Information systems security manager work from home jobs

Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world's largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership. Remote Work: Crown offers hybrid remote work for this position. A reasonable commute is necessary as some onsite work is required. Relocation assistance is available. Primary Responsibilities Define security architecture standards and blueprints for web, mobile, cloud, and Application Programming Interface (API)-based applications. Review design documents and perform architecture risk assessments for new and existing applications. Collaborate with DevOps, Engineering, and Infrastructure teams to ensure architectures align with secure design principles. Integrate automated security testing/scanning tools (Static Application Security Testing (SAST), Software Composition Analysis (SCA)) into Continuous Integration (CI) or Continuous Delivery (CD) pipelines. Define and enforce secure coding standards and practices across development teams. Provide training and guidance to developers on secure development principles and vulnerability prevention. Conduct threat modeling and attack surface reviews for high-risk or critical applications. Identify potential security flaws and recommend mitigations early in development process. Track and communicate technical risk to product managers, developers, and leadership teams. Develop and maintain application security policies, baselines, and architecture frameworks. Ensure application security practices align with regulations including General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI-DSS). Support audit and compliance initiatives by providing documentation and evidence of secure development practices. Minimum Qualifications Bachelor's degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience. Non-degree considered if 12+ years of related experience along with a high school diploma or GED Preferred Qualifications 5+ years in cybersecurity with at least 3 years in application security or secure software development experience. Secure Software Development Life Cycle (SDLC) in development. Deep knowledge of Open Web Application Security Project (OWASP) Top 10, National Institute of Standards and Technology (NIST), and secure coding frameworks. Experience with Securing Secrets and Service Accounts desired. Experience with Web Application Firewall (WAF) implementation/support preferred. Familiarity with Identity and Access Management and cloud security practices (AWS, Azure). Certified Information Systems Security Professional (CISSP), or similar certification (Certified Secure Software Lifecycle Professional, Certified Ethical Hacker (CEH) certified). Familiarity with container security (Docker, Kubernetes). Understanding of authentication protocols (Open Authorization (OAuth) and Security Assertion Markup Language (SAML)). Experience with DevSecOps tools and container security tools desired. Work Authorization: Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future, are not eligible for hire. No agency calls please. Compensation and Benefits: Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and much more. EOE Veterans/Disabilities

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G. Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide. Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands. From Day 1, you'll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful work that will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded. The Opportunity P&G is seeking a Governance, Risk, and Compliance Director passionate about safeguarding data, enabling business through smart risk management, and shaping the future of cybersecurity. The IT Governance, Risk, and Compliance (GRC) Organization at Procter & Gamble is responsible for risk identification, assessment, and remediation across the IT landscape, as well as driving automated governance and compliance breakthroughs. As the GRC expert, you'll play a critical role in maturing and maintaining the security risk and compliance posture of our organization. You will lead initiatives that align our security program with business goals, ensure regulatory and policy compliance, and creatively solve problems to manage risk for the company. Responsibilities: + Governance: + Maintain and evolve the information security policy framework and controls aligned with industry best practices (e.g., NIST, ISO 27001, CIS). + Establish and track metrics to measure policy adherence and program maturity. + Drive internal alignment on security roles, responsibilities, and expectations. + Risk Management: + Manage the enterprise risk management process including risk identification, analysis, treatment planning, and reporting. + Conduct security risk assessments for internal systems, projects, vendors, and business processes. + Facilitate risk-based decision-making at all levels of the organization. + Compliance: + Ensure ongoing compliance with applicable regulations and frameworks (e.g., GDPR, HIPAA, CCPA, SOX). + Maintain a library of evidence and documentation to support audit and regulatory needs. + Monitor the effectiveness of IT controls and identify gaps in compliance. Analyze control measurements for negative trends and reoccurrence frequency. Collaborate with internal/external auditors on compliance audits, audit findings, and issue remediation + Awareness & Enablement: + Contribute to the continuous improvement of the risk and compliance mindset across P&G. Build IT risk awareness by providing support and training to others. + Collaborate cross-functionally with IT, Legal, Privacy, and Business Operations teams. + Stay up to date with how current events, security focus areas, and the regulatory environment may impact P&G's compliance processes Estimated Percent of Time Spent on Work 25% - Risk identification, analysis, and assessment 40% - Plan and drive enterprise-wide initiatives to reduce risk and improve compliance across the organization 25% - Assess and improve the effectiveness of IT controls and compliance across the enterprise 10% - Collaboration with internal/external auditors, driving a risk-aware compliance mindset Job Qualifications Required: + Bachelor's degree in Computer Science, Computer Systems Engineering, Cybersecurity, Industrial Engineering, Business Management Information Systems, Software Development, or related field + Prior hands on experience working in a security-focused role, such as Information Security Analyst, SOC Analyst, Security Engineer, etc. + 8+ years of experience in Governance, Risk, and Compliance with a focus on Information Security + In-depth knowledge of major security frameworks (e.g., NIST CSF, ISO 27001, SOC 2). + Experience conducting risk assessments, audits, and control testing. + Strong understanding of regulatory compliance requirements (e.g., GDPR, HIPAA, SOX, PCI DSS). + Proven ability to write policies, manage documentation, and communicate clearly to both technical and non-technical stakeholders. + Ability to influence and build relationships with business unit stakeholders, external service providers, and architecture teams. + The ability to work independently, collaborate, and learn quickly. + English fluency (speak, write, and read) Preferred Skills: + Certified in CISSP, ISACA CRISC, CGEIT, CISA, or similar Pay Range: $160,000 - $220,000 Compensation for roles at P&G varies depending on a wide array of equal opportunity factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process. Our company is committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ's, please click HERE (******************************************************* . P&G participates in e-verify as required by law. Qualified individuals will not be disadvantaged based on being unemployed. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Job Schedule Full time Job Number R000136880 Job Segmentation Experienced Professionals Starting Pay / Salary Range $160,000.00 - $220,000.00 / year

Over the past 15 years, eTel has delivered essential solutions for the federal government by securing and managing data, providing scalable identity access, modernizing legacy systems, and building high-performance platforms. By integrating new technologies and ensuring reliable operations we help agencies stay prepared for future challenges As a premier technology solutions and services company to the US federal government, eTel possesses longstanding relationships across the federal civilian marketplace. Other customers include the broader Treasury Department, Commerce Department, and State Department. eTel offers integrated CMMI Level 3 processes, tools, and techniques with innovative, cost-efficient, and secure solutions to address complex challenges. eTel also holds ISO 9001:2015, ISO/IEC 27001:2013, and ISO/IEC 20000-1:2018 certifications, and offers dedicated subject matter experts (SMEs) and thought leaders that possess a deep understanding of customers' environments and challenges. Security Clearance: Secret or TS clearance (Mandatory). Candidates without active secret clearance will not be considered. Citizenship: US Citizen (MUST) Overview: The Security Analyst / ISSO ensures CMS API Gateway's compliance with FISMA Moderate and ARS 5.1 controls, manages audits, and maintains continuous monitoring and security authorization artifacts. Core Responsibilities: Oversee implementation of FISMA, NIST 800-53, and ARS 5.1 controls. Support continuous monitoring, vulnerability scans, POA&M management, and reporting. Coordinate with CMS CISO and security teams on ATO documentation. Respond to audits, penetration tests, and incident management activities. Ensure encryption, identity management (Okta/OAuth2), and TLS configurations meet CMS standards. Conduct risk assessments and security reviews for new APIs and integrations. Required Experience: 7+ years in federal cybersecurity or ISSO roles. Proven experience supporting CMS, HHS, or other FISMA-regulated agencies. Familiarity with ARS 5.1, CMS BPSSM, and FedRAMP Moderate environments. Hands-on knowledge of Splunk, Tenable, and SentinelOne or equivalent tools. Certifications: CISSP, CISM, or CAP (required). Security+ CE or equivalent baseline (required). AWS Security Specialty or Certified Cloud Security Professional (CCSP) preferred. Location: Work will be primarily onsite in Washington, DC, or other designated sites. Remote work requires prior client approval. Local and occasional out-of-area travel may be required. Commitment to Diversity - eTelligent Group provides equal employment opportunities (EEO) to all applicants without regard to race, color, religion, gender, sexual orientation, gender identity, nations origin, age, disability, genetic information, marital status, amnesty, status as a covered veteran, and any other characteristic provided in accordance with applicable, federal, state and local laws.

