Information technology security manager jobs near me

Director, Identity and Access Management Engineer/ Full Stack Engineering At BNY, our culture allows us to run our company better and enables employees' growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world's investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance - and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary. We're seeking a future team member for the role of Director, Identity and Access Management Engineer/ Full Stack Engineering to join our Information Security Division team. This role is in United States-REMOTE In this role, you'll make an impact in the following ways: Architect and Deliver Scalable IAM Solutions: Lead the design, development, and deployment of SailPoint IIQ/ISC and related integrations to enable secure and compliant identity lifecycle management across the enterprise. Technology and Security Governance: Establish and enforce development standards, security controls, and code review processes in alignment with internal risk management, audit, and compliance requirements (e.g., SOC1, SOX, FFIEC, GLBA). Strategic Partnership and Roadmapping: Collaborate with senior technology and business leaders to define and execute the IAM strategy, roadmap, and modernization initiatives supporting digital banking and regulatory readiness. Innovation and Continuous Improvement: Drive efficiency through automation, reusable frameworks, and continuous integration practices that improve speed-to-market while maintaining compliance and control. To be successful in this role, we're seeking the following: 15+ years of progressive experience in software engineering for IAM solution development, including 5+ years of direct experience with SailPoint IdentityIQ and ISC Proven full-stack development expertise leveraging Java, Beanshell, REST/SOAP APIs, and relational databases (Oracle, SQL Server, or PostgreSQL). Experience integrating SailPoint IIQ/ISC with directory services (Active Directory, LDAP), SSO/MFA solutions, and enterprise cloud platforms (Azure, AWS). Solid understanding of financial regulatory frameworks impacting IAM (e.g., SOC1, SOX, GLBA, PCI DSS) and risk-based access controls. Hands-on experience implementing custom connectors, role models, and provisioning workflows within SailPoint. Familiarity with CI/CD pipelines (Jenkins, Git, Azure DevOps) and agile software delivery practices. Strong knowledge of information security, identity governance, and least-privilege access principles. People Leadership requirement: Lead and develop a team of SailPoint engineers and full-stack developers, ensuring alignment with strategic business and security objectives. Foster a high-performing, inclusive, and accountable team culture emphasizing technical excellence, innovation, and professional development. Provide thought leadership on identity security trends, regulatory impacts, and emerging technologies relevant to financial services. Collaborate closely with risk, compliance, audit, and cybersecurity teams to ensure controls are embedded in solution design and execution. At BNY, our culture speaks for itself, check out the latest BNY news at: BNY Newsroom BNY LinkedIn Here's a few of our recent awards: America's Most Innovative Companies, Fortune, 2025 World's Most Admired Companies, Fortune 2025 “Most Just Companies”, Just Capital and CNBC, 2025 Our Benefits and Rewards: BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans. BNY assesses market data to ensure a competitive compensation package for our employees. The base salary for this position is expected to be between $142,000 and $272,000 per year at the commencement of employment. However, base salary if hired will be determined on an individualized basis, including as to experience and market location, and is only part of the BNY total compensation package, which, depending on the position, may also include commission earnings, discretionary bonuses, short and long-term incentive packages, and Company-sponsored benefit programs. This position is at-will and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation) at any time, including for reasons related to individual performance, change in geographic location, Company or individual department/team performance, and market factors.

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today! Job Details Summary: We are seeking a highly skilled and experienced Director of Information Security - Customer Trust & Business Enablement to lead critical functions within our Information Security program. This role will be responsible for building and maintaining trust with customers by managing customer audit responses, implementing and overseeing a customer trust center, and driving initiatives that enable secure business operations. The ideal candidate will also oversee activities related to governance, risk, and compliance (GRC), including cyber insurance, ESG (Environmental, Social, and Governance) matters, and collaboration with cross-functional teams such as PMO (Project Management Office) and IT Business Management. As a trusted leader, the Director will develop and execute strategic roadmaps, ensure alignment with business objectives, and facilitate operational excellence through the creation and oversight of standard operating procedures (SOPs). This position reports to the VP of Information Security and will work closely with internal stakeholders, customers, and external auditors. Primary Duties & Responsibilities: Customer Trust & Business Enablement Lead and manage the Customer Audit Response Process, ensuring timely, accurate, and transparent communication of the organization's security posture to customers. Develop, implement, and manage the Customer Trust Center, serving as a centralized resource for customer security communications, FAQs, certifications, and other trust-building materials. Oversee customer contract reviews, specifically addressing information security and privacy clauses to ensure compliance with organizational policies and regulatory requirements. Facilitate the creation and delivery of customer security reports, including SOC 2, ISO 27001, and other relevant certifications or attestation documents. Act as the primary liaison between customers and the information security team to address customer concerns and inquiries related to cybersecurity. Governance, Risk, and Compliance (GRC) Develop and maintain SOPs (Standard Operating Procedures) for the team, ensuring consistent and efficient execution of GRC-related processes. Create and manage Cyber GRC Roadmaps, outlining strategic priorities, milestones, and deliverables for the GRC organization. Provide support for cyber insurance processes, including risk assessments, policy renewals, and coordination with internal and external stakeholders. Support the organization's ESG initiatives by addressing cybersecurity-related matters, such as data privacy, security