Information systems security manager full time jobs

The Opportunity: Warnings about cyber threats are everywhere, and the constantly evolving nature of these threats can make understanding them seem overwhelming to government agencies and military organizations. In all of this “cyber noise,” how can these organizations understand their risks and how to mitigate them? The answer is you. Build your knowledge as an information security risk specialist who knows how to break down complex threats into manageable plans of action. As an Information Systems Security Manager (ISSM) on our team, you'll work with DoD organizations to discover their cyber risks, understand applicable policies, and develop a mitigation plan. You'll get technical, environmental, and personnel details from on-site team members to assess the entire threat landscape. Then, you'll help your team guide your client through a plan of action with presentations, white papers, and milestones. You'll work on translating security concepts for your client so they can make the best decisions to secure their mission-critical systems. This is your opportunity to take an active role in information security while growing your skills in cloud technology, cybersecurity and risk management, AI and ML, data science and management, and virtualization. Join us as we protect America's warfighting systems! Join us. The world can't wait. You Have: 7+ years of experience implementing NIST Risk Management Framework (RMF) 3+ years of experience providing leadership as ISSM Experience supporting JSIG in classified environments Experience writing and reviewing RMF artifacts for ATO accreditation packages Experience in analyzing compliance and vulnerability scan results and implementing appropriate mitigations Experience performing audit log reviews to detect anomalous behavior in information systems and networks, and overseeing continuous monitoring activities Experience interfacing with internal and external SMEs such as PMs, SCAs, and AOs Top Secret clearance HS diploma or GED DoD 8570.01-m IAM Level II Certification Nice If You Have: Experience using compliance and vulnerability assessment tools, including ACAS, Tenable, Nessus, SCAP, or HBSS Experience with eMASS Experience in Special Access IT Knowledge of cloud technologies, such as AWS or Azure Bachelor's degree in Cybersecurity DoD 8570.01-m IAM Level III Certification Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $99,000.00 to $225,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Job Title: Journeyman Information Systems Security Manager (ISSM) Job Description: Sumaria Systems is seeking an Information System Security Manager (ISSM) to ensure system and application deliverables meet all required cyber security policies and regulations for the Technical Advisory and Assistance Services (TAAS) program at Hanscom AFB. This is a full-time position. Responsibilities Support system/application Assessment and Authorization (A&A) efforts, to include assessing and guiding the quality and completeness of A&A activities, tasks, and resulting artifacts mandated by governing National, DoD, and Department of the Air Force policies (i.e., RMF). Recommend policies and procedures to ensure the reliability of and accessibility to information systems and to prevent and defend against unauthorized access to systems, networks, and data. Conduct risk and vulnerability assessments and inspections of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Evaluate threats and vulnerabilities to information systems to ascertain the need for additional safeguards. Evaluate system sources of changes such as Deficiency Reports (DRs), Problem Reports (PRs), Change Requests/Proposals (CRs/CPs), and AF Form 1067s; provide inputs to the root cause analysis reporting and the formulation of recommended solution from alternatives; determine the security impacts of proposed or actual changes to the system, environment, threats, and vulnerabilities; and if any, document in written reports the changes/revisions to the system s RMF artifacts. Review and provide inputs to modification packages, program/system documents and support agreements updates, and communications and network infrastructure upgrades to ensure proper cybersecurity configuration modification management; implementation of technical, managerial, operational requirements; and support requirements (e.g. planning, testing, test infrastructure, documentation, training, etc.) are identified. Review system test plans and test results and if necessary, observe system testing for security control implementation in accordance with cybersecurity policies, guidance, and plan. Perform security impact analysis on any system change and appropriately prepare letters of assurance, security impact letters, and risk assessment letters to include exceptions, deviations, or waivers to cybersecurity requirements when applicable. Continuously monitor intelligence and open-source information for vulnerabilities affecting systems, assess risk, and provide POA&M recommendations. Promote awareness of security issues among management and ensuring sound security principles are reflected in organizations visions and goals. Conduct systems security monitoring, evaluations, audits, and reviews. Recommend systems security contingency plans and disaster recovery procedures. Recommend and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures. Participate in network and systems (to include cryptographic) design to ensure implementation of appropriate systems security policies. Facilitate the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes. Assess security events to determine impact and implementing corrective actions. Ensure the rigorous application of cybersecurity and cryptographic policies, principles, and practices throughout the system development lifecycle. Author, monitor, and record system information in applicable databases. Prepare and record system, security status, and portfolio management information into the Air Force Information Technology Investment Portfolio Suite (referred to as ITIPS) for FISMA; Security, Interoperability, Supportability, Sustainability, Usability (SISSU); Clinger Cohen Act; and other statutory compliance. Author, review, certify, and/or maintain security management plans and RMF package artifacts including but not limited to: RMF Implementation Plans, System Security Management Plans, Information Support Plans, Program Protection Plans (PPPs), Security Risk Analyses, Security Vulnerability and Countermeasure Analyses, Vulnerability Management Plans, Common Control Packages, Security Concepts of Operations, OPSEC Plans, Authority-to-Connect guest system packages, and other system/network security related documents. Support and assist external teams in the evaluation of systems Cybersecurity posture to include teams performing non-regular cyber tests, war-games, cyber penetration tests, and cyber studies conducted by the NSA, DISA, Air Force Audit Agency, or other organizations. Support the development, coordination, and implementation of cybersecurity-related special projects and taskers, e.g., Defensive Cyber Operations (DCO), Higher Headquarter requests, Notice to Airmen (NOTAMs), Technical Change Orders (TCOs), System Program Office (SPO), 16th AF, USSTRATCOM, USCYBERCOM, SAF/A6, SpOC/S6, AFGSC/A6, 460 Space Wing, and AFNWC/NC efforts. Qualifications Education: Bachelor s degree in a related field. Must hold one of the following certifications: CISSP, CISM, GSLC, or CCISO. Experience with the certification and accreditation process. Significant experience in vulnerability scanning and analysis, including the use of automated tools and vulnerability management systems. Knowledge of intrusion prevention and network access control tools/systems. Understanding of system audit principles and security risk assessment. Strong understanding of security policy advocated by the U.S. Government including the Department of Defense and appropriate civil agencies, e.g., NIST. Able to perform work that involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. Knowledge of cryptography and cryptographic key management concepts. General experience includes development of both common user and special purpose command and control/information systems with increasing responsibilities in the scope and magnitude of the systems for which solutions have been implemented. Must have a solid understanding of network infrastructure and mission assurance. Familiar with Federal government and DOD standards for IA/security including DIACAP, FISMA, NIST, and OMB. Must have solid communications skills and be capable of working with all levels of an organization. Must be a US Citizen and hold a current Top Secret clearance. Travel: Minor Security Clearance Required: Top Secret with SCI Years of Experience: 3+ years experience in Cyber Security or information assurance. Position Type: Full Time Work Location: Hanscom AFB, Massachusetts Top salaries paid for qualified candidates. Agency submissions are not being accepted at this time. For more information on Sumaria Systems, please visit our website at **************** Sumaria is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or protected veteran status. Sumaria is a Full Lifecycle Engineering, Technical Services and Professional Solutions company in support of the Warfighter, supporting modernization, high end services and next generation capabilities in contested domains. Sumaria has been a trusted partner to U. S. Department of Defense for more than 40 years, providing Lifecycle Systems Engineering, Advisory & Analysis/SETA, C5ISR and Enterprise Information Technology solutions. With expertise to lead, insight to deliver and commitment to succeed; we staff each mission with a carefully selected team of seasoned professionals. We're Headquartered in Peabody, MA, and have regional offices across the nation. Sumaria Systems only provides engineering services to the federal government and does not provide professional engineering or surveying services to the public within the meaning of Ohio Revised Code Section 4733.16.

