or a related field. • Professional cer.fica.ons in informa.on security (e.g., CISSP, CISM) are highly desirable. • Extensive experience in product security, particularly in the design and implementation of security solutions for medical devices or related healthcare technology. Deep understanding of healthcare regulations and standards affec.ng medical device security. • Proficiency in security architectures, encryption technologies, identity and access and network security etc. Experience with risk management methodologies and security assessment tools. • Strong analy.cal and problem-solving skills. Product security processes, tools and techniques especially implementation aspects • Excellent communication and interpersonal skills, with the ability to explain complex security concepts to non-technical stakeholders. Preferred qualifications Knowledge in reference architecture and design patterns as applicable to medical technologies and products. Working knowledge in Software engineering and programming languages (Java, Python, C/C++/C# etc.). Implementation and adoption of security frameworks such as SABSA /TOGAF frameworks. Emerging medical technologies (AI, Blockchain, MIoT, RPA, etc.) and their security threats/risks. Job Responsibilities The Product Security Solutions Architect will be responsible for leading the design and implementation of security measures for medical device software, hardware, digital solutions and/or combination products. This role involves working closely with R&D, product management, regulatory, quality and compliance teams to ensure that all products meet the highest standards of security and privacy in line with regulatory and customer requirements. This person possesses a blend of business and technical know-how to mature product security architecture, software and solutions engineering function; Able to handle ambiguity and complexity of customer products including intended use, interoperability, product architectures and industry best practices. What We Offer Exciting Projects:Come take your place at the forefront of digital transformation! With clients across all industries and sectors, we offer an opportunity to work on market-defining products using the latest technologies. Collaborative Environment: You can expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment - or even abroad in one of our global centers or client facilities! Work-Life Balance:GlobalLogic prioritizes work-life balance, which is why we offer flexible work schedules and opportunities to work from home. Professional Development:We provide continuing education classes, professional certification and training (technical, soft skills, language, and communication skills) to help you realize your professional goals. Being part of a global organization, there are additional learning opportunities through international knowledge exchanges. Excellent Benefits:We provide our employees with competitive salaries, health and life insurance, short-term and long-term disability insurance, a matched contribution 401K plan, flexible spending accounts, and PTO and holidays GlobalLogic estimates the starting pay range for this role to be performed in Lake Forest CA is 180K-185K, and reflects base salary only. This pay range is provided as a good faith estimate and the amount offered may be higher or lower. GlobalLogic takes many factors into consideration in making an offer, including candidate qualifications, work experience, operational needs, travel and onsite requirements, internal peer equity, prevailing wage, responsibilities, and other market and business considerations. About GlobalLogic GlobalLogic is a leader in digital engineering. We help brands across the globe design and build innovative products, platforms, and digital experiences for the modern world. By integrating experience design, complex engineering, and data expertise-we help our clients imagine what's possible, and accelerate their transition into tomorrow's digital businesses. Headquartered in Silicon Valley, GlobalLogic operates design studios and engineering centers around the world, extending our deep expertise to customers in the automotive, communications, financial services, healthcare and life sciences, manufacturing, media and entertainment, semiconductor, and technology industries. GlobalLogic is a Hitachi Group Company operating under Hitachi, Ltd. (TSE: 6501) which contributes to a sustainable society with a higher quality of life by driving innovation through data and technology as the Social Innovation Business.
    $95k-112k yearly est. 12d ago
  • Security Engineer

    Coalfire Federal 4.0company rating

    Information Security Manager Job In Herndon, VA

    About Coalfire Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies. Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients' toughest security challenges. But that's not who we are - that's just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. We're currently seeking a Security Engineer/Security Advisor to join our team in Herndon, VA (Hybrid; 1 Day On Site) This is a full time employment position - Open to local candidates in the DMV areas. Position Summary The position will provide one or more persons as requested to act as an IT Project Security Advisor for IT Projects undergoing the TRB process. The IT Security Advisor is responsible for working with project teams to advise them on IT security requirements, architectures, and practices, assess project security risks, consult on risk mitigation strategies, and make recommendations to management regarding approval of the project. What you'll do Advise and assist project teams with selecting, planning, and architecting IT systems and technologies to meet client IT security requirements. Educate project stakeholders about Smithsonian IT Security policies and standards that apply to their project. Assist project stakeholders with identifying relevant solutions that have already received IT security approval for use through out the client site. Identify, assess, and propose mitigation strategies for information security risks associated with proposed and in-progress IT projects. Review proposed system architectures and make recommendations to enhance security and promote integration with organization's standards. Support and promote Technical Review Board processes, Advise and assist project teams with developing required IT security-related documentation needed for project approval. Work with project teams and the Office of Contracts to ensure that appropriate requirements are included in any contracts associated with the IT projects. Collaborate with management and TRB colleagues to develop appropriate procedures, templates, checklists, standards, and educational materials to facilitate the review and support of IT projects. Provide training and presentations to educate client organization's personnel about IT Security services and requirements for IT projects. Assist PCI Working Group with assessing projects and advising project stakeholders on Payment Card Industry (PCI) compliance. Attain advanced working knowledge of the organization's mission/business needs and IT-related policies/standards and apply these to the tasks described above. Collaborate and communicate effectively with project teams, IT personnel, TRB members, and other customers and stakeholders. Develop effective working relationships with colleagues and project stakeholders. What you'll bring Education Completed Bachelor's degree from an accredited university, preferably in an IT related field. Clearance / Suitability Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered. Certifications Industry recognized Cybersecurity/IT Security Certification (i.e., Sec+, CISA, CISSP, CAP) Years of Experience Overall 7+ years of information security and compliance experience relative to the position qualifications. Why you'll want to join us Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve. Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you'll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You'll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. You'll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options. Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
    $90k-125k yearly est. 17d ago
  • Application Security Engineer

    Us Tech Solutions 4.4company rating

    Information Security Manager Job In Arlington, VA

    · Collaborate with a team of engineers to implement *** specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications. · Work with Development, DevOps and Security teams to identify and develop automated security and compliance capabilities in support of DevOps processes. · Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc. · With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines. · Support security standards, create templates and patterns to increase the efficiency and adoption of security program. Responsibilities: · Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc. · With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines. · Support security standards, create templates and patterns to increase the efficiency and adoption of security program. Experience: · Bachelor's degree with minimum 8 years of work experience in the IT field · 3+ years software development experience using Java, JavaScript · 3+ years of experience in the following: · OWASP Secure Coding Practices · Common software and web application security vulnerabilities · Application security scanning tools · Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g., Jenkins) · Experience in Python scripting Skills: Even Better If You Have · A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field · Business acumen to support the implementation of SAST or DAST or IAST across the enterprise · Ability to perform code reviews with minimal assistance · A self-starter, with a strong desire for learning new technologies and applying them to solve problems · Experience with two or more of the application build environments like Jenkins, Gradle, Maven. · Familiarity with public cloud services a plus · Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype · Experience with Threat Analysis. · Experience with DevSecOps, Secure SDLC. · DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus · Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus Education: · Bachelor's Degree Required About US Tech Solutions: US Tech Solutions is a global staff augmentation firm providing a wide range of talent on-demand and total workforce solutions. To know more about US Tech Solutions, please visit ************************ US Tech Solutions is an Equal Opportunity Employer.All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Recruiter Details: Name: Aaditya Email: ****************************** Internal Id: 24-26931
    $84k-119k yearly est. 15d ago

Learn More About Information Security Manager Jobs

Browse computer and mathematical jobs