metrics, and compliance with ESG standards. Cross-Functional Collaboration Collaborate with the PMO (Project Management Office) and IT Business Management Teams to facilitate the development and tracking of project plans related to the GRC organization. Serve as a key interface between Information Security and other business units to ensure alignment of security, compliance, and business objectives. Drive cross-departmental initiatives and projects that enable business growth while maintaining a strong cybersecurity posture. Strategic Leadership Provide visionary leadership to the Customer Trust and Business Enablement team, fostering a culture of collaboration, innovation, and continuous improvement. Develop metrics and KPIs to track the performance and effectiveness of customer trust and GRC initiatives. Stay informed on industry trends, emerging threats, and regulatory changes to ensure the organization remains proactive and compliant. Act as a trusted advisor to senior leadership, providing insights and recommendations regarding customer trust, GRC, and business enablement strategies. Qualifications: Education and Experience: Bachelor's degree in Information Security, Cybersecurity, Computer Science, Business Administration, or a related field (Master's degree preferred). 8+ years of experience in Information Security, Governance, Risk, and Compliance (GRC), or a related field. 5+ years of leadership experience managing teams and driving cross-functional initiatives. Skills and Competencies Deep understanding of information security frameworks and standards (e.g., NIST CSF, ISO 27001, SOC 2). Strong knowledge of GRC principles, customer audit response, and security compliance requirements. Experience with customer contract reviews related to cybersecurity and privacy clauses. Demonstrated ability to develop and execute strategic roadmaps and operational plans. Familiarity with cyber insurance processes and ESG reporting for cybersecurity matters. Exceptional project management skills with experience interfacing with PMOs and IT business management teams. Excellent communication and interpersonal skills, with a proven ability to build trust with customers and internal stakeholders. Strong problem-solving and decision-making skills, with the ability to manage competing priorities in a fast-paced environment. Certifications (Preferred): Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) ISO 27001 Lead Auditor or Implementer Project Management Professional (PMP) Key Competencies: Customer Focus: Demonstrates a deep commitment to building and maintaining customer trust through transparency and responsiveness. Leadership: Inspires and motivates teams to achieve shared goals while fostering a culture of accountability and collaboration. Strategic Thinking: Balances long-term vision with tactical execution to achieve business and security objectives. Collaboration: Works effectively across teams and departments to drive alignment and achieve organizational goals. Continuous Improvement: Continuously seeks opportunities to optimize processes, reduce risk, and enhance the customer experience. What Cencora offers We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit ************************************** Full time Salary Range*$124,000 - 190,850 *This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado/California/Washington/New York/Hawaii/Vermont/Minnesota/Massachusetts/Illinois State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range. Equal Employment Opportunity Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law. The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory. Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call ************ or email ****************. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned . Affiliated Companies:Affiliated Companies: AmerisourceBergen Services Corporation

Our Director of Information Security provides strategic leadership and vision for enterprise-wide security operations, governance, and risk management. This role oversees and matures the organization's operations security program, ensuring alignment with business objectives, regulatory requirements, and industry best practices. The Director partners with senior leadership, technology leaders, and business stakeholders to embed security into products, services, and culture. This position reports to the Vice President of Information Security and leads a growing team (4-6 ICs) of security professionals across operational security, incident response, compliance, and governance. Responsibilities Strategic Leadership & Vision Help define and execute the enterprise information security strategy, ensuring alignment with corporate objectives and customer trust. Serve as an advisor to the various teams, technology leaders, and business stakeholders on emerging threats, risks, and security requirements. Lead the evolution of security as a business enabler and differentiator, ensuring resilience, trust, and compliance are built into tools and operations. Team & Program Leadership Manage, mentor, and scale a high-performing security team across security operations, incident response, and data security functions. Establish clear career paths, KPIs, and success metrics to drive accountability, engagement, and professional growth. Foster a culture of continuous improvement, innovation, and proactive risk management. Operational Security & Incident Response Oversee enterprise security operations, including SIEM, log correlation, endpoint security, threat hunting, and vulnerability management. Direct incident response efforts, ensuring effective playbooks, rapid resolution, and post-incident learning. Drive automation, orchestration, and AI/ML-enabled threat detection to increase efficiency and reduce response times. Governance, Risk, & Compliance Partner with the GRC Team with security compliance frameworks (e.g., SOC 2, ISO 27001, PCI-DSS, HIPAA, FedRAMP, etc.) and ensure continuous readiness for audits. Develop and maintain enterprise security procedures, standards, and controls aligned to NIST, CIS, and OWASP frameworks. Participate in third-party risk management, vendor security assessments, and business continuity planning. Innovation & Emerging Technologies Provide guidance on secure adoption of cloud, SaaS, and SASE platforms. Champion responsible and secure use of emerging technologies (e.g., AI/ML, automation, zero trust, secure access). Anticipate future risks and proactively shape organizational security posture. Qualifications Education/Experience 10+ years of progressive information security experience, including significant leadership responsibility. 