Company: HII's Mission Technologies division Required Travel: 0 - 10% Employment Type: Full Time/Salaried/Exempt Anticipated Salary Range: $72,181.00 - $100,000.00 Security Clearance: TS/SCI Level of Experience: Mid This opportunity resides with Warfare Systems (WS), a business group within HII's Mission Technologies division. Warfare Systems comprises cyber and mission IT; electronic warfare; and C5ISR systems. HII works within our nation's intelligence and cyber operations communities to defend our interests in cyberspace and anticipate emerging threats. Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware development uniquely enable us to support sensitive missions for the U.S. military and federal agency partners. Meet HII's Mission Technologies Division Our team of more than 7,000 professionals worldwide delivers all-domain expertise and advanced technologies in service of mission partners across the globe. Mission Technologies is leading the next evolution of national defense - the data evolution - by accelerating a breadth of national security solutions for government and commercial customers. Our capabilities range from C5ISR, AI and Big Data, cyber operations and synthetic training environments to fleet sustainment, environmental remediation and the largest family of unmanned underwater vehicles in every class. Find the role that's right for you. Apply today. We look forward to meeting you. To learn more about Mission Technologies, click here for a short video: *************************** Job Description As the Information Systems Security Officer (ISSO) the individual works closely with the Information Systems Security Manager (ISSM) proposing, coordinating, implementing and enforcing information system security policies, standards and methodologies. Implementing operating systems and network devices security configuration in accordance with approved Security Technical Implementation Guides (STIGs). Collaborate with team members to define and implement cybersecurity requirements for managed systems and software. Conduct security assessments of Risk Management Framework (RMF) controls implemented for assigned systems. Identify corrective actions and mitigation strategies to achieve and sustain RMF compliance. Job Duties Include: Performing vulnerability assessments using the Assured Compliance Assessment Solution (ACAS), Security Technical Implementation Guide (STIG), and the Security Content Automation Protocol (SCAP). Performing security control continuous monitoring, security audits, risk analysis and developing mitigation strategies for DoD information systems. Essential Job Responsibilities Assist with all activities associated with the assessment and authorization (A&A) of all hosted computing environments. Perform cybersecurity site audits to verify architecture analysis, cybersecurity requirements and controls, verify mitigation actions, witness cybersecurity testing and evaluation and to assist the ISSM with the final approval for Authority to Operate (ATO) and/or Authority to Connect (ATC). Interface with end users to discuss IT, data management and collaboration tools understanding and benefits. Ensures software, hardware and firmware complies with appropriate security configuration guidelines. Coordinates changes or modifications with the ISSM and SCAR/SCA. Initiates protective or corrective measures, in coordination with the ISSM. Reports security incidents or vulnerabilities to the ISSM. Minimum Qualifications * 2 years relevant experience with Bachelors in related field; 0 years experience with Masters in related field; or High School Diploma or equivalent and 6 years relevant experience. * Experience planning and implementing network layouts of varying classifications in SCIF/SAPF spaces. * Ability to coordinate and plan IT requirements across several Enterprise, MAJCOM, and agency partners. * Familiarity with ICD/ICS 705 Standards as they pertain to networks. * DoD 8570 (Sec+ or applicable) IAT level II cert required * Active TS/SCI clearance with ability to gain SAP/SAR Preferred Requirements Experience working as a COMSEC responsible Officer or familiarity handling and safeguarding COMSEC Physical Requirements May require working in an office or laboratory environment. Capable of climbing ladders and tolerating confined spaces and extreme temperature variances. The listed salary range for this role is intended as a good faith estimate based on the role's location, expectations, and responsibilities. When extending an offer, HII's Mission Technologies division takes a variety of factors into consideration which include, but are not limited to, the role's function and a candidate's education or training, work experience, and key skills. Together we are working to ensure a future where everyone can be free and thrive. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law. Do You Need Assistance? If you need a reasonable accommodation for any part of the employment process, please send an e-mail to ************************** and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this email address. Additionally, you may also call ************** for assistance. Press #3 for HII Mission Technologies.