At The One 23 Group, our mission is to set the benchmark for excellence in government services. We empower our clients in the Department of Defense, intelligence community, and federal civilian sectors to excel with our advanced capabilities. Our dedication lies in fostering a people-first culture, underpinned by steadfast ethical principles. Embracing innovative technologies and process improvements, we are steadfast in our journey toward a future that is both bright and transformative. Our expertise spans consulting and analytics, digital workplace solutions, and cyber compliance. With our global footprint, we place a strong emphasis on nurturing our people and culture, which forms the core of our successful strategies in leadership and financial management. We pride ourselves on our extensive experience and effective approach, ensuring that we lead with both innovation and integrity. Responsibilities Contractor to provide cyber security management, oversight, and customer support for maintaining the continuity of DHS Management Information System compliance in accordance with DHS, National Institute of Standards and Technology (NIST), and other applicable Federal standards. This Position is 100% Remote. Applies specialized knowledge of sensitive system Cybersecurity requirements and Privacy Act requirements. Applies specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with NIST's Risk Management Framework and the Federal Risk and Authorization Management Program (FedRAMP). Applies specialized knowledge and experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, Federal Information Processing Standards (FIPS, and NIST guidelines. Applies knowledge of DHS Information Security Policy Directives and Handbooks is preferred. Applies knowledge and experience with standard IA concepts, practices, and procedures. Working independently to solve problems quickly and completely. Applies specialized experience with three (3) of the four (4) following criteria is required: Vulnerability scanning execution, assessment, and analysis. Operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN]). Information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies. Application security, database security, and network security. Possess ability to assess and weigh current and evolving security threats in an operational environment. Possess good oral and written communication skills. Team player who can collaborate with multiple stakeholders to arrive at the best solution. Qualifications Master's degree and 4 years of Cybersecurity & Federal Information Security Modernization Act (FISMA) experience, or a Bachelor's Degree and 5 years of Cybersecurity & FISMA experience or a total of 7 years of Cybersecurity & Federal Information Security Modernization Act (FISMA) experience Must be a US citizen with ability to obtain/maintain a Top Secret clearance Possesses one (1) of the following professional security certifications or can be obtained within six (6) months of hire: Certified Information System Security Professional (CISSP) CompTIA Advanced Security Practitioner (CASP) Certified Information Systems Auditor (CISA) Certified Ethical Hacker (CEH) Systems Security Certified Practitioner (SSCP) Certified Information Security Manager (CISM) GIAC Information Security Professional (GISP) GIAC Security Leadership (GSLC) We can recommend jobs specifically for you! Click here to get started.

[ABOUT ISTARI DIGITAL]Istari is a digital engineering software company enabling our customers to turn the physical world into the digital to accomplish their specific mission or business objectives. Istari was founded with the vision of making open, scalable digital engineering ecosystems a reality - where new technologies and systems are created digitally, free from the real-world constraints of costs and schedules. We are creating the world's best engineering model sharing platform, allowing our customers to simply and securely integrate their models across different engineering disciplines, organizations, and security levels. At Istari, we are passionate about our mission of creating the world's first open and scalable industrial metaverse. Whether our customers are designing prototypes, performing virtual testing, or training AI and autonomy for complex systems, we know that going digital will save them time, resources, and reduce their environmental impact. While we are a distributed team with most team-members working remotely, we place an emphasis on staying connected and collaborative, prioritizing in-person opportunities to build trust as a team. At Istari, we still believe that trust is best built in-person. To do this, we have an engineering headquarters in Cambridge, MA for focused technical development and several times per year we gather for an off-site that allows us to develop our professional skills and our team relationships. [VALUES]At Istari, we live by our values, which include: Purposeful AutonomyWe value letting people self-organize and self-motivate. Our flat structure and lack of meeting clutter are meant to empower individuals and teams to be proactive.Our autonomy is measured, goal-oriented, and results-driven - not meandering. Clear objectives help us prioritize our time. Smart TransparencyWe believe in honest-but-kind communication, transparency, and open-door policies. We love learning about challenges and tackling them early, not hearing good or bad news late. We share work-in-progress across our team. Fast feedback keeps autonomy purposeful. Continual CuriosityAt Istari, we love learning to do things ourselves. We ask, read, share, teach - even watch YouTube videos - to learn new skills to solve problems. When we make breakthroughs, we write them down. Writing focuses ideas, helps us learn, and helps us share. Equal Opportunity Istari is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. We are seeking a highly experienced and knowledgeable Information System Security Officer (ISSO) to join our Cybersecurity team. The ISSO will serve as a principal advisor on all matters, technical and otherwise, involving the cybersecurity of information systems under their purview. This role requires a deep understanding of cybersecurity principles, practices, and frameworks, as well as the ability to develop, implement, and evaluate information system security program policy consistent with Federal and Commercial regulatory requirements, both on premises and in cloud environments. The ISSO will work closely with various stakeholders across the organization to ensure the confidentiality, integrity, and availability of our information systems.Key Responsibilities Serve as the principal advisor on all matters involving the cybersecurity of assigned information systems. Develop, implement, and evaluate information system security program policy consistent with Federal and Commercial regulatory requirements, including JSIG, NIST 800-171, NIST 800-53, CMMC, and ITAR. Conduct risk assessments and identify vulnerabilities in information systems. Develop and implement security controls to mitigate identified risks. Monitor and evaluate the effectiveness of security controls. Develop and deliver cybersecurity awareness training to employees. Investigate security incidents and breaches. Maintain security documentation, including system security plans (SSPs), risk assessments, and incident reports. Stay up-to-date with the latest cybersecurity threats and vulnerabilities. Collaborate with the engineering and customer success teams to ensure secure implementation and configuration of systems. Required Qualifications Active Top Secret Security Clearance, with SCI eligibility. Minimum of 5 years of experience in a relevant field. Deep understanding of cybersecurity principles, practices, and frameworks, including JSIG, NIST 800-171, NIST 800-53, ITAR, ISO, and CMMC. Experience with risk assessments, vulnerability identification, and security control implementation. Experience with security incident investigation and response. Excellent communication and collaboration skills, with the ability to effectively communicate with both technical and non-technical audiences. Strong analytical and problem-solving skills. Relevant certifications (e.g., Sec+, CISSP, CISM). Must be a US citizen living within the United States. Preferred Qualifications Bachelor's degree in computer science, information systems, or a related field. Experience with SOC compliance and audits. BENEFITSWe offer highly competitive benefits, including: Health and Family- Medical/Dental/Vision- Employee Premiums are 100% Company Paid- Life Insurance- Flexible Work Hours - Unlimited Paid Time Off (PTO) with federal government holidays Financial- Competitive Compensation - 401k - Company Stock Options- Home Office Setup Budget Learning- Reimbursement for approved trainings and subscriptions- Conferences (travel, lodging, and fees) Note - some benefits are not available to interns or contractors. Thank you for your interest in Istari. Expect to hear back from us soon with next steps.