5+ years leading security teams in enterprise environments. Industry-recognized certifications strongly preferred (CISSP, CCISO, CISM, GSEC, GCIH, CEH, etc.). Required Skills/Abilities Proven success in building and maturing security programs that align with business strategy. Strong knowledge of security technologies (firewalls, DLP, IDS/IPS, MDM, SIEM, EDR, etc.) and modern architectures (SaaS, SASE, Zero Trust). Deep technical foundation across cloud/SaaS systems, network and endpoint security, cloud security, and secure configurations. Familiarity with penetration testing, forensic practices, and threat modeling. Strong executive communication skills with experience presenting to leadership, audit committees, and regulators. Demonstrated ability to lead cross-functional initiatives and drive measurable risk reduction. National Debt Relief Role Qualifications: Computer competency and ability to work with a computer. Prioritize multiple tasks and projects simultaneously. Exceptional written and verbal communication skills. Punctuality expected, ready to report to work on a consistent basis. Attain and maintain high performance expectations on a monthly basis. Work in a fast-paced, high-volume setting. Use and navigate multiple computer systems with exceptional multi-tasking skills. Remain calm and professional during difficult discussions. Take constructive feedback. Compensation Information Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for each position across the US. Within the range, individual pay is determined by work location, job-related skills, experience, and relevant education or training. This good faith pay range is provided in compliance with NYC law and the laws of other jurisdictions that may require a salary range in job postings. The salary for this position is $198,500 - $228,500. About National Debt Relief National Debt Relief was founded in 2009 with the goal of helping an expanding number of consumers deal with overwhelming debt. We are one of the most-trusted and best-rated consumer debt relief providers in the United States. As a leading debt settlement organization, we have helped over 450,000 people settle over $10 billion of debt, while empowering them to lead a healthier financial lifestyle and feel free to live their best life. At National Debt Relief, we treat our clients like real people. Our purpose is to elevate, empower, and transform their lives. Rated A+ by the Better Business Bureau, our goal is to help individuals and families get out of debt with the least possible cost through conducting financial consultations, educating the consumer and recommending the appropriate solution. We become our clients' number one advocate to help them reestablish financial stability as quickly as possible. Benefits National Debt Relief is a team-oriented environment full of rewards and growth opportunities for our employees. We are dedicated to our employee's success and growth within the company, through our employee mentorship and leadership programs. Our extensive benefits package includes: Generous Medical, Dental, and Vision Benefits 401(k) with Company Match Paid Holidays, Volunteer Time Off, Sick Days, and Vacation 12 weeks Paid Parental Leave Pre-tax Transit Benefits No-Cost Life Insurance Benefits Voluntary Benefits Options ASPCA Pet Health Insurance Discount Access to your earned wages at any time before payday National Debt Relief is a certified Great Place to Work ! National Debt Relief is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other status protected by law. For information about our Employee Privacy Policy, please see here For information about our Applicant Terms, please see here #LI-REMOTE

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** Location: Remote Reports to: VP, Black Lotus Security Group Clearance Required: Active TS/SCI with CI polygraph About Black Lotus Security Group Black Lotus Security Group (BLSG) is Lumen Technologies' advanced threat intelligence and network engineering organization. BLSG combines global internet telemetry, large-scale analytics, and deep security engineering expertise to uncover, disrupt, and defend against the most sophisticated cyber threats. Our mission is to protect critical infrastructure, enterprises, and governments by transforming raw network visibility into actionable intelligence and resilient security solutions. Through close collaboration with customers, partners, and the broader security ecosystem, BLSG delivers scalable defenses that safeguard the world's most complex networks. **The Main Responsibilities** We are seeking a Principal Information Security Engineer Director, Information Security to support high-value public- and private-sector customers. You will be primarily responsible for deploying, configuring, and securing network security gear, with a strong emphasis on optical fiber installation, testing, and maintenance. You will focus on hands-on implementation, troubleshooting, and support in complex environments, while collaborating with internal teams and customers to ensure resilient and secure solutions. What You'll Do Deploy, configure, and maintain routers, switches, firewalls, and VPNs across data center and field environments. Install, terminate, and test optical fiber (single-mode and multi-mode), and end-to-end troubleshooting. Serve as a trusted technical contact for customers, vendors, and peers during deployments and escalations. Produce clear, reusable technical documentation including network diagrams, Methods of Procedure (MoPs), and runbooks. Identify risks during deployment and ensure adherence to compliance and government security standards. Collaborate with cross-functional teams to integrate security into network design and deployments. Travel domestically as required to support surveys, installations, and cutovers. Perform advanced troubleshooting of network security issues and escalations to restore service quickly and prevent recurrence. Define and execute repeatable lab and field test procedures; help standardize deployment patterns and acceptance criteria. Coordinate activities with vendors, internal teams, and customer stakeholders to meet scope, schedule, and quality objectives. Contribute to peer knowledge transfer and the documentation of best practices and lessons learned. Who You Are You are a hands-on engineer who thrives in complex, mission-critical environments. You communicate with clarity, drive accountability through partnership, and can translate strategy into executable tasks in the field. You bring a bias for action, meticulous documentation habits, and the ability to apply structure to ambiguity while engaging stakeholders professionally. **What We Look For in a Candidate** Active TS/SCI clearance with CI polygraph. Applicants selected will be subject to a government security investigation and must meet eligibility requirements and either currently possess an active security clearance or be clearable to obtain one. US Citizenship required. 