Rea is a growing Top 100 business advisory & accounting firm providing our clients services in tax, accounting, and business consulting. We have a ‘People First' culture and we focus on our employees' well-being and professional development. With over 400 professionals and locations throughout Ohio, our firm has a culture that respects a work-life balance for our team. We also provide competitive compensation and a robust benefits plan. The Information Security Manager is responsible for overseeing and improving the firm's information security program to protect systems, data, and infrastructure. This role focuses on managing security risk, compliance, incident response, and continuous improvement of security posture. The Information Security Manager collaborates cross-functionally with IT and other business and practice areas to implement effective security controls and foster a culture of security awareness. Responsibilities Develop, implement, and maintain the firm's information security program and initiatives roadmap Develop, implement, maintain, and monitor security policies, procedures, and standards in alignment with industry best practices and regulatory requirements Conduct regular risk assessments, vulnerability scans, and security reviews to identify and mitigate potential threats and vulnerabilities Identify, build, and implement data protection processes and technologies Work with the firm's third-party service providers to help manage firm information security risk Coordinate the firm's incident response efforts, including investigation, documentation, communication, and post-incident analysis Evaluate and recommend security tools and technologies to enhance protection and visibility Manage the third-party risk program, including vendor security assessments and reviews Maintain compliance with applicable laws, regulations, and contractual obligations by leading audits, gap analyses, and remediation efforts Lead security awareness training initiatives and phishing simulations to educate employees and promote secure behavior Collaborate with IT teams to ensure secure configuration and management of systems, networks, and cloud environments Track, report, and present security metrics to leadership and stakeholders Serve as the internal subject matter expert on cybersecurity, privacy, and data protection Other duties as assigned Knowledge, Skills, and Abilities Expert-level understanding of information security risks and controls, including the zero-trust model Advanced knowledge of information security audit and assessment methodologies and best practices Expert-level knowledge of information security frameworks, risk management, and incident response Strong experience with security tools and platforms (e.g., vulnerability scanners, firewalls, endpoint protection) Strong understanding of security principles in cloud (e.g., Azure, AWS), on-prem, and hybrid environments Thorough understanding of compliance programs (e.g., SOC 2, HIPAA) Ability to stay current with emerging technologies and architectures Solid understanding of IT enterprise architecture in a security context Highly self-motivated Exceptional written, oral, interpersonal, and presentational skills Strong analytical and trouble-shooting abilities Keen attention to detail Ability to effectively prioritize and participate in simultaneous projects of moderate to high complexity Knowledge of analysis, requirements gathering, and industry best practices and tools Ability to effectively communicate between business and IT stakeholders Ability to use discretion and handle confidential information Requirements Post-secondary education in the field of computer science, information systems, networking, information security, or related discipline 5+ years of full-time work experience in cybersecurity, information security, or information technology preferred Preferred: CISSP, CISM, CISA, Security+ certification Benefits Rea offers a wide variety of benefits to help support our employees' health, wellness and financial goals. Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Holidays) Four (4) weeks PTO Twelve (12) paid holidays, of which three (3) are floating holidays Family Leave (Maternity, Paternity) Short Term & Long Term Disability Training & Development Wellness Resources Rea does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies without pre-approval from Rea's Talent team. Pre-approval is required before any external candidate can be submitted. Rea will not be responsible for fees related to unsolicited resumes and for candidates who are sent directly to our hiring managers.

Responsibilities & Qualifications RESPONSIBILITIES Serve as a cybersecurity SME, providing support for ESS and EKC system assessments. Fully versed in the general tenets of the DoD's authorization process, including relevant cybersecurity policies, procedures, and processes. Support the DoD cybersecurity process by serving as a SME for ESS and/or EKC systems undergoing authorization. Design, develop, and implement cybersecurity measures into systems, delivering comprehensive cybersecurity assessment documentation. Understand and apply security controls identified in NIST 800-53 to the process of assessing and authorizing DLA ESS and EKC systems. Determine the severity value of identified vulnerabilities and assess their potential impact on the system's current or future authorization status. Perform key functions related to security control selection, implementation, and documentation. Collaborate closely with the Information Systems Security Manager (ISSM) on complex system details. Monitor and control communications at key internal boundaries among subsystems and provide system-wide common controls that meet or exceed the requirements of constituent subsystems. Lead the development, integration, and testing processes to deliver and deploy production-ready systems that meet business requirements and project schedules. Work closely with product management to translate business requirements into technical solutions, architecture design, level of effort, and project schedule. Design architecture and establish best practices to produce efficient and effective system operations while minimizing refactoring and rework. Provide support for the Security Technical Implementation Guides (STIGs) process and develop and submit cybersecurity documentation as required. Ensure the implementation of DoD STIG compliance for ESS/EKC systems/applications and maintain compliance with required DoD STIGs. Support reviews associated with STIGs, cyber assessments, and continuous monitoring activities. REQUIRED QUALIFICATIONS Experience: Five (5) years of relevant C&A experience MF and NIST C&A experience DOD cybersecurity experience Certifications: (One of the following) CGRC/CAP CASP+ CCSP SSCP Security+ GSEC CISM CISSO FITSP-M GCIA GCSA GCIH GSLC GICSP CISSP-ISSMP CISSP Clearance: Must possess a Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). Overview We are seeking a Senior System Security / Cybersecurity Analyst to join our team supporting DLA Integrated Electronic Security Systems (IESS) and Electronic Key Control (EKC). TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles - the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at ***************** Apply now to explore jobs with us! The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation. By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration. Additional Job Information WORK ENVIRONMENT AND PHYSICAL DEMANDS The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Location: Columbus, OH Type of environment: On Site Noise level: Medium Work schedule: Schedule is day shift Monday - Friday. May be requested to work evenings and weekends to meet program and contract needs. Amount of Travel: Less than 10% PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus. WORK AUTHORIZATION/SECURITY CLEARANCE U.S. Citizen Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). OTHER INFORMATION Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment. EQUAL EMPLOYMENT OPPORTUNITY In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information, or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment. TekSynap is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please contact *************** for assistance.

Responsibilities & Qualifications RESPONSIBILITIES Serve as a cybersecurity SME, providing support for ESS and EKC system assessments. Fully versed in the general tenets of the DoD's authorization process, including relevant cybersecurity policies, procedures, and processes. Support the DoD cybersecurity process by serving as a SME for ESS and/or EKC systems undergoing authorization. Design, develop, and implement cybersecurity measures into systems, delivering comprehensive cybersecurity assessment documentation. Understand and apply security controls identified in NIST 800-53 to the process of assessing and authorizing DLA ESS and EKC systems. Determine the severity value of identified vulnerabilities and assess their potential impact on the system's current or future authorization status. Perform key functions related to security control selection, implementation, and documentation. Collaborate closely with the Information Systems Security Manager (ISSM) on complex system details. Monitor and control communications at key internal boundaries among subsystems and provide system-wide common controls that meet or exceed the requirements of constituent subsystems. Lead the development, integration, and testing processes to deliver and deploy production-ready systems that meet business requirements and project schedules. Work closely with product management to translate business requirements into technical solutions, architecture design, level of effort, and project schedule. Design architecture and establish best practices to produce efficient and effective system operations while minimizing refactoring and rework. Provide support for the Security Technical Implementation Guides (STIGs) process and develop and submit cybersecurity documentation as required. Ensure the implementation of DoD STIG compliance for ESS/EKC systems/applications and maintain compliance with required DoD STIGs. Support reviews associated with STIGs, cyber assessments, and continuous monitoring activities. REQUIRED QUALIFICATIONS Experience: Five (5) years of relevant C&A experience MF and NIST C&A experience DOD cybersecurity experience Certifications: (One of the following) CGRC/CAP CASP+ CCSP SSCP Security+ GSEC CISM CISSO FITSP-M GCIA GCSA GCIH GSLC GICSP CISSP-ISSMP CISSP Clearance: Must possess a Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). Overview We are seeking a Senior System Security / Cybersecurity Analyst to join our team supporting DLA Integrated Electronic Security Systems (IESS) and Electronic Key Control (EKC). TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles - the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at ***************** Apply now to explore jobs with us! The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation. By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration. Additional Job Information WORK ENVIRONMENT AND PHYSICAL DEMANDS The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Location: Columbus, OH Type of environment: On Site Noise level: Medium Work schedule: Schedule is day shift Monday - Friday. May be requested to work evenings and weekends to meet program and contract needs. Amount of Travel: Less than 10% PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to use hands to handle, feel, touch; reach with hands and arms; talk and hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus. WORK AUTHORIZATION/SECURITY CLEARANCE U.S. Citizen Secret security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). OTHER INFORMATION Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment. EQUAL EMPLOYMENT OPPORTUNITY In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information, or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment. TekSynap is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please contact *************** for assistance.