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ

Watershed Security, is a Veteran Owned Small Business with over 20 years' Cybersecurity and Government Contracting experiencing. Watershed is looking for a Senior Information Systems Security Officer (ISSO) to support the Naval Surface Warfare Center (NSWC) in Philadelphia, PA. The successful candidates will have experience coordinating and enacting required security changes, with in various levels of an organization, ensuring compliance with published policies; conducting cybersecurity vulnerability and threat analysis; and support cyber incident-response by isolating potentially effected assets, initial investigation and data collection, through status updates/reporting. REQUIRED QUALIFICATIONS Bachelor's degree in computer science, information technology, communications systems management, or an equivalent science, technology, engineering & mathematics (STEM) degree from an accredited college or university. Must have at least one of the following active certifications: CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP, Years of Experience: 6 years practical experience in a cybersecurity or A&A related field. Collaborate with various levels of the organization to implement required security changes and ensure compliance with established security policies and standards. Conduct comprehensive cybersecurity vulnerability and threat assessments to identify and mitigate risks to information systems. Lead cyber-incident-response efforts, including isolating affected systems, conducting initial investigations, collecting relevant data, and providing status updates and reports to leadership. Provide guidance on best practices and recommend improvements to the organization's security posture. Perform risk assessments and develop mitigation strategies to protect sensitive data from internal and external threats. Support continuous monitoring of information systems and provide regular status reports on security compliance. Maintain up-to-date knowledge of emerging cybersecurity threats and industry best practices. Clearance Level: SECRET; US Citizen. Ability to possibly provide onsite support in Philadelphia, PA or Norfolk, VA. Some/all remote work may be an option, however the norm will be onsite support. This will be dependent upon customer needs and classification level of work being performed. Some travel may be required. Experience with the Navy RMF Process Guide (RPG), and Navy A&A tools such as ACAS, eMASS and eMASSter. Proficient with Microsoft Office Suite (Word, Excel, Teams, Project). Self Starter; detail oriented; able to brief senior level staff. DESIRED QUALIFICATIONS Experience supporting 10 or more Navy Packages (achieving and/or maintaining ATO) Experience with the NAVSEA RMF Business Rules Contingent upon award PAY RANGE Final salary is influenced by factors such as location, contract labor categories, experience, skills, education, and certifications. Watershed offers competitive compensation, medical and dental benefits, educational reimbursement, 401K plans with matching, 15 days of PTO to start and 11 paid holidays per year. The proposed salary range for this position is: $70,000.00 - $100,000.00 USD. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Full-time Description MBL Technologies, Inc. offers a diverse set of management and technology consulting services to Federal government and commercial markets. Our solutions are tailored to support each client's mission, accounting for their unique needs and operating environments to ensure success. We bring the right people, capabilities, and expertise together to assist our clients with enabling their mission. Together our individual differences drive successful business results. If you are transitioning from military to civilian life, have prior service, are a retired veteran, or a member of the National Guard or Reserves, or spouse of an active military service member, we encourage you to apply. Please visit our webpage for information on our policies and benefits for the military and veteran community. Why Work with Us? We trust, empower, and believe in our employees to soar to their fullest potential! We offer a robust benefits package (medical, dental, vision, STD, Accident, Life, Hospital Insurance, FSA, HSA, 401K match, professional development stipend, etc.). We love to have fun and give back to the community. Community Service and Employee Engagement events are atop our calendar events! We genuinely like each other and champion everyone to achieve their own greatness! MBL Technologies is seeking a highly skilled and experienced Senior Information System Security Officer (ISSO) in support of a federal government agency. The role is critical to ensure the security and privacy of the federal agency's IT and Operational (OT) systems across on-premises and cloud environments. This role is contingent based on contract award. Key Responsibilities: Lead Risk Management Framework (RMF) activities across the system development lifecycle (SDLC) Develop and maintain system authorization artifacts (SSPs, POA&Ms, ATO packages) Support continuous monitoring, vulnerability remediation, and independent assessments Collaborate with system owners, project teams, and stakeholders to implement responsive security controls Analyze and report on cybersecurity risks related to: Artificial Intelligence (AI) DevSecOps Zero Trust Architecture Citizen Development (LCNC platforms) Supply Chain Risk Management (SCRM) Maintain and enhance the ISSO Program Guide and ensure alignment with FDIC policies and NIST standards Deliver recurring reports: Weekly/Monthly Status, Quarterly Lessons Learned, CISA Analysis, FedRAMP POA&M, etc. Ensure compliance with FISMA, FedRAMP, and other federal cybersecurity regulations Required Qualifications: 7-10+ years of experience in cybersecurity and information assurance Deep expertise in: NIST RMF (SP 800-37, SP 800-53, SP 800-137) FedRAMP standards and cloud platforms (Azure, M365, Salesforce, ServiceNow) DevSecOps, CI/CD pipelines, Infrastructure as Code (IaC) Security testing tools (SAST, DAST, SCA) Identity and access management (SAML, OAUTH, OIDC, PKI) Network security, SIEM, endpoint protection, vulnerability management Familiarity with OSCAL, CVE, CWE, CVSS formats Excellent communication and documentation skills U.S. Citizenship and eligibility for High-Risk background investigation Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified in Governance, Risk, and Compliance (CGRC/CAP) preferred. MILITARY OCCUPATIONAL SPECIALTY CODES (MOS codes): 170A, 170D, 17A, 17B, 17C, 17D, 24B, 25B, 47D, 94F, IT, 17 5309, 6203, 9735, 9740, 9890, 9891 CORPORATE CITIZEN: MBL Technologies' vision is to make a positive difference - for our people, our customers, and our communities. As such, a commitment to service and excellence has been woven into the very fabric of our culture. MBL employees demonstrate a willingness to consistently go above and beyond and strive for excellence in all we do - championing, protecting, and celebrating the core business through the mission, vision, and values. All are expected to be good corporate citizens, supporting one another and internal corporate initiatives to build a stable business platform and ensure lasting company success. Benefits: MBL Technologies offers a competitive salary adjusted for candidate qualifications partnered with an industry-leading benefits package. This package includes incentive plans with corporate and individual-based performance bonuses, 401K, PTO, remote work, health and wellness programs, employee discounts, and learning and development reimbursement. EEO STATEMENT: MBL Technologies is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status.