8+ years of progressively responsible experience in network engineering or security operations. Strong hands-on expertise with optical fiber (testing and troubleshooting across single-mode and multi-mode). Proven experience with routed and switched networks: TCP/IP, Ethernet, VLANs, IPsec, VPNs, and firewalls. Familiarity with automation/configuration tools (e.g., Ansible). Background in system, network, or security administration (Unix/Linux preferred). Excellent written and verbal communication skills; proven stakeholder engagement with customers and vendors. Preferred Qualifications Experience with SD-WAN platforms (e.g., Fortinet, Juniper, Viptela, Aruba) and load balancers (F5, Citrix). Familiarity with NIST standards, DISA STIGs, TIC 3.0, and Zero Trust architectures. Demonstrated contributions to standards, documentation, and technical training in large-scale environments. Success in This Role 30 days: Complete onboarding, assume responsibility for assigned environments, and deliver an initial deployment assessment. 60 days: Independently execute deployments, including optical fiber testing and documentation. 90 days: Lead deployments end-to-end and produce hardened design recommendations aligned to compliance requirements. Additional Details Work Model: Remote; domestic travel as required for site surveys, installation, testing, and cutovers. Documentation & Quality: Create and maintain MoPs, runbooks, test plans, and as-built diagrams; contribute to continuous improvement of deployment standards. Compliance: Ensure risk mitigation and compliance in all deployments; raise and track issues to closure in collaboration with stakeholders. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure \#LI-Remote **What to Expect Next** Requisition #: 339752 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 11/30/2025

Unacast is a global location intelligence and insights company transforming our understanding of human activity in the physical world. Using state-of-the-art machine learning and artificial intelligence, Unacast extracts valuable information from location data, delivering trustworthy, reliable, and privacy-friendly location intelligence. Companies across industries, at every stage of growth, rely on Unacast's actionable human mobility insights to make more informed decisions that better align with the world around them. Overview: Unacast is looking for a Director of Information Security to own and execute our security program from soup to nuts, handling everything from day-to-day operations to implementing practical security measures. This is a hands-on role where you'll roll up your sleeves, tackle real security challenges, and directly shape how we protect our systems, data, and people. You will work closely with leadership, engineering, and operations to safeguard our infrastructure, ensure compliance, and continuously improve our security posture. This role is ideal for someone who thrives in a fast-paced environment and wants to make a tangible, lasting impact by doing and building yourself. Key Responsibilities: Own and execute security roadmaps for protecting Unacast's data, systems, and cloud environments (AWS, GCP), covering day-to-day operations and practical security measures. Conduct risk assessments, penetration testing, monitoring, and incident response to address emerging threats and keep systems and data secure. Implement and manage security controls including access management, intrusion detection, and endpoint standards across physical endpoints and cloud environments. Lead security audits and certifications such as ISO 27001 and SOC 2, ensuring compliance with relevant standards. Work closely with engineering to integrate security best practices into architecture, infrastructure, and product development. Respond to security incidents quickly and effectively, minimizing disruption. Track and report key security metrics to show risks, progress, and opportunities for improvement. Support customer security reviews, RFPs, and compliance discussions as the external voice of Unacast's security program. Collaborate with the Unacast Privacy team to align data security and privacy strategies. Maintain clear and actionable security documentation, including policies and playbooks, ensuring they stay current and accessible. Lead company-wide security awareness and training initiatives to build a culture of security vigilance. Qualifications: 10+ years in security experience managing both strategy and execution. One or more relevant industry certifications such as CISSP, CCSP, CISM, CISA, or AWS Security Specialty. Hands-on expertise in securing cloud environments (AWS, GCP), implementing security controls, and managing incidents. Experience with achieving and maintaining ISO 27001 certification, SOC 2, or similar standards. Experience integrating security into engineering, DevOps, and cloud environments. Expertise in relevant security regulations, laws, and standards, with an in-depth understanding of data protection, cybersecurity best practices, and Continuity of Operations Planning (COOP) and Disaster Recovery Planning. Expertise in security frameworks, standards, and best practices, including hands-on experience with incident response, risk assessment, penetration testing, and security audits. Awareness of emerging security threats, trends, and new technologies impacting the field. Team player with a strong business mindset, building credibility and trust with customers to drive outcomes. Strong analytical skills to assess threats and design effective security solutions. Excellent communication skills with the ability to translate complex security topics for both technical and non-technical stakeholders. A roll-up-your-sleeves mentality, eager to own, build, and execute security initiatives at all levels Other Info This is a remote position that will require periodic meetups at our office in Ashburn, VA and/or occasional travel. Preference for candidates on EST or CST time zones who reside in the following states: CT, FL, GA, IA, IL, IN, MA, MD, MN, NC, NJ, NY, PA, RI, SC, TX, VA, WV. We offer competitive salaries, benefits and unlimited PTO. The typical base salary range for this role is $170,000 to $210,000. Ranges are based on various factors including the labor market, job type, job level, internal equity, and budget. Exact salary offers will be determined by factors such as the candid0ate's skills, qualifications, experience and geographic location. Unacast is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, creed, disability, ethnicity, gender identity or expression, marital status, national origin, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by law. Unacast is committed to making the job application process accessible to everyone. If you are living with a disability (visible or not visible), we will provide a reasonable accommodation for any part of the application or hiring process. To request an accommodation in connection with the application or recruiting process, please contact Human Resources at ************. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Unacast participates in the E-Verify program.