Information Technology Manager 1 - Security & Compliance Manager- 20078290 (250008DD) Organization: CommerceAgency Contact Name and Information: ************************ or **************Unposting Date: OngoingPrimary Location: United States of America-OHIO-Franklin County-Columbus Compensation: Pay range 16, step 1 $47.50/hr.Schedule: Full-time Work Hours: 8:00 am - 5:00 pm (Hours subject to change) Classified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: Information TechnologyTechnical Skills: Risk Management, CybersecurityProfessional Skills: Analyzation, Collaboration, Consultation, InnovationPrimary Technology: Security Monitoring Agency Overview This is a re-post. If you applied to posting 250006TA, you do not need to re-apply to be considered. The Mission of the Ohio Department of Commerce is promoting prosperity by protecting what matters most. The Division of Administration provides overall leadership and administrative support for all Divisions. The Division includes the Office of Director, Communications, Fiscal, Human Resources, IT, Legal and Legislative Affairs. As the state's chief regulator, the Department of Commerce impacts Ohioans every day. We are motivated by our mission to promote prosperity for businesses and licensees by protecting what matters most to the residents of our state. We ensure compliance through proactive outreach, education, and customer-focused service.Commerce is comprised of eight operating divisions and one standalone program that span a variety of industries including real estate, liquor, banking, securities, firefighting, construction and skilled trades, and cannabis. Through exceptional compliance practices and oversight, Commerce has a direct role in protecting Ohioans.Our Guiding PrinciplesMaking an IMPACT for the customer:InclusiveMotivatedProactiveAccountableCustomer-FocusedTeamwork Job DescriptionThe IT Security Manager will serve in a management role with technical capabilities and strategic planning oversight; responsible for overseeing and managing security programs, projects, personnel, logical/technical administration, and security acquisitions. Our preferred candidate possesses the ability and experience to focus on reducing security risks throughout the infrastructure to an acceptable level, in alignment with the organizations business needs and requirements. They will be capable of identifying, establishing, and adhering to tactical plans for achieving set goals within a dynamic fast-paced environment. Duties include but are not limited to: Lead the team responsible for security assessments, developing risk-based solutions and controls frameworks. Serve as the subject matter expert for control validation in the Security team. Create/Update/Maintain IT Security Guidelines and Standards. Develop System Policies and establish system standards. Communicate security controls and remediate any concerns. Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations. Conduct, document, and report on internal and third-party risk program. Collaborate with the DAS OISP team to ensure successful delivery of security & business objectives. Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements. Be a highly analytical and effective communicator capable of influencing other teams and departments. Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.Qualifications8 1/2 years (102 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting; 18 months exp. in performing project management functions as defined in series purpose. -Or completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; additional 6 1/2 years (78 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting.; 18 mos. exp. in performing project management functions as defined in series purpose. -Or 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. Or in offices of statewide information technology policy & planning, positions require completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; 3 yrs. exp. in utilizing word processing software; 3 yrs. exp. in utilizing internet browser(s) for research; 54 mos. exp. which included following: knowledge of information technology architecture components, developing information technology strategic plans, preparing & making presentations/public speaking, writing information technology related policy & procedures, preparing & monitoring budget, providing cost & resources estimates, & contract management; 2 yrs. exp. in utilizing e-mail system; 18 mos. exp. in project management or lead role on information technology project;12 mos. exp. in utilizing spreadsheet software; 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. -Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skills: Information TechnologySupplemental InformationApplications must clearly indicate how the applicant meets the minimum qualification for the position. If you meet minimum qualification due to educational achievement, please submit a copy of your unofficial transcript(s) with your application. All answers to the supplemental questions must be supported by information provided in the work experience &/or education sections on your civil service application. Please do not use “see resume” as a substitution for the completed application; assumptions will not be made. Application Status: You can check the status of your application online by signing into your profile. Careers to which you've applied will be listed. The application status is shown to the right of the position title and application submission details. The final candidate selected for this position will be required to undergo a criminal background check as well as other investigative reviews. Criminal convictions do not necessarily preclude an applicant from consideration for a position, unless restricted under state or federal law or federal restrictions. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration.All final applicants tentatively selected for this position will be required to submit to urinalysis to test for illegal drug use prior to appointments. Testing will also be performed for the presence of marijuana. An applicant with a positive test shall not be offered employment unless the applicant submits medical documentation of legally prescribed medications or a recommendation for medical marijuana. Also, an applicant with a positive test will not be considered for any position with the State of Ohio for a period of one year.ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.

Cintas is currently looking for an Information Security Analyst-Level 1-GRC to join our IT Risk GRC team within the IT Security GRC (Governance, Risk, Compliance) organization. The Information Security Analyst-Level 1-GRC will work under general supervision to support Cintas IT Governance, Risk, and Compliance (GRC) operations performing activities across IT risk domains with an emphasis on third-party vendor, information security, data privacy, and data processing risks. Responsibilities include performance of third-party vendor reviews, execution, monitoring, reporting, and retention of evidential documentation for IT control activities supporting policies and regulatory compliance (SOX, PCI DSS, and NIST CSF frameworks). **This position is required to be on-site at the Cintas corporate headquarters in Mason, OH.** **Skills/Qualifications** Required: + High school diploma or GED, required; bachelor's degree in computer science or information technology, preferred + A minimum of 2 years of experience in Information Technology, Information Security, or IT Governance, Risk and Compliance Preferred: + Familiarity with SOX, NIST, or other cybersecurity and compliance frameworks Benefits Cintas offers comprehensive and competitive medical, dental and vision benefits, with premiums below the national average. We offer flexibility with four different medical plan options; one plan is offered at zero cost. Additionally, our employee-partners enjoy: - Competitive Pay - 401(k) with Company Match/Profit Sharing/Employee Stock Ownership Plan (ESOP) - Disability, Life and AD&D Insurance, 100% Company Paid - Paid Time Off and Holidays - Skills Development, Training and Career Advancement Opportunities Company Information Cintas Corporation helps more than one million businesses of all types and sizes get Ready to open their doors with confidence every day by providing products and services that help keep their customers' facilities and employees clean, safe, and looking their best. With offerings including uniforms, mats, mops, towels, restroom supplies, workplace water services, first aid and safety products, eye-wash stations, safety training, fire extinguishers, sprinkler systems and alarm service, Cintas helps customers get Ready for the Workday . Headquartered in the U.S., Cincinnati, OH, Cintas is a publicly held Fortune 500 company traded over the Nasdaq Global Select Market under the symbol CTAS and is a component of both the Standard & Poor's 500 Index and Nasdaq-100 Index. Cintas Corporation is proud to be an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, age, genetic information, disability, protected veteran status, or any other characteristic or category protected by local, state, or federal law. This job posting will remain open for at least five (5) days. **Job Category:** Information Technology **Organization:** Corporate **Employee Status:** Regular **Schedule:** Full Time **Shift:** 1st Shift