About Skylight Skylight is a digital consultancy using design and technology to help government agencies deliver better public services. We're at the forefront of a civic movement to reinvent how all levels of government serve families, patients, and many others in today's digital world. If you want to play a part in driving this critical movement forward, we'd love for you to join our growing team of public interest technologists. The work we do matters. About the job As Skylight's Chief Information Security Officer (CISO), you'll lead Skylight's security, compliance, and policy efforts, ensuring they align with Skylight's business, technical, and regulatory requirements. As a trusted advisor and partner across the organization, you'll balance deep technical understanding with clear communication and strong relationship-building skills. Because Skylight supports multiple federal clients, our work must comply with CMMC Level 2, NIST 800-171, and, potentially, HIPAA. You'll play a pivotal role in maintaining compliance with these regulations by developing organizational readiness, guiding engineering teams, and ensuring secure, compliant operations across all systems. In this role, you'll report directly to the Chief Information Officer (CIO). This is a hands-on, collaborative leadership role where you'll partner closely with the CIO on priorities, decisions, and direction. You'll also collaborate with the CIO on key aspects of Skylight's IT infrastructure, including onboarding/offboarding, account management, and role-based access controls. While you don't need to be an expert administrator for every tool we use, your partnership in this area is essential to maintaining both operational integrity and regulatory compliance. What you'll do Lead the design, implementation, and day-to-day operation of Skylight's information security and compliance efforts Maintain and continuously improve compliance with Skylight's regulatory requirements, including NIST 800-171, CMMC Level 2, and HIPAA Represent Skylight externally for security audits, risk assessments, and communication with external assessors Collaborate with the Chief Operating Officer (COO) and CIO to achieve and maintain Skylight's facility security clearance (FCL) Administer and enforce identity and access management across Skylight's IT infrastructure, including AWS, Azure, Google Cloud Platform (GCP), Google Workspace, and Slack Partner with project and delivery teams to integrate security and compliance into project planning, delivery, and client communications Lead periodic risk assessments and report findings to the CIO and leadership team to inform decision-making Develop and maintain internal security and IT policies, ensuring they're accessible, practical, and actionable Deliver annual security awareness training across the organization Collaborate with the CIO to align security priorities with company strategy and resource planning Stay current on evolving security practices, technologies, and emerging threats What we're looking for Minimum qualifications An active security clearance or the eligibility to obtain one Hands-on experience with identity and access management (IAM), role-based access control (RBAC), and related concepts in AWS, Azure, and GCP Demonstrated success leading security audits or compliance assessments Excellent communication and documentation skills, with the ability to explain technical and regulatory concepts in plain language Experience enumerating and mitigating organizational vulnerabilities Experience mitigating security risks in the software development life cycle at the organizational level Ability to interpret and translate non-technical material, such as regulations, into business and technical requirements Deep understanding of and achieving compliance with NIST 800-171 Proven ability to foster trust and collaboration across technical and non-technical teams Ability to work successfully within a professional services environment (e.g., can communicate effectively with clients) A passion for creating better public outcomes through great government services A mindset and work approach that aligns with our core values Ability to travel for work from time to time Nice-to-have qualifications Expertise in other relevant regulatory frameworks like CMMC, HIPAA, or FISMA Hands-on experience administering Google Workspace Professional development experience in at least one programming language Professional experience working with infrastructure-as-code Prior experience working in the civic tech space Experience working in a remote-team environment Don't meet 100% of the criteria but think you can do the job? We'd love to chat anyway! We're on a mission to build diverse teams, and studies have shown that women and marginalized folks are less likely to apply to jobs if they don't check every box. Other requirements All work must be conducted within the U.S., excluding U.S. territories. Some federal contracts require U.S. citizenship to be eligible for employment. You must be legally authorized to work in the U.S. now and in the future without sponsorship. As a government contractor, you may be required to obtain a public trust or security clearance. You will be required to complete a company background check successfully. Position type This is a full-time, exempt position. Location This is a fully remote position. Care package Salary The salary range for this position is between $170,000 and $240,000. Benefits Your well-being is important to us, so we focus on supporting you in a variety of ways: Medical insurance, dental insurance, vision insurance Short-term and long-term disability insurance Life and AD&D insurance Dependent care FSA, healthcare FSA, health savings account Dollar-for-dollar 401(k) match up to 10% of your salary with no vesting period Flexible paid-time-off policy (generally around 25 days per year), plus 11 paid federal holidays Up to 12 weeks paid-time-off for all eligible new birth, adoption, or foster parents Performance rewards, including annual salary increase, annual performance bonus, spot bonuses, and stock options Business development / sales bonuses Referral bonuses Annual $2,000 allowance for professional development Annual $750 allowance for tech-related purchases Annual swag budget of $100 to display your Skylight pride with some merchandise (hoodies, hats, and more) Dollar-for-dollar charity donation matching, up to $500 per year Flexible, remote-friendly work environment An environment that empowers you to unleash your superpowers for public good Interview tips Visit our join page to learn more about how our interview process works. Check out our Career Pathways framework to learn more about the different roles within Skylight and the skills needed to do them. If you'd like to request reasonable accommodations during the application or interviewing process, please contact our recruiting team at recruiting@skylight.digital. We participate in E-Verify and upon hire, will provide the federal government with your Form I-9 information to confirm that you're authorized to work in the U.S. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, sex, religion, age, disability, veteran status, or any other category protected by applicable law.

Job Description Summary: Triangle Cyber is looking for a Senior Information System Security Officer (ISSO) to lead and manage security risk Assessment & Authorization (A&A) activities for a US Federal Government contract. This role involves performing A&A activities for a large-scale, enterprise-wide network consisting of over 100,000 heterogeneous systems and applications, both on-premises and in cloud environments. This is a remote position. Responsibilities: Lead the security risk Assessment & Authorization (A&A) process for enterprise-wide network systems. Coordinate with stakeholders to ensure compliance with federal security standards and policies. Develop, implement, and maintain security documentation and procedures. Identify and assess security risks, and propose mitigation strategies. Conduct security audits and assessments to ensure system integrity and compliance. Provide guidance and training to team members on security best practices. Collaborate with IT teams to ensure secure deployment of new systems and applications. Monitor and respond to security incidents and vulnerabilities. Required Skills: US Citizenship required due to federal contract requirements. Proven experience with "demonstrated proficiency" serving as an Information System Security Officer (ISSO) in a Federal environment. Strong knowledge of risk management frameworks and federal security requirements. Experience with cloud and on-premises environments. Excellent communication and leadership skills. Ability to work independently in a remote setting. Relevant certifications such as CISSP, CISM, CISA, or equivalent.