Type of Requisition: Pipeline Clearance Level Must Currently Possess: Other Clearance Level Must Be Able to Obtain: None Public Trust/Other Required: SSBI (T5) Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information System Security, Security Controls, System Security Certifications: None Experience: 5 + years of related experience US Citizenship Required: No Job Description: INFORMATION SECURITY MANAGER MEANINGFUL WORK AND PERSONAL IMPACT As an Information Security Manager, you will be part of a program that provides ongoing support for Custom and Border Protection's (CBP) Network Operations Center (NOC) and Wireless Network Operations Center (WNOC). These centers perform real-time monitoring, proactive maintenance, incident detection and response, problem resolution, and network performance reporting across CBP's nationwide enterprise. This role is contingent upon contract award expected in early 2026. KEY RESPONSIBILITIES/TASKS: The ISSO will report to the government Program Manager, government Technical POC / Task Manager. Certifications, such as Network+ and Security +, CISSP and Security auditing are recommended. WHAT YOU'LL NEED TO SUCCEED • Proficient in network and information system security principles and best practices. • In-depth knowledge of the Risk Management Framework (RMF), the NIST publications, and the DHS 4300A Policy Directive. • Experience with implementing the NIST 800-53 Security Controls in an Assessment & Authorization (A&A) process. • Experience reviewing Nessus scans, managing vulnerability mitigation and the information security process in an Enterprise environment. • Basic understanding of Enterprise networking concepts. • Ability to work well within a team environment and build reports with government and customer organizations. GDIT IS YOUR PLACE At GDIT, the mission is our purpose, and our people are at the center of everything we do. ● Growth: AI-powered career tool that identifies career steps and learning opportunities ● Support: An internal mobility team focused on helping you achieve your career goals ● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off ● Community: Award-winning culture of innovation and a military-friendly workplace OWN YOUR OPPORTUNITY Explore a career in cyber at GDIT and you'll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters. The likely salary range for this position is $125,528 - $169,832. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Onsite Work Location: USA VA Ashburn Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Why LeoLabs? At LeoLabs, we're building the living map of activity in space. Through our proprietary global radar network and AI-enabled analytics platform, we collect millions of measurements daily on more than 241,000 objects in low Earth orbit (LEO). Our radar-powered intelligence protects billions in assets, monitors adversarial behavior, and ensures safe operations for commercial and government missions. We're not just building technology, we are redefining global security, safety, and transparency in space. As orbital activity accelerates and threats grow more complex, LeoLabs is a trusted partner for Space Domain Awareness, Space Traffic Management, and Satellite Operations for top-tier space operators and allied defense organizations. If you're looking to work on mission-critical challenges at the forefront of aerospace, national security, and AI, your impact starts here. Director, Information Security Governance, Risk & Compliance (GRC) Summary: This role leads LeoLabs' global Information Security Governance, Risk, and Compliance (GRC) programs, reporting to the Chief Legal Officer (CLO) and working in direct partnership with the Chief Operating Officer (COO). The Director drives enterprise-wide cybersecurity strategy, risk management, and compliance initiatives - ensuring protection of critical business processes, IT systems, and Operational Technology infrastructure. The role requires strong technical expertise, leadership acumen, and the ability to balance strategic direction with tactical execution across multiple geographies and stakeholders. Top Priorities * Lead and mature the enterprise cybersecurity and GRC strategy - build scalable governance frameworks and ensure alignment with business goals. * Assess and mitigate organizational risk - conduct risk assessments, close compliance gaps, and drive remediation of vulnerabilities. * Ensure regulatory and contractual compliance - manage frameworks such as FedRAMP, CMMC, NIST, ISO 27001, GDPR, and others. * Oversee incident response and resilience - develop and execute response plans, lead cross-functional remediation, and report to executive leadership. * Partner across the enterprise - build collaboration with Legal, HR, IT, and Operations to embed security and compliance awareness. * Drive major transformation initiatives - including AI adoption risk frameworks, Post-Quantum Cryptography, and Zero Trust architecture implementation. Key Responsibilities Strategic Leadership * Develop, implement, and monitor a comprehensive enterprise cybersecurity and risk management program. * Oversee tactical execution of short- and long-term objectives for all GRC activities, including budget, staffing, and performance outcomes. * Establish performance metrics and transparent reporting to demonstrate organizational and operational security health. Risk & Compliance Management * Conduct enterprise and tactical risk assessments to identify critical risks and vulnerabilities. * Develop remediation plans to mitigate risks to confidentiality, integrity, and availability of data. * Lead compliance readiness efforts (e.g., FedRAMP, CMMC, ATO frameworks, NIST CSF, ISO 27001, GDPR, FAR/DFAR, CCPA). * Implement and manage third-party Vendor Risk Management and assessment programs. Policy, Governance, & Auditing * Define, enforce, and maintain security policies, standards, and procedures in collaboration with stakeholders. * Manage periodic audits and compliance assessments, reporting on program maturity, risk posture, and performance to executives. * Lead the adoption of eGRC tools and automation to improve visibility and accountability across business units. Incident Response & Operational Security * Lead development and execution of the incident response plan; coordinate investigations and remediation activities. * Partner with threat intelligence and vulnerability management teams to prioritize