":"As an Information Security Compliance Analyst, you will learn about the regulatory, contractual, and legislative requirements that affect technology used by our Company . You will be responsible for coordinating with internal and external parties to complete a variety of cyber security assessments, help raise security awareness of associates, provide guidance on industry standard cyber security requirements, and track on-going activities that help meet our security and compliance goals. If you thrive on solving complex problems, embrace continuous learning, and approach challenges with curiosity and critical thinking, apply today! #LI-DNI","job_category":"Information Technology","job_state":"OH","job_title":"Information Security Compliance Analyst","date":"2025-12-04","zip":"45430","position_type":"Full-Time","salary_max":"0","salary_min":"0","requirements":"Strong critical thinking skills required~^~Basic computer skills required~^~Strong written and verbal communication~^~Strong ability to drive task and organizing\/maintaining records~^~Ability to think creatively and strategically~^~Passion for learning new and emerging technology~^~Technology education or certifications, experience with enterprise IT environments, experience working with security regulatory requirements, and knowledge of security frameworks such as NIST CFS, NIST 800-53, ISO, PCI-DSS a plus","training":"","benefits":"Our associates receive medical, dental, vision, and life insurance. We also offer company contributions to your HSA, 6% match on 401(k), and a work\/life balance with paid time off. At our Dayton office, you can take advantage of our great training programs and facility amenities, including an onsite dining facility offering complimentary breakfast and lunch, a fitness center, and an onsite medical center. We also offer a wide variety of sports and social leagues to participate in after work, along with volunteering initiatives through our Associate Foundation. Reynolds and Reynolds promotes a healthy lifestyle by providing a non-smoking environment. Reynolds and Reynolds is an equal opportunity employer. ","

Information Technology Manager 1 - Security & Compliance Manager- 20078290 (250008DD) Organization: CommerceAgency Contact Name and Information: ************************ or **************Unposting Date: OngoingPrimary Location: United States of America-OHIO-Franklin County-Columbus Compensation: Pay range 16, step 1 $47.50/hr.Schedule: Full-time Work Hours: 8:00 am - 5:00 pm (Hours subject to change) Classified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: Information TechnologyTechnical Skills: Risk Management, CybersecurityProfessional Skills: Analyzation, Collaboration, Consultation, InnovationPrimary Technology: Security Monitoring Agency Overview This is a re-post. If you applied to posting 250006TA, you do not need to re-apply to be considered. The Mission of the Ohio Department of Commerce is promoting prosperity by protecting what matters most. The Division of Administration provides overall leadership and administrative support for all Divisions. The Division includes the Office of Director, Communications, Fiscal, Human Resources, IT, Legal and Legislative Affairs. As the state's chief regulator, the Department of Commerce impacts Ohioans every day. We are motivated by our mission to promote prosperity for businesses and licensees by protecting what matters most to the residents of our state. We ensure compliance through proactive outreach, education, and customer-focused service.Commerce is comprised of eight operating divisions and one standalone program that span a variety of industries including real estate, liquor, banking, securities, firefighting, construction and skilled trades, and cannabis. Through exceptional compliance practices and oversight, Commerce has a direct role in protecting Ohioans.Our Guiding PrinciplesMaking an IMPACT for the customer:InclusiveMotivatedProactiveAccountableCustomer-FocusedTeamwork Job DescriptionThe IT Security Manager will serve in a management role with technical capabilities and strategic planning oversight; responsible for overseeing and managing security programs, projects, personnel, logical/technical administration, and security acquisitions. Our preferred candidate possesses the ability and experience to focus on reducing security risks throughout the infrastructure to an acceptable level, in alignment with the organizations business needs and requirements. They will be capable of identifying, establishing, and adhering to tactical plans for achieving set goals within a dynamic fast-paced environment. Duties include but are not limited to: Lead the team responsible for security assessments, developing risk-based solutions and controls frameworks. Serve as the subject matter expert for control validation in the Security team. Create/Update/Maintain IT Security Guidelines and Standards. Develop System Policies and establish system standards. Communicate security controls and remediate any concerns. Collaborate with various departments to safeguard our adherence to policies and other undertakings that influence the security, confidentiality, integrity, and accessibility of our application, infrastructure, and business operations. Conduct, document, and report on internal and third-party risk program. Collaborate with the DAS OISP team to ensure successful delivery of security & business objectives. Lead the coordination of data gathering needed for internal and external audits, regulatory requirements, and other compliance and risk management needs requirements. Be a highly analytical and effective communicator capable of influencing other teams and departments. Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.Qualifications8 1/2 years (102 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting; 18 months exp. in performing project management functions as defined in series purpose. -Or completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; additional 6 1/2 years (78 mos.) exp. commensurate with job duties to be performed & knowledges & skills required as outlined in approved position description on file for position to be filled as advertised in job posting.; 18 mos. exp. in performing project management functions as defined in series purpose. -Or 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. Or in offices of statewide information technology policy & planning, positions require completion of undergraduate core coursework in computer science, or completion of undergraduate core coursework in any academic major which included at least one course in each of the following: advanced-level computer programming language (for example, COBOL, Delphi, Java, Powerbuilder, Visual Basic, Pl 1, SAS PCS, Pacbase, Full Visual Suite, Designer 2000, Developer 2000, C, C++, Visual C, ECL, or Visual Studio), logic-based mathematics, data base concepts (for example, Oracle, Microsoft Access, Paradox, Sybase, IMS DB, DB2, Cache, DMS, or RDMS), computer systems analysis & design, & basic data processing concepts; 3 yrs. exp. in utilizing word processing software; 3 yrs. exp. in utilizing internet browser(s) for research; 54 mos. exp. which included following: knowledge of information technology architecture components, developing information technology strategic plans, preparing & making presentations/public speaking, writing information technology related policy & procedures, preparing & monitoring budget, providing cost & resources estimates, & contract management; 2 yrs. exp. in utilizing e-mail system; 18 mos. exp. in project management or lead role on information technology project;12 mos. exp. in utilizing spreadsheet software; 12 mos. exp. as Information Technology Supervisor 3, 64119, or equivalent. -Or equivalent of Minimum Class Qualifications For Employment noted above. Job Skills: Information TechnologySupplemental InformationApplications must clearly indicate how the applicant meets the minimum qualification for the position. If you meet minimum qualification due to educational achievement, please submit a copy of your unofficial transcript(s) with your application. All answers to the supplemental questions must be supported by information provided in the work experience &/or education sections on your civil service application. Please do not use “see resume” as a substitution for the completed application; assumptions will not be made. Application Status: You can check the status of your application online by signing into your profile. Careers to which you've applied will be listed. The application status is shown to the right of the position title and application submission details. The final candidate selected for this position will be required to undergo a criminal background check as well as other investigative reviews. Criminal convictions do not necessarily preclude an applicant from consideration for a position, unless restricted under state or federal law or federal restrictions. An individual assessment of an applicant's prior criminal convictions will be made before excluding an applicant from consideration.All final applicants tentatively selected for this position will be required to submit to urinalysis to test for illegal drug use prior to appointments. Testing will also be performed for the presence of marijuana. An applicant with a positive test shall not be offered employment unless the applicant submits medical documentation of legally prescribed medications or a recommendation for medical marijuana. Also, an applicant with a positive test will not be considered for any position with the State of Ohio for a period of one year.ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Mainframe Security EngineerRemote - United StatesJR012476 **Requirements:** + U.S. Citizenship is required. + Must pass a Federal Background Check. **Key Responsibilities:** + Administer security for RACF, ACF2, and Top Secret logon IDs, datasets, and resource rules. + Provision user access in response to ServiceNow tickets within defined SLAs. + Monitor system security policies and investigate violations/incidents. + Perform and review daily, weekly, and monthly audit reports. + Liaise with business units and technical support teams. + Prepare ad hoc reports and deliver presentations for customer support. + Ensure adherence to security standards across the environment. + Provide 24×7 on-call support as required. + Utilize Vanguard and/or IBM zSecure security products. + iSeries security knowledge is a plus. + Manage and lead large projects or tasks as needed. + Project management skills are highly desired. **Technical Skills:** + Proficient in TSO, JCL, IBM Utilities, JES2, and ISPF. + Experience with REXX or other programming languages is desired. + CICS security administration experience preferred. + Experience with Vanguard and/or IBM zSecure security products is desired. + Familiarity with IAM (Identity Access Management), MFA (Multi-Factor Authentication), and PAM (Privileged Access Management) is desired. + Strong PC skills, including Microsoft Outlook, Word, Excel, and PowerPoint. **General Knowledge:** + z/OS experience is highly desired. + Knowledge of other mainframe security products is a plus. **Personal Skills:** + Strong written and verbal communication skills. + Excellent organizational skills with the ability to manage multiple concurrent projects and work as part of a global team. + Ability to work independently and take initiative. + Strong analytical and problem-solving skills. + Effective team player who can work independently in a fast-paced environment. + Self-starter, detail-oriented, and able to multitask. **Education & Certifications:** + Bachelor's or Master's degree preferred. + CISSP, CISA, CISM, or ITIL certification is a plus. **Why Ensono?** Ensono is a place to make better happen - for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices. Some of our benefits include: + Unlimited Paid Days Off + Three health plan options through Blue Cross Blue Shield + 401k with company match + Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts + Paid Maternity Leave, Paternity Leave, and Sabbatical Leave + Education Reimbursement, Student Loan Assistance or 529 College Funding + Enhanced fertility coverage + Wellness program + Depending on location, ability to take Flexible work schedule + Advantage of fitness centers As of the date of this posting, a good faith estimate of the current pay scale for this role is **$90,000 to $135,000** annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program. Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP's pay transparency policy can be found on OFCCP's website (*********************************************************************************************** . If you need accommodation at any point during the application or interview process, please let your recruiter know or email ****************************** . JR012476