Historically, US Healthcare has relied on a fee-for-service reimbursement system where providers are paid based on the quantity of patient visits and procedures, rather than the quality of health outcomes. At Stellar Health, we help primary care providers put patient health first. Our platform - a mix of technology, people, and analytics - supports providers at the point of care, delivering real-time patient information, activating practice staff, and empowering providers and care teams with incentives that reward the work they are already doing to keep patients healthy. Using the Stellar App, our web-based, point-of-care tool; practices receive a simple checklist of recommended actions that support the best quality care. Providers and care teams are then paid monthly for each action they complete, and Payors save money in reduced healthcare costs along the way. Stellar is a US-based Health-tech backed by Top VCs ( General Atlantic, Point72, & Primary Venture Partners) with an established product & proven operating model. We've shown that we make a real difference for physician practices and their patients. About the position: Stellar Health is looking for an Information Security Manager to help prioritize and drive our Information Security program and investments. We are looking for an individual that is passionate about building out new security processes that are thoughtful in their design for both external users, customers, and teammates. Stellar Health operates in the HealthTech space and is HITRUST R2 certified. This role will help ensure our security program is proactive as possible by: Helping reduce the effort to maintain and demonstrate our alignment to HITRUST by automating the collection of evidence, as well as deploy continuous testing of controls.Staying aligned with our cross-functional teams as they deliver on their controls and support our security processes. Bolster and improve our internal security processes as a security team by partnering with our leadership team to set strategic priorities for the team, informed by our organization and platform services' threat models. How you'll make an impact: By 3 months you will… Have a solid foundation of our current security posture, controls, and security processes, what is working well and where there are gaps Have a prioritized list of areas of improvement and/or investments to help reinforce and improve our security posture Implemented 1-2 improvements to current processes and/or automations to ensure a security control is working appropriately, examples of potential improvements:Ensure all Git repos align with our change management standards around PR reviews, automated code testing, deployments and any required security reviews Implement continuous testing of our endpoint configurations to ensure they align to our security standards (e.g. all endpoints are encrypted at rest, have security agents deployed) By 6 months you will… Aligned with senior leadership around team skillset and staffing needs to maintain security processes and operations Collaborated with other teams that support our security controls to expand the list of improvements to include non-security pain points in evidence collection or inefficient processes Delivered first quarter of 1-2 projects from the prioritized list of areas of improvement Established a process to review high risk applications and systems with System Owners to ensure they align to any applicable security standards/controls and other security recommendations What You'll Bring: 4-5 years of security program & engineering experience building and implementing security tooling and processes Strong familiarity and experience helping secure cloud environments and infrastructure, preferably AWSSupported, and preferably led, external audits of security frameworks (e.g. SOC 2 Type 2, ISO 27001, HITRUST) Experience with coding and automation, preferably Python and/or Terraform Who will love this job: You enjoy a tight partnership and daily interactions with DevOps and IT engineers to deliver on technical projects and process improvements You are passionate about designing thoughtful, business-focused solutions to security problems vs implementing a security “best practice” solution when not applicable You appreciate the need to audit and validate security controls, but would much rather automate the work where possible so you can focus your efforts on creating strong proactive partnerships and further reducing security risks elsewhere Pay: The salary range for this role is $170,000 - $200,000 + an annual performance based bonus. Where a new hire falls within this range will be based on their individual skills and experience, and how these competencies compare across other employees in the same role. Stellar's bands are designed to allow for individual compensation growth within the role. As such, new hires typically start at the lower end of the range. Stellar rewards performance and outcomes - should you join the company, you will have the opportunity to grow your salary over time. Perks & Benefits: Stellar offers a carefully curated selection of wellness benefits and perks to our employees: Medical, Dental and Vision Benefits Flexible PTO Universal Paid Family Leave Company sponsored One Medical memberships and Citibike memberships Medical Travel Benefits A monthly wellness stipend that gives employees the freedom to choose where they spend their cash, whether it be on wellness, pet care, childcare, WFH items, or charitable donations Stock Options & a 401k matching program Career development opportunities like Manager Training, coaching, and an internal mobility program A broad calendar of company sponsored social events that for our in-office and remote employees Diversity is the key to our success. Stellar Health is an equal opportunity employer and we are open to all qualified applicants regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, veteran status, or any other legally protected status. We believe that diverse teams -and the different identities, cultures, and life experiences our team members bring to the table- enable us to create amazing products, find creative solutions to interesting problems, and build an inclusive working environment. Stellar Health Employment Privacy Notice At Stellar Health, your privacy and security as a job seeker is a priority no matter where you are in the interview process. As recruiting scams have become more prevalent, please take note of the following practices to ensure the legitimacy of any interaction with our team. Please note that any communication from our recruiters and hiring managers at Stellar Health about a job opportunity will only be made by a Stellar Health employee with an @stellar.health email address. Stellar Health does not utilize third-party agencies for recruitment services and does not conduct text message or chat-based interviews. Any other email addresses, agencies, or forums may be phishing scams designed to obtain your personal information. We will not ask you to provide personal or financial information, including, but not limited to, your social security number, online account passwords, credit card numbers, passport information, and other related banking information until we begin onboarding activities, which will be coordinated by a member of the Stellar Health People Ops Team with an @stellar.health email address. If you are ever unsure whether you are in contact with a legitimate Stellar Health teammate, please contact people-team@stellar.health. If you believe you've been a victim of a phishing attack, please mark the communication as “spam” and immediately report it by contacting the U.S. Federal Trade Commission.

Our Director of Information Security provides strategic leadership and vision for enterprise-wide security operations. This role oversees and matures the organization's operations security program, ensuring alignment with business objectives, regulatory requirements, and industry best practices. The Director partners with senior leadership, technology leaders, and business stakeholders to embed security into products, services, and culture. This position reports to the Vice President of Information Security and leads a growing team (4-6 ICs) of security professionals across operational security, incident response, compliance, and governance. Responsibilities Strategic Leadership & Vision Help define and execute the enterprise information security strategy, ensuring alignment with corporate objectives and customer trust. Serve as an advisor to the various teams, technology leaders, and business stakeholders on emerging threats, risks, and security requirements. Lead the evolution of security as a business enabler and differentiator, ensuring resilience, trust, and compliance are built into tools and operations Team & Program Leadership Manage, mentor, and scale a high-performing security team across security operations, incident response, and data security functions. Establish clear career paths, KPIs, and success metrics to drive accountability, engagement, and professional growth. Foster a culture of continuous improvement, innovation, and proactive risk management. Operational Security & Incident Response Oversee enterprise security operations, including SIEM, log correlation, endpoint security, threat hunting, and vulnerability management. Direct incident response efforts, ensuring effective playbooks, rapid resolution, and post-incident learning. Drive automation, orchestration, and AI/ML-enabled threat detection to increase efficiency and reduce response times. Governance, Risk, & Compliance Partner with the GRC Team with security compliance frameworks (e.g., SOC 2, ISO 27001, PCI-DSS, HIPAA, FedRAMP, etc.) and ensure continuous readiness for audits. Develop and maintain enterprise security procedures, standards, and controls aligned to NIST, CIS, and OWASP frameworks. Participate in third-party risk management, vendor security assessments, and business continuity planning. Innovation & Emerging Technologies Provide guidance on secure adoption of cloud, SaaS, and SASE platforms. Champion responsible and secure use of emerging technologies (e.g., AI/ML, automation, zero trust, secure access). Anticipate future risks and proactively shape organizational security posture. Qualifications Education/Experience 10+ years of progressive information security experience, including significant leadership responsibility. 5+ years leading security teams in enterprise environments. Industry-recognized certifications strongly preferred (CISSP, CCISO, CISM, GSEC, GCIH, CEH, etc.). Required Skills/Abilities Proven success in building and maturing security programs that align with business strategy. Strong knowledge of security technologies (firewalls, DLP, IDS/IPS, MDM, SIEM, EDR, etc.) and modern architectures (SaaS, SASE, Zero Trust). Deep technical foundation across cloud/SaaS systems, network and endpoint security, cloud security, and secure configurations. Familiarity with penetration testing, forensic practices, and threat modeling. Strong executive communication skills with experience presenting to leadership, audit committees, and regulators. Demonstrated ability to lead cross-functional initiatives and drive measurable risk reduction. National Debt Relief Role Qualifications: Computer competency and ability to work with a computer. Prioritize multiple tasks and projects simultaneously. Exceptional written and verbal communication skills. Punctuality expected, ready to report to work on a consistent basis. Attain and maintain high performance expectations on a monthly basis. Work in a fast-paced, high-volume setting. Use and navigate multiple computer systems with exceptional multi-tasking skills. Remain calm and professional during difficult discussions. Take constructive feedback. Compensation Information Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for each position across the US. Within the range, individual pay is determined by work location, job-related skills, experience, and relevant education or training. This good faith pay range is provided in compliance with NYC law and the laws of other jurisdictions that may require a salary range in job postings. The salary for this position is $198,500 - $228,500. About National Debt Relief National Debt Relief was founded in 2009 with the goal of helping an expanding number of consumers deal with overwhelming debt. We are one of the most-trusted and best-rated consumer debt relief providers in the United States. As a leading debt settlement organization, we have helped over 450,000 people settle over $10 billion of debt, while empowering them to lead a healthier financial lifestyle and feel free to live their best life. At National Debt Relief, we treat our clients like real people. Our purpose is to elevate, empower, and transform their lives. Rated A+ by the Better Business Bureau, our goal is to help individuals and families get out of debt with the least possible cost through conducting financial consultations, educating the consumer and recommending the appropriate solution. We become our clients' number one advocate to help them reestablish financial stability as quickly as possible. Benefits National Debt Relief is a team-oriented environment full of rewards and growth opportunities for our employees. We are dedicated to our employee's success and growth within the company, through our employee mentorship and leadership programs. Our extensive benefits package includes: Generous Medical, Dental, and Vision Benefits 401(k) with Company Match Paid Holidays, Volunteer Time Off, Sick Days, and Vacation 12 weeks Paid Parental Leave Pre-tax Transit Benefits No-Cost Life Insurance Benefits Voluntary Benefits Options ASPCA Pet Health Insurance Discount Access to your earned wages at any time before payday National Debt Relief is a certified Great Place to Work ! National Debt Relief is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other status protected by law. For information about our Employee Privacy Policy, please see here For information about our Applicant Terms, please see here #LI-REMOTE