and close high-risk issues. * Ensure that security controls and technologies are properly configured and continuously monitored. Cross-Functional Collaboration * Build strong partnerships with Legal, Security, Compliance, HR, IT, and Operations teams. * Foster a security-first culture through training and awareness programs. * Serve as a key point of contact for internal and external audits, customer inquiries, and global stakeholder engagement. Special Programs * Serve as lead for SCIF accreditation and COMSEC custodianship in accordance with classified security requirements. * Lead innovation initiatives including: * Development of AI Risk Frameworks tailored to LeoLabs' environment. * Preparation for Quantum Computing and Post-Quantum Cryptography adoption. * Implementation and ongoing maturity of Zero Trust principles across the enterprise. Education & Certifications * Bachelor's Degree required; advanced degree in Information Security or Computer Information Technology preferred. * Certifications such as CISSP, CISM, CRISC, CISA highly desirable. Experience & Skills * 10-12 years of related experience, with 5+ years in supervisory or program/project management roles. * Expertise in cybersecurity governance, risk management, and compliance frameworks (NIST 800-53/171, CMMC, ISO 27001, Cloud Security Alliance). * Strong grasp of cloud infrastructure, access controls, and change management. * Demonstrated experience with agile methodologies and organizational change management. * Excellent executive communication, analytical, and problem-solving skills. * Proven ability to manage competing priorities in a fast-paced, global environment. * Results-oriented with exceptional attention to detail and accountability. Leadership Focus This leader will: * Oversee enterprise cybersecurity and GRC strategy. * Manage information security programs, ensuring alignment and regulatory compliance. * Serve as a trusted advisor to the CLO and COO. * Represent LeoLabs in interactions with regulators, partners, and external stakeholders. Perks and Benefits * Global workforce: flexible remote/hybrid opportunities * Work on complex, meaningful missions with real-world impact * Unlimited paid time off for most roles * Competitive salary and equity packages * Comprehensive health, dental, and vision coverage * Access to the forefront of commercial space operations and defense innovation All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, disability, or status as a protected veteran.

As a Manager of Information Security Compliance, you will support Bloomberg Industry Group's Governance, Risk, and Compliance (GRC) programs. You will be part of a team that delivers customer trust, vendor risk oversight, and compliance with regulatory and industry standards. This role requires balancing hands-on expertise with enabling cross-functional teams to achieve security and privacy objectives, and serving as a key representative to clients, auditors, and regulators. What you will do: * Strategy: * Support ownership of the information security compliance roadmap, ensuring alignment with organizational priorities. * Act as a trusted advisor to senior leadership, providing insights on security risk, compliance obligations, and emerging regulations. * Program Execution: * Support all security & privacy compliance efforts including but not limited to, SOC, GDPR, CCPA, privacy by design, etc. * Develop, maintain, and enforce internal information security compliance policies, standards, and controls across diverse systems and platforms. * Manage the vendor risk management lifecycle: onboarding, due diligence, and ongoing monitoring. * Interface with vendors and business leads to clearly understand their risk profile. * Represent Information Security in customer security assessments, RFPs, and compliance discussions. * Conduct investigations of data security risks and provide consultation to internal and external stakeholders to mitigate risk. * Develop and implement companywide information security training and awareness programs. * Define and drive risk management and compliance goals for the organization * Participate in both internal and external audit activities; aid in compliance audits in support of ISO 27001/2, SOC, etc. * Collaborate with teams across the organization to ensure continued compliance to policies and security standards. * Innovation & Emerging Risk * Monitor and assess risks related to emerging technologies such as Artificial Intelligence, data governance platforms, and cloud-native architectures. * Support development of AI governance policies and frameworks that align with regulatory expectations and customer trust requirements. * Raise organizational awareness of new and evolving security risks, and ensure controls evolve to address them. You need to have: * Bachelor's Degree or equivalent experience; advanced degree or industry certifications (CISM, CISA, CISSP, ISO 27001 Lead Auditor/Implementer) a plus. * 4 years of progressive experience in Risk Management, Compliance, Information Security or Technology Management role. * Experience with common Information Security Compliance standards and frameworks (such as, ISO 27001/2, PCI, SOC 1/2/3, and NIST etc.). * Demonstrated security assessment, risk analysis, gap analysis, auditing, causal analysis, corrective action planning, and compliance assessment experience. * Strong communication and presentation skills, with the ability to influence executives and collaborate with technical teams. * Demonstrated success in managing customer trust initiatives, vendor risk processes, and audit readiness. * Ability to balance strategic program oversight with hands-on execution when necessary. Equal Opportunity Bloomberg Industry Group maintains a continuing policy of non-discrimination in employment. It is Bloomberg Industry Group's policy to provide equal opportunity and access for all persons, and the Company is committed to attracting, retaining, developing, and promoting the most qualified individuals without regard to age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or maternity/parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law ("Protected Characteristic"). Bloomberg prohibits treating applicants or employees less favorably in connection with the terms and conditions of employment, in all phases of the employment process, because of one or more Protected Characteristics ("Discrimination").