JobID: 210686104 JobSchedule: Full time JobShift: : Take on a crucial role where you'll be a key part of a high-performing team delivering secure software solutions. As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity & Technology Controls, you will be an integral part of a team focused on creating software solutions that adhere to functional and user specifications while implementing safeguards against misuse, circumvention, and malicious activities. In your role as a core technical contributor, you will be tasked with delivering essential technology solutions using tamper-proof and audit-defensible methods across diverse technical domains within various business functions. Job responsibilities * Ability to design, architect, and implement applications on public cloud platforms, specifically AWS. * Design, build, and maintain scalable and secure AWS infrastructure using best practices. * Design, develop, and troubleshoot innovative software solutions by thinking beyond conventional approaches to solve complex technical problems. * Proficiency in using Terraform for automating infrastructure deployment and management, ensuring scalable and reliable cloud environment. * Architect and implement solutions leveraging AWS services such as EC2, ECS, Lambda, Load Balancers, API Gateway, S3, EBS, SQS, SNS, and other storage and messaging services. * Proactively anticipate, diagnose, and resolve technical challenges to keep systems running smoothly * Leverage AWS services for scalable deployments * Develop automation scripts and tools using Python to streamline operations and improve efficiency. * Monitor, troubleshoot, and optimize AWS networking components, ensuring high availability and performance. * Provide technical guidance and mentorship to junior engineers. Required qualifications, capabilities, and skills * Formal training or certification on security engineering concepts and 5+ years applied experience. * Proficient in using CI/CD tools like Jenkins or Spinnaker, and version control tools such as GitHub or Bitbucket with a focus on continuous integration and continuous deployment (CI/CD) pipelines * Hands-on experience with AWS services including IAM, Lambda, KMS (Data Security), S3, and Kinesis. * Experience in debugging, maintaining, monitoring, and providing production support in large environments using tools like Splunk, Datadog, and CloudWatch. * Experience with container orchestration and deployment in AWS Cloud. * Strong Python development skills * Strong AWS and DevOps experience * Solid understanding of networking concepts and architecture on AWS. Preferred qualifications, capabilities, and skills * AWS certifications is highly desirable(e.g., Solutions Architect, DevOps Engineer) #CTC