Job DescriptionBenefits: 401(k) 401(k) matching Competitive salary Dental insurance Health insurance Opportunity for advancement Paid time off Vision insurance Benefits/Perks Competitive Compensation Career Advancement Opportunities Great Work Environment Job Summary We are seeking an experienced Information Security Manager to join our team! As our Information Security Manager, you will be responsible for managing all Information Security projects, ensuring the safety and security of the data in our care, and identifying and eliminating threats before they start. You will also work closely with other departments to ensure compliance with security best practices and create reports to present to upper management and other department heads on security protocols. The ideal candidate has previous experience working in Information Security, has demonstrable experience leading a team, and has a deep understanding of best security practices. Responsibilities Manage IT projects and oversee goals, ensure metrics are being met, and projects are being completed in a timely manner Work closely with staff to manage any support issues that arise, handle all user access credentials, and hardware inventory Maintain and adjust any documentation for users in regard to common technology processes, hardware handling, and more Maintain and adjust any communications procedures to ensure staff issues are being heard and handled appropriately Investigate any security incidents and handle documentation and remediation Monitor security systems to protect data and spot any questionable activity before it becomes a threat Present reports to upper management to discuss security concerns and ongoing efforts, as needed Qualifications Previous experience in IT Security and Management preferred Strong interpersonal and communication skills Demonstratable experience and knowledge in IT, security, and best practices Strong leadership ability Self-driven and motivated The ability to meet deadlines and work under high-pressure situations Flexible work from home options available.

About Us At SentinelOne, we're redefining cybersecurity by pushing the limits of what's possible-leveraging AI-powered, data-driven innovation to stay ahead of tomorrow's threats. From building industry-leading products to cultivating an exceptional company culture, our core values guide everything we do. We're looking for passionate individuals who thrive in collaborative environments and are eager to drive impact. If you're excited about solving complex challenges in bold, innovative ways, we'd love to connect with you. What are we looking for? We are looking for a highly motivated, collaborative and experienced Senior InfoSec Risk Specialist with a security-focused mindset who can balance risk, business drivers and timelines. This position will be responsible for understanding and supporting the design of SentinelOne's organizational, procedural and technological security controls within the context of the security frameworks applicable to SentinelOne. In addition, you will be responsible for identifying and testing appropriate controls to ensure they are designed, implemented, and operating effectively to mitigate risk. The selected employee will help implement, automate, document and maintain controls while supporting and responding to inquiries from internal and external stakeholders. This individual must be self-directed and be able to work independently and collaboratively. What will you do? Support the planning and performance of IT risk-based security audits and projects, risk assessments, execution of fieldwork and communication to stakeholders. Help in evaluating relevant global standards, compliance frameworks and regulations to analyze existing controls; identify areas for improvement; and design control growth. Collaborate with process and control owners through the audit lifecycle for process documentation updates, testing coordination, remediation of identified deficiencies and advising on internal control enhancements or process changes, as appropriate. Proactively manage audit findings, tracking and documentation of status updates obtained via action owners, and timely execution of remediation activities. Participate in internal security and compliance programs and track recurring controls, such as SSAE 18 SOC 2, ISO 27001/27002. Provide control consultative support to the business to assist in redesign efforts to improve the control environment and identify opportunities for control improvements with the objective of mitigating risk and improving compliance and operational performance. Help support internal/external audits and evidence collection via a GRC tool. Document new and update existing policies, procedures, standards and resources Participate in Security awareness program, train personnel on data security and privacy-related processes and responsibilities. Help support customer security reviews, RFPs and external security and privacy inquiries. Participate in defining, collecting and tracking various Security Metrics. What skills and experience should you bring? 5+ years of experience working in information security, risk or compliance. Experience working with Security Controls across at least some of the following domains: Access Management, Encryption, Risk Management, Network Security, Configuration Management, Patch Management, Change Management, Awareness and Training, BC/DRP, etc. Ability to perform internal audits with minimal direct supervision, exhibit professional audit judgment and have experience in a broad range of audit projects such as SSAE 16/18 SOC 2, ISO 27001/2, NIST. Strong risk management experience, performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk. Strong project management skills and ability to manage a variety of projects simultaneously to completion within the agreed timelines. Excellent collaboration and interpersonal skills. Must be able to communicate with all levels in the organization. Ability to communicate effectively, in writing and verbally, to target audiences, including customers, partners, auditors, executive management, vendors, and peers. Experience working with both technical and non-technical teams. Ability and desire to understand the intent of requirements and provide effective recommendations. Ability to prioritize in a highly dynamic work environment. Our Preferred Qualifications: Advanced degree in computer science, Information Technology, Information Security or related field. Experience with, and strong understanding of common Security Compliance frameworks, controls, and best practices such as COSO, SOC 2, SOX ITGC, ISO 27001/27002, GDPR, PCI, NIST and other applicable regulatory compliance frameworks. Relevant certifications (ISO 27001 LA/LI, CISA, CISM, CISSP, CRISC, etc.) Ability to assess and pragmatically define scope and relevant controls. Strong desire to learn and continuously develop and deepen technical skills. Why us? You will be joining a cutting-edge company where you will tackle extraordinary challenges and work with the very best in the industry. Medical, Vision, Dental, 401(k), Commuter, Health and Dependent FSA Unlimited PTO Industry-leading gender-neutral parental leave Paid Company Holidays Paid Sick Time Employee stock purchase program Disability and life insurance Employee assistance program Gym membership reimbursement Cell phone reimbursement Numerous company-sponsored events, including regular happy hours and team-building events This U.S. role has a base pay range that will vary based on the location of the candidate. For some locations, a different pay range may apply. If so, this range will be provided to you during the recruiting process. You can also reach out to the recruiter with any questions. Base Salary Range$104,000-$138,000 USD SentinelOne is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. SentinelOne participates in the E-Verify Program for all U.S. based roles.