SG2 Recruiting is seeking an information security manager to support IC client in the Washington DC Metro area. The information security manager (ISM) will apply their proactive approach to safeguarding organizational data and systems. Key responsibilities will include leading incident response, implementing security measures, managing system vulnerabilities, and ensuring compliance through evaluation and accreditation processes. The ISM will also develop security policies, provide training, and oversee the maintenance of security infrastructure, all while analyzing threat intelligence to mitigate risks and maintain a robust security posture. What You Will Be Doing: Recommending, scheduling, and implementing IA-related repairs. Coordinating and supporting all applications and operations. Leading teams and supporting actions to quickly resolve or mitigate IA problems for the IS environment. Supporting the installation of new or modified hardware, operating systems, and software applications, ensuring integration with security requirements. Identifying and determining whether a security incident indicates a violation of law requiring specific legal action. Directing and implementing operational structures and processes to ensure an effective security program, including boundary defense, incident detection and response, and key management. Providing direction and supporting system developers regarding the correction of security problems identified during testing. Evaluating functional operations and performance in light of test results and recommending actions regarding Certification and Accreditation (C&A). Examining IS vulnerabilities and determining actions to mitigate them. Monitoring and evaluating the effectiveness of IS security procedures and safeguards. Analyzing security incidents and patterns to determining remedial actions to correct vulnerabilities. Supporting the development and implementing of the IS termination plan to ensure that security incidents are avoided during shutdown and long-term protection of archived resources is achieved. Implementing vulnerability countermeasures. Providing support for IA customer service performance requirements. Providing support for the development of IA-related customer support policies, procedures, and standards. Writing and maintaining scripts required to ensure security. Implementing and maintaining perimeter defense systems, including, but not limited to, intrusion detection systems, firewalls, and grid sensors. Scheduling and performing regular and special backups. Establishing logging procedures, such as important IS events, services and proxies, and log archiving facilities. Providing training for IAT Level I and II personnel. Analyzing IAVAs, ICVAs, and IAVBs for impact and taking or recommending appropriate action. What You Will Need: Active TS/SCI with a CI polygraph Ability to commute to Alexandria, VA office five (5) days per week Doctorate degree in a STEM-related technical field with 8 years of relevant experience Or master's degree with 10 years of related experience Or bachelor's degree with 12 years of experience, OR associate's degree with 14 years of experience OR high school diploma with 16 years of experience One or more of the following certifications: GIAC Security Expert (GSE) Certified Information Systems Auditor (CISA), GIAC Certified Incident Handler Certification (GCIH), or Certified Information Systems Security Professional (CISSP) required About Client: Client does not discriminate based on race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity, or any other reason prohibited by law in providing employment opportunities and benefits.

LOGIS has an opportunity for an Information Security Specialist within our Network Services Team. This position is responsible for monitoring and analyzing security events, leading incident response efforts, performing risk, vulnerability, and threat assessments - including threat intelligence and threat hunting activities. In addition to the technical responsibilities, this role provides security guidance, supports compliance initiatives, and drives continuous improvement in detection and response capabilities. We strive to be a premier employer offering competitive compensation and a generous benefits package, including participation in the PERA pension plan. In addition, we offer a predominantly remote work schedule. Salary will be dependent on qualifications and experience. The position is open until filled. Applications will be reviewed on an ongoing basis as they are submitted. Please submit a resume and cover letter to **************. Go to the LOGIS website for the full job description ******************************

Department: Col of Engineering and Computing Classification: Administrative Faculty Job Category: Administrative or Professional Faculty Job Type: Full-Time Work Schedule: Full-time (1.0 FTE, 40 hrs/wk) Workplace Type: Hybrid Eligible Sponsorship Eligibility: Not eligible for visa sponsorship Salary: Salary commensurate with education and experience Criminal Background Check: Yes About the Department: The College of Engineering and Computing (CEC) is the largest academic unit at George Mason University with approximately 11,000 students and over 400 faculty and staff and annual research expenditures of over $80M. The IT Department supports and administers all computing systems in the College of Engineering and Computing. The department coordinates with CEC faculty and staff to meet academic and research needs, and coordinates with George Mason central IT (ITS) and other George Mason entities as needed for operational continuity and constituent support. George Mason University provides outstanding benefits to employees, including, but not limited to, a generous number of holidays and tuition remission. More information is available at **************************** About the Position: The Director of IT and Security serves as the Chief Technology Officer for the College of Engineering and Computing (CEC). The position is also responsible for developing and directing implementation of IT strategies, security, compliance, and best practices, and supervising department staff to support all IT functions within CEC or used by CEC constituents. Responsibilities: Strategic Planning and University Collaboration: * Works with faculty and school administration to identify and plan for enrollment growth and changes in academic programs; * Works with central IT department and other campus units to prepare for changes to systems, university policies, and regulations; * Plans for needed changes in computing and networking infrastructure; * Serves as subject matter expert and CEC advocate on university committees related to IT technology at George Mason, including, but not limited to, research computing support, pedagogical computing requirements, software management, classroom design and management, and security management; * Disaster planning - in partnership with central IT, works to ensure that there is a plan for business continuity related to CEC IT systems and technology in event of a natural disaster; * Emergency response - is responsible for managing and overseeing the emergency response plan related to CEC IT systems and technology; * Maintains awareness of and plans for implementation of new technology; * Provides advice to faculty and school administration on technology and security issues, including use of technology in research, course delivery on-line and on-campus, audio-visual equipment use, and technology use in labs; * Identifies and prepares for changes in technology, government