Job Description Job Title: Security Engineer - Cloud & Endpoint Security Pay Rate: $50/hr - $85/hr Duration: 2/10/2025 - 12/31/2025 (Temp-to-Hire) Contract Type: W2 (must be authorized to work in the US; no sponsorships or C2C) Job Overview Our Cloud and Endpoint Security team is looking for a Security Engineer to drive the deployment and management of an allowlisting/reverse proxy solution (Airlock). This engineer will collaborate with cross-functional teams to ensure integration with existing infrastructure, refine security policies, and contribute to the enhancement of the organization's cybersecurity posture. The role involves hands-on configuration, monitoring, and ongoing maintenance of security solutions, while remaining adaptable to changing threats and technologies. Key Responsibilities Allowlisting & Reverse Proxy Deployment: Lead the deployment and configuration of Airlock, ensuring seamless integration with current systems and networks. Policy Development: Define and implement allowlisting policies to enhance application security, access control, and threat detection. Incident Response Collaboration: Work closely with the incident response team to optimize alerting and logging capabilities, ensuring swift detection and remediation of potential security incidents. Security Strategy & Best Practices: Assist in shaping the broader cybersecurity strategy, aligning it with business objectives and recognized frameworks (e.g., NIST, MITRE, ISO 27001). Automation & Reporting: Identify opportunities to automate configurations, streamline reporting processes, and enhance visibility into system performance. Monitoring & Analysis: Track solution performance and review security logs for emerging threats or anomalies; implement proactive measures where necessary. Research & Continuous Improvement: Stay informed about the latest cybersecurity threats and trends, applying relevant findings to enhance Airlock's configurations. Documentation & Maintenance: Support the development of incident response plans, secure access protocols, and maintain thorough documentation of all configurations and processes. Qualifications Minimum Requirements Bachelor's Degree in a related field or equivalent work experience. 3+ years of experience in cybersecurity, IT, or related roles. 1+ years of hands-on experience deploying or managing application allowlisting or reverse proxy solutions. 1+ years of experience with security frameworks (e.g., NIST, MITRE, ISO 27001). Proficiency with Windows and Linux environments, including command-line configurations. Preferred Skills Experience using Airlock or similar allowlisting tools. Familiarity with scripting/automation (Python, PowerShell, Bash) for configuration and reporting. Industry certifications (e.g., Sec+, CCSP, GIAC). Strong analytical and problem-solving abilities, especially in process development and root cause analysis. Additional Information Temp-to-Hire: This is a W2 contract position with potential to convert to a full-time role, contingent on performance and business needs. Work Arrangements: Local candidates are preferred; remote candidates will be considered if necessary. Team Environment: The Cloud & Endpoint Security team collaborates with multiple departments, playing a crucial part in establishing security best practices and ensuring incident response readiness.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* **Job Function:** R&D Product Development **Job Sub** **Function:** R&D Software/Systems Engineering **Job Category:** Scientific/Technology **All Job Posting Locations:** Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America **:** **About Surgery** Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech . **We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH.** **Job Description:** The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment **You will be responsible for:** + Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. + Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. + Advise embedded system security software to ensure system hardening and secure coding practices. + Support all stakeholders on patch management, vulnerability handling, and SBOM scanning + Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) **Qualifications / Requirements:** **Education:** + Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree **Experience and Skills** + 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices + 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment + Proven experience with threat modeling and risk assessments for connected products or medical devices + Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams + Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. + Proven experience with electrical and embedded software design + Experience developing software for embedded Real-Time Operating Systems (RTOS) + Experience developing embedded software systems using Modern C++ (preferably standards 17+) + A results and performance driven demeanor with strong sense of accountability + Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles **Preferred Skills & Experience:** + Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) + Work experience with Systems Engineering activities: requirements management and development, risk management, and verification + Strong collaboration, proven technical leadership capabilities, and conflict resolution skills + A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience + Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX **Other Requirements:** + Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: + Vacation - up to 120 hours per calendar year + Sick time - up to 40 hours per calendar year + Holiday pay, including Floating Holidays - up to 13 days per calendar year + Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. _Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation,_ **_external applicants please contact us via_** **_*******************/contact-us/careers_** **_. internal employees contact AskGS to be directed to your accommodation resource._** + \#RADSW + \#Li-Hybrid **Required Skills:** **Preferred Skills:**

: Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world's largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership. Information Security Analyst 2 Job Duties * Governance, Risk, & Compliance (GRC) Application Subject Matter Expert - Operate and maintain Company's Governance, Risk and Compliance (GRC) platform, its libraries, reports, portals, and data integrations to effectively support operations, data accuracy and user processes. Serve as the primary liaison for GRC software vendors, by maintaining contact with vendor representatives, submitting troubleshooting tickets and software feedback to improve the user experience. Support Company's Enterprise Risk Management, Compliance, Vendor Management, Business Continuity Planning, Information Technology and Security, Project Management and Audit Programs with data entry, maintenance, and configuration. Develop, maintain, and distribute custom and ad hoc reporting of risk data including taxonomy analytics and Key Risk Indicators (KRI's). * Security Architecture & Control Design - Develop/integrate cybersecurity designs for systems and networks for the processing of company data. Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements. Ensure that acquired or developed systems and architectures are consistent with company's cybersecurity architecture guidelines. * Risk Assessment - Coordinate external risk assessments including audits, gap assessments, and penetration testing to evaluate security architectures and designs to determine the adequacy of security design and architecture. Determine protection needs (i.e., security controls) for company's information processing and document appropriately. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. * Incident Response Communication- Coordinate communication and information sharing aspects of incident response. Draft messages and updates to internal and external audiences for Incident Response Team (IRT) review, such as employees, customers, partners, media, or public. Handle crisis management issues and provides guidance and education on incident prevention and response best practices. Perform other duties as assigned. Minimum Qualifications * 2-4 years related experience * Associate's degree (Information Technology, Cyber Security, Computer Science) * Non-degree considered if 6+ years of related experience along with a high school diploma (GED) Preferred Qualifications Intermediate knowledge of various Information Security & Privacy Frameworks such as the Secure Controls Framework, NIST CSF, NIST 800-171, NIST 800-53, NIST Privacy Framework, ISO-27001, ISO-27701, GDPR, US & other global privacy regulations. Work experience in other Information Technology disciplines such as software development, help desk, networking, systems administration or similar in conjunction with professional certifications such as CASP+, CISSP Associate, or AWS Associate Level Certifications. Intermediate level of knowledge in at least one scripting or software development language such as PowerShell, Bash, Java, or Python. Good written and oral communication skills, deductive reasoning, and analytical investigative skills. Good interpersonal skills to facilitate positive relations between business groups. Requires excellent verbal and written communication skills, as well as a knowledge of company's culture and values. Work Authorization: Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future, are not eligible for hire. No agency calls please. Compensation and Benefits: Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and much more. EOE Veterans/Disabilities Nearest Major Market: Lima Nearest Secondary Market: Findlay Job Segment: Information Security, Data Entry, Help Desk, Information Technology, Computer Science, Technology, Administrative