What Information Security and Risk contributes to Cardinal Health Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments. The Director, Information Security and Risk (Identity & Access Management) is responsible for leading the organization's Identity & Access Management (IAM) strategy, governance, and operations to ensure secure, efficient, and compliant access to technology resources. This role requires a leader with proven ability to execute large-scale enterprise IAM programs that directly impact how employees, contractors, and customers interact with Cardinal Health technology. Success in this role demands a balance between delivering a frictionless, user-friendly experience and maintaining the highest standards of security. The Director must also excel at building partnerships across the organization and collaborating on program delivery, while driving operational excellence and anticipating business risks associated with IAM changes. Location - Ideally targeting individuals local to Central Ohio, but open to candidates located nationwide (fully remote). If living within commutable distance of our corporate HQ in Dublin, OH - the expectation would be to come in-office two or three days a month for team meetings. Responsibilities Act as a visionary in designing and executing multi-year IAM strategy that aligns with business goals and customer needs Develop and oversee enterprise IAM policies, standards, and procedures, ensuring consistent enforcement across the organization. Lead IAM initiatives including identity lifecycle management (provisioning, de-provisioning, role-based access, entitlement reviews). Direct privileged access management (PAM) programs to safeguard critical systems and sensitive data. Ensure compliance with internal policies and external regulatory requirements (e.g., SOX, HIPAA, GDPR, PCI-DSS) through strong access controls. Execute enterprise IAM programs with significant business impact, ensuring seamless access for employees, contractors, and customers. Balance user experience with security by designing IAM solutions that are simple, intuitive, and resilient. Drive operational excellence by establishing repeatable processes, KPIs, and service delivery models for IAM functions. Build strong partnerships across IT, Security, HR, and business units to align IAM delivery with organizational priorities. Establish metrics and reporting mechanisms to monitor IAM effectiveness, operational performance, and program maturity for executive leadership. Lead training and awareness programs related to IAM policies, secure access practices, and identity governance. Qualifications Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field preferred. Ideally targeting individuals with 12+ years of IT/security experience with at least 5 years in IAM leadership roles preferred. Proven track record of executing enterprise IAM programs with measurable business impact. Prior people leadership experience and demonstrated ability to manage operational IAM teams, highly preferred. Expertise with IAM tools and platforms (e.g., Okta, SailPoint, CyberArk, Azure AD). Strong understanding of relevant Regulatory and Compliance requirements (HIPAA, SOX, HITRUST CSF, etc.). Strong understanding of authentication protocols (SAML, OAuth, OpenID Connect, Kerberos) and cloud IAM (AWS IAM, Azure RBAC, GCP IAM). Certifications such as CISSP, CIAM, or CISM preferred. Strong analytical, relationship management, and communication skills (both written and verbal). Ability to collaborate across functions and influence stakeholders to achieve IAM program success. What is expected of you and others at this level Provides leadership to managers and experienced professional staff; may also manage front line supervisors Manages an organizational budget Develops and implements policies and procedures to achieve organizational goals Assists in the development of functional strategy Decisions have an extended impact on work processes, outcomes, and customers Interacts with internal and/or external leaders, including senior management Persuades others into agreement in sensitive situations while maintaining positive relationships #LI-LP #LI-Remote Anticipated salary range: $135,400 - $228,910 Bonus eligible: Yes Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being. Medical, dental and vision coverage Paid time off plan Health savings account (HSA) 401k savings plan Access to wages before pay day with my FlexPay Flexible spending accounts (FSAs) Short- and long-term disability coverage Work-Life resources Paid parental leave Healthy lifestyle programs Application window anticipated to close: 12/25/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply. Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law. To read and review this privacy notice click here

Primary Responsibilities: Execute and support the Risk Management Framework (RMF) lifecycle including system categorization, control selection, implementation, assessment, and authorization. Develop, maintain, and validate System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, Contingency Plans (CPs), and related compliance documentation. Conduct and lead vulnerability assessments, leveraging tools such as Nessus, ACAS, and Fortify to identify and prioritize remediation efforts. Perform continuous monitoring of security controls and produce metrics, dashboards, and evidence in support of ATO renewals and sustainment. Analyze and respond to security incidents, working with SOC personnel and SIEM tools to evaluate logs, investigate events, and contain potential threats. Conduct internal audits and risk assessments to validate the effectiveness of implemented controls and identify compliance gaps. Provide security guidance to engineering and development teams, ensuring adherence to cybersecurity standards in a DevSecOps environment. Stay informed of evolving threats, vulnerabilities, and regulatory changes to proactively enhance security postures. Coordinate with Security Control Assessors (SCAs), ISSOs, system owners, and federal stakeholders on audit readiness and policy compliance. Draft and enforce cybersecurity policies, SOPs, and standards that support mission-critical systems across hybrid environments. All other duties as assigned by management. Qualifications Bachelor's or Associate's degree in Computer Science, Math, Information Technology, Engineering, or related field. Five (5) years of directly relevant experience may substitute for two (2) years of formal education. Minimum of five (5) years of experience in experience with vulnerability scanning tools and security assessment methodologies. Minimum of five (5) years of experience with network security, firewall management, intrusion detection/prevention systems (IDS/IPS). Minimum of (5) years of experience with Security Information and Event Management (SIEM). Minimum of five (5) years of experience in the risk management framework. Basic knowledge of the following: Active Directory, UNIX, RHEL, Windows, Relational Databases. Previous support of federal government enterprise systems or DHS/DOD programs is strongly preferred. Must have an active DoD Secret Clearance.

Overview of 66degrees 66degrees is a leading consulting and professional services company specializing in developing AI-focused, data-led solutions leveraging the latest advancements in cloud technology. With our unmatched engineering capabilities and vast industry experience, we help the world's leading brands transform their business challenges into opportunities and shape the future of work. At 66degrees, we believe in embracing the challenge and winning together. These values not only guide us in achieving our goals as a company but also for our people. We are dedicated to creating a significant impact for our employees by fostering a culture that sparks innovation and supports professional and personal growth along the way. Overview of Role A client of 66degrees' is seeking a junior contractor to engage on a 8+-month remote contract with the potential to extend/convert into a permanent role with the client. Interested candidates should have the following required skills and the ability to work independently as well as within a team environment. The Information Security Support Contractor will function as a member of the Security Support team and help support day-to-day operations. This role will focus on frontline duties and interact with technical and business units. This role requires strong teamwork and initiative, along with the ability to build and maintain relationships across technical and business units. Excellent communication skills are essential. Responsibilities Provide level 1 support for incident and request tickets escalated from other technical teams. Contribute to protecting the integrity and confidentiality of client data and infrastructure while enabling business functionality in all systems and environments by learning to support applicable security solutions. Learn about the security tools and solutions implemented within the organization. Assist in improving processes, identify efficiencies, and recommend solution enhancements to improve service-level delivery. Support the client Information Security Governance & Compliance team as needed during risk assessments, internal and external Information Security Audits, and Vendor reviews. Assist in supporting the Identity Access Management team. Gather and report on key organizational information security metrics. Qualifications 1-3 years of experience as an Information Security Analyst or experience in an IT support capacity. Required experience working with: Active Directory/Azure File Share Permissions Email security understanding Mimecast or a similar solution Keeper - Nice to have zScaler - Nice to have Strong communication, good customer service experience and flexibility with change are all required. Eagerness to work in a collaborative environment. 66degrees is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to actual or perceived race, color, religion, sex, gender, gender identity, national origin, age, weight, height, marital status, sexual orientation, veteran status, disability status or other legally protected class.