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: R&D Product Development Job Sub Function: R&D Software/Systems Engineering Job Category: Scientific/Technology All Job Posting Locations: Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America : About Surgery Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech. We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH. Job Description: The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment You will be responsible for: Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. Advise embedded system security software to ensure system hardening and secure coding practices. Support all stakeholders on patch management, vulnerability handling, and SBOM scanning Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) Qualifications / Requirements: Education: Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree Experience and Skills 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment Proven experience with threat modeling and risk assessments for connected products or medical devices Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. Proven experience with electrical and embedded software design Experience developing software for embedded Real-Time Operating Systems (RTOS) Experience developing embedded software systems using Modern C++ (preferably standards 17+) A results and performance driven demeanor with strong sense of accountability Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles Preferred Skills & Experience: Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) Work experience with Systems Engineering activities: requirements management and development, risk management, and verification Strong collaboration, proven technical leadership capabilities, and conflict resolution skills A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX Other Requirements: Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: Vacation - up to 120 hours per calendar year Sick time - up to 40 hours per calendar year Holiday pay, including Floating Holidays - up to 13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via *******************/contact-us/careers . internal employees contact AskGS to be directed to your accommodation resource. #RADSW #Li-Hybrid Required Skills: Preferred Skills:

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: R&D Product Development Job Sub Function: R&D Software/Systems Engineering Job Category: Scientific/Technology All Job Posting Locations: Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America : About Surgery Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech. We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH. Job Description: The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment You will be responsible for: Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. Advise embedded system security software to ensure system hardening and secure coding practices. Support all stakeholders on patch management, vulnerability handling, and SBOM scanning Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) Qualifications / Requirements: Education: Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree Experience and Skills 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment Proven experience with threat modeling and risk assessments for connected products or medical devices Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. Proven experience with electrical and embedded software design Experience developing software for embedded Real-Time Operating Systems (RTOS) Experience developing embedded software systems using Modern C++ (preferably standards 17+) A results and performance driven demeanor with strong sense of accountability Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles Preferred Skills & Experience: Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) Work experience with Systems Engineering activities: requirements management and development, risk management, and verification Strong collaboration, proven technical leadership capabilities, and conflict resolution skills A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX Other Requirements: Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: Vacation - up to 120 hours per calendar year Sick time - up to 40 hours per calendar year Holiday pay, including Floating Holidays - up to 13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via *******************/contact-us/careers . internal employees contact AskGS to be directed to your accommodation resource. #RADSW #Li-Hybrid Required Skills: Preferred Skills:

Cloud Security Engineer - (23000FK6) Description The Cloud Security Engineer (CSE) should be hands-on in all aspects of Azure security including implementing security controls and threat protection, manage identity and access management, defining organizational structure and policies, using Azure technologies in order to provide data protection, configuring network security defenses, collecting and analyzing Azure logs, managing incident responses, and an understanding of regulatory concerns. As a Cloud Security Engineer you design and implement a secure end-to-end infrastructure on Azure in a hybrid cloud setup. Essential FunctionsMonitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns Maintain and improve the security posture of the Azure platform, identifying, and remediating vulnerabilities by using a variety of security tools. Provide cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. Implement and configure security controls and policies, manage access to data, and monitor threats to ensure that apps, containers, infrastructure, and networks are protected. Implementing threat protection and responding to security incident escalations. Automate security controls, data, and processes to provide better metrics and operational support using security-as-code. Configure access within a cloud solution environment using the defense-in-depth principle Configure network security including in a hybrid context with traditional network centric controls Ensure data protection Manage operations within a cloud solution environment such as operations tasks, using cloud native tools, like Log Analytics, Azure Monitor and Azure Security Center or other monitoring tooling. Support our cloud engineers to implement security best-practices and enable secure development and release processes. Deep understanding of configuring security policies and securing applications and data. Required For All JobsPerforms other duties as assigned. Complies with all policies and standards. For specific duties and responsibilities, refer to documentation provided by the department during orientation. Must abide by all requirements to safely and securely maintain Protected Health Information (PHI) for our patients. Annual training, the UH Code of Conduct and UH policies and procedures are in place to address appropriate use of PHI in the workplace. Qualifications QualificationsEducationBachelor's Degree in Information Technology, Computer Science, or a related field Required Work Experience5+ years IT security experience Required and 3+ years building and maintaining secure azure cloud solution and tools (Azure Monitor, Log Analytics, Azure Security Center) Required Knowledge, Skills, & Abilities Understand agile and DevOps concepts in a security context such as “trust but verify”, central vs decentral controls, make agile teams as autonomous as possible while ensuring the teams adhere to the NonFunctional-Requirements. A deep understanding of networking, e. g. IP subnetting, Network Security Groups, routing, Azure Firewall, ExpressRoute, load balancer, DNS. Strong familiarity with cloud capabilities and products and services for Azure, e. g. Azure Active Directory, Privileged Identity Management, VMs, Container Registry, Azure Kubernetes Services (AKS), Data Services, KeyVault. Have the intrinsic quality to want to continuously improve and do better Hands-on and can-do mentality Feeling of ownership Good communication and presentation skills Team player Able to express ideas effectively in individual and group situations. Able to execute a task in a good manner and with good results with limited supervision Strong skills in scripting and automation, Infrastructure-as-Code and using CI/CD concepts. Experience with pipeline tooling for automated deployments and applying security controls. Experience with Experience with infrastructure orchestration tools such as Terraform and other cloud-specific infrastructure automation tools (Azure Resource Manager, Google Cloud Deployment Manager) to automate the creation of staging, testing and production environments. Work experience from large, international companies and have dealt with or worked for global service providers. Licenses and CertificationsCertified Information System Security Professional (CISSP) Preferred Certified Ethical Hacker (CEH) Preferred Additional Licenses and Certifications Microsoft Azure Security related certifications Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Information Protection Administrator Associate, or Microsoft Certified: Security Operations Analyst Associate) Preferred Certified Cloud Security Professional (CCSP) Preferred Certificate of Cloud Security Knowledge (CCSK) Preferred Global Information Assurance Certification (GIAC) Preferred Physical DemandsStanding Occasionally Walking Occasionally Sitting Constantly Lifting Rarely 20 lbs Carrying Rarely 20 lbs Pushing Rarely 20 lbs Pulling Rarely 20 lbs Climbing Rarely 20 lbs Balancing Rarely Stooping Rarely Kneeling Rarely Crouching Rarely Crawling Rarely Reaching Rarely Handling Occasionally Grasping Occasionally Feeling Rarely Talking Constantly Hearing Constantly Repetitive Motions Frequently Eye/Hand/Foot Coordination Frequently Primary Location: United States-Ohio-Shaker_HeightsWork Locations: 3605 Warrensville Center Road 3605 Warrensville Center Road Shaker Heights 44122Job: Information TechnologyOrganization: UHHS_Information_TechnologySchedule: Full-time Employee Status: Regular - ShiftDaysJob Type: StandardJob Level: ProfessionalTravel: NoRemote Work: YesJob Posting: Nov 14, 2025, 1:58:20 PM