Why USAA? At USAA, our mission is to empower our members to achieve financial security through highly competitive products, exceptional service and trusted advice. We seek to be the #1 choice for the military community and their families. Embrace a fulfilling career at USAA, where our core values - honesty, integrity, loyalty and service - define how we treat each other and our members. Be part of what truly makes us special and impactful. The Opportunity As a dedicated Manager Senior, Information Security (Application Security), you will lead our Application Security Engineering (ASE) Team. ASE team is responsible for supporting the business in the protection and secure development of USAA application by ensuring security throughout the Software Development Process (SDLC). This leader will also be responsible for identifying emerging risks, documenting, and building business cases to address them. This team is a part of our Cyber Threat Operation Center (CTOC), which protects, detects and responds to cyber security events. The CTOC is comprised of several teams that partner as needed to provide centralized and coordinated response and mitigation activities. Leads one or more analytical, business or technical support functions and is responsible for the implementation and management of enterprise information security policies, standards, processes and solutions that ensure USAA establishes, deepens and retains a best-in-class security posture. Develops, designs and implements security governance and assurance processes within security domains. This role has a direct impact on protecting USAA's brand and reputation within assigned Information Security domains. Plans and organizes activities of professional and administrative staff engaged in providing information security/cyber security services associated with existing and emerging security risks in a complex and highly regulated environment. Partners with the lines-of-business, Enterprise Risk and Compliance, Audit Services, and Legal, to support enterprise information security risk and compliance initiatives. We offer a flexible work environment that requires an individual to be in the office 4 days per week. This position can be based in one of the following locations: San Antonio, TX, Plano, TX, Phoenix, AZ, Colorado Springs, CO. Relocation assistance is not available for this position. What you'll do: Responsible for ownership and execution of one or more critical security domains or capabilities. Implements senior leadership's strategic vision and leads their team in the compliant day-to-day completion of their assigned information security domain. Chips in to the organization's short and long-term vision, strategies, goals and metrics. Leads effective operation of assigned information security domain's day-to-day operations including capacity, resilience and dependability capabilities and how changes in conditions, operations, or the environment will affect the system's operation. Develops, reviews, and communicates information security risk management policies and procedures to ensure appropriateness and adequacy versus industry standard methodologies and regulatory requirements. Responsible for developing performance indicators and reporting the status of information security activities and alerting management to potential risks, compliance issues, and operational inefficiencies. Develops, designs, and delivers a sustainable governance and assurance model within multiple domains. Identifies, monitors and evaluates operational solutions to reduce information security risk, meet compliance requirements and increase enterprise workforce efficiency, business agility and workforce scalability. Promotes information security awareness within their teams and across Enterprise Security Group. Serves as financial steward for the organization and handles workforce and budgets to ensure they cost-effectively meet the needs of the organization. Builds and oversees a team of employees for assigned functional area through ongoing execution of recruiting, development, retention, coaching and support, performance management, and managerial activities. Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures. What you have: Bachelor's degree in Information Security, Information Technology, Computer Science, Business Administration, Information Systems/Management or related field; OR 4 years of related experience (in addition to the minimum years of experience required) may be substituted in lieu of degree. 6 years of related information security experience in one or more domains, e.g.: Cybersecurity, Identity and Access Management, Information Assurance and Governance, Operational Risk Management and/or Information Technology to include considerable accountability for projects, programs, processes or policies. 2 years of direct team lead, supervisory, or management experience in an Information Security or Information Technology domain. 2 years of researching, designing, or implementing technology, information security or cybersecurity solutions in a large financial institution or large enterprise information security program with a consistent track record of delivering results in compliance with federal/state/regulatory information security and risk management policies, standards, and guidelines. Working knowledge of relevant regulations and standards related to risk management and information security, e.g.: FFIEC, Gramm-Leach-Bliley, FFIEC Cybersecurity Assessment Tool, NIST Cybersecurity Framework and the Payment Card Industry Data Security Standard. Strong written and verbal communication skills, including the ability to communicate technical analyses to a non-technical audience. Strong knowledge of security technologies to include cryptography, authentication, authorization, and controls. Strong Knowledge of IT risks and experience implementing security solutions. Knowledge of threats, vulnerabilities, attack methods and countermeasures for web-based applications, networks, and cyber security solutions. Expertise in risk management processes and principles. Familiarity with budgets, forecasting, and executing on the budgets for the applicable information security, cybersecurity, or technology support function. What sets you apart: Robust understanding of Application Security Standard and Frameworks (OWASP Top 10, OWASP SAMM, BSIMM, NIST SSDF, etc.) Familiarity with application security testing tools (SAST/DAST/SCA/Containers) and Web Application Firewall (WAF) Familiarity with Agile Workflows and Software Development Process (SDLC) Strong relationship management skills and ability to engage business partners across the enterprise. Compensation range: The salary range for this position is: $138,230.00 - $264,200.00. USAA does not provide visa sponsorship for this role. Please do not apply for this role if at any time (now or in the future) you will need immigration support (i.e., H-1B, TN, STEM OPT Training Plans, etc.). Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market data of the position. The actual salary for this role may vary by location. Employees may be eligible for pay incentives based on overall corporate and individual performance and at the discretion of the USAA Board of Directors. The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job. Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals. For more details on our outstanding benefits, visit our benefits page on USAAjobs.com. Applications for this position are accepted on an ongoing basis, this posting will remain open until the position is filled. Thus, interested candidates are encouraged to apply the same day they view this posting. USAA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

United Community is seeking an experienced Information Security Controls Analyst to serve as a subject matter expert in evaluating and strengthening our cybersecurity and technology controls. This role plays a critical part in assessing risk exposure, recommending control improvements, and ensuring alignment with regulatory standards and business risk tolerance. You'll collaborate with enterprise risk, compliance, and legal teams to provide visibility into our risk posture and drive meaningful change across the organization. What You'll Do * Review and document the adequacy of security and technology controls across business and IT environments. * Evaluate control posture through interviews, documentation reviews, and workflow analysis. * Recommend and support implementation of risk reduction strategies via policies, procedures, and technical controls. * Partner with risk management and security leadership to align controls with organizational risk tolerance. * Identify control strengths and weaknesses related to privacy, security, resiliency, and compliance. * Document and advocate for control improvements that balance risk with operational efficiency. * Support control development across testing, QA, and production environments. * Present control effectiveness reports to senior risk leadership. * Stay current on regulatory requirements, internal policies, and industry best practices. Requirements For Success Experience: * 3+ years in cybersecurity or IT practitioner roles. * 2+ years in IT risk or controls analysis. * Practical experience with risk management and IT control frameworks. Education: Bachelor's degree preferred in Information Assurance, Computer Science, Engineering, or a related technical field. Required Skills: * Strong understanding of risk frameworks (CRI, COSO, RMF, COBIT, NIST). * Familiarity with regulatory standards (PCI, FFIEC, SOX, HIPAA, GDPR, CCPA, GLBA). * Experience with CIS CSC, ISO 2700, or NIST CSF. * Excellent written and verbal communication across all organizational levels. * Strong organizational skills and ability to meet SLAs. * Sound judgment and decision-making in complex scenarios. * High integrity, trustworthiness, and adaptability. Preferred Skills: * Certifications such as CISSP, CISA, CRISC, or CISM. * Technical experience with enterprise networks, applications, and directory services. * Familiarity with enterprise GRC platforms. Conditions of Employment * Must be able to pass a criminal background & credit check * This is a full-time, non-remote position FLSA Status: * Exempt We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state, or local protected class. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Pay Range USD $49,972.00 - USD $76,958.00 /Yr.