regulations, and higher education that may affect the role of the department in supporting the community; and * Maintains awareness of changes in higher education landscape that will affect IT functions and support in CEC and GMU. Supervisory - Directs Department Staff in Support of: * Student and educational computing, including classrooms, computer labs, and software license acquisition and management; * Faculty and staff computing needs, including advice on computer purchases and configuration, application support, and problem diagnoses and remediation; * Faculty computing needs for teaching and research, to include advice on equipment and services acquisition and use through internal or public resources; * Network management to provide computer connectivity and maintain systems security; * Compliance with campus security and other policies and practices; * Maintenance of inventory of CEC IT resources and assets (e.g., networks, servers, websites, and systems administrators); * Room scheduling requests; and * Fixed asset management including acquisition, replacement, and disposal. Policy: * Ensures compliance with federal, state, and George Mason policies, laws, and regulations, including export control restrictions and data security restrictions such as CUI, PCI, PII, HIPAA, FERPA, export controls, and ITAR; * Educates CEC students, staff, and faculty on security risks and best practices; * Educates CEC students, staff, and faculty on issues involving software license compliance and risks; * Ensures policy and legal compliance on central campus systems where feasible; * Supports campus work on security audit compliance; * Works with CEC students, staff, and faculty to minimize risks to data, equipment, facilities, and community members, and mitigate any breaches; and * Collaborates with campus entities on development of new policies. Administrative - Works with Staff to: * Monitor expenditures to align with budget; * Intermediate with campus technology providers where needed; * Work with technology and A/V vendors to develop and implement systems supporting teaching, research, and meetings; * Work with vendors and appropriate campus resources in support of software acquisition and license compliance and management; and * Manage the equipment life cycle, including replacement planning; and * Perform other related duties as assigned. Required Qualifications: * Master's degree in related field, or equivalent combination of education and experience; * Considerable experience in enterprise technology management; * Significant experience working with enterprise technology; * Experience in department budget management; * Experience in managing IT in an environment with multiple user hierarchical levels, such as in education and healthcare; * Knowledge of computing support requirements in a diverse environment consisting of a user community performing in multiple roles (administrative, operational, teaching, research) and diverse platforms, both on premises and through public cloud providers. Transferable skills, such as from healthcare, government, or research facilities are acceptable; * Knowledge of IT security management including regulatory and standards compliance (e.g., HIPAA, CUI, PII, FERPA, NIST, ISO); * Knowledge of current cybersecurity issues and protocols; * Superior customer service skills including ability to communicate and collaborate effectively with both technically-oriented and non-technical users; * Goal oriented with ability to manage task-oriented staff; * Ability to anticipate future needs and develop and implement strategy to meet them; and * Ability to translate between "big picture" goals and details needed for implementation. Preferred Qualifications: * Terminal degree in related field; * CISSP, GSEC, CCNA; Microsoft Certified: Cybersecurity Architect Expert; Microsoft Certified: Windows Server Hybrid Administrator Associate, RHCSA; * Experience working with technology in support of higher education; * Experience working in education, especially in higher education with a research orientation; * Experience in network management and/or configuration; * Experience in Windows or Linux systems administration; * Experience in software license administration; * Experience in IT support center management; * Proof of knowledge of IT-related fields through one or more certifications; and * Knowledge of government contracting procedures. Instructions to Applicants: For full consideration, applicants must apply for the Director of IT and Security at ********************** Complete and submit the online application to include three professional references with contact information, and provide a cover letter and resume for review. Posting Open Date: October 28, 2025 For Full Consideration, Apply by: November 17, 2025 Open Until Filled: Yes A Force for Innovation in the Heart of Northern Virginia's Technology Corridor About the College: The College of Engineering and Computing (CEC) at George Mason University is a fast-growing force for innovation in research and education. Ranked nationally in the top 100 in both undergraduate and graduate education, the CEC enrolled a record high of 10,933 students in fall 2023. The college has 34 undergraduate, master's, and doctoral degree programs including several first-in-the-nation offerings. Of its 320 full-time faculty, 93 are tenured, 77 are tenure-track, 90 are term faculty, and 60 are research faculty. As part of a nationally ranked research university, CEC research teams expended $65 million in sponsored research awards in the past year and had projects with over $119 million in current and anticipated awards. The college stands out for its leading research in areas such as artificial intelligence, data analytics engineering, cybersecurity engineering, biomedical imaging and devices, healthcare, autonomous systems, 5G/Next G communications, systems architecture, computational biomedicine, advanced materials and manufacturing, sustainable infrastructure, and more. The college encourages and supports multidisciplinary research and provides ample opportunity for faculty to work with other disciplines. About the University and the Region: George Mason University is the largest and most diverse public research university in Virginia, with an enrollment of more than 40,000 students studying in over 200 degree programs. Mason is an innovative, entrepreneurial institution with national distinction in a range of academic fields. It was classified as an R1 research institution in 2016 by the Carnegie Classifications of Institutes of Higher Education. The university has campuses in Fairfax, Arlington, and Prince William County. Its proximity to Washington, D.C. provides unmatched geographical access to federal agencies and national laboratories. Northern Virginia is also home to one of the largest concentrations of high-tech firms in the nation, providing excellent opportunities for interaction with industry. The region is consistently rated as being among the best places to live in the country and has an outstanding local public school system. About the Future: In conjunction with Amazon's decision to establish a second headquarters in Northern Virginia, the Commonwealth of Virginia announced a multi-year plan to invest in the growth of degree programs in computing. As a result, Mason has committed to accelerate its plans to grow its capacity in computing and high-tech fields. Among the university's exciting initiatives are the launch of the Institute for Digital Innovation-a university think tank and incubator to serve the digital economy-and the expansion of Mason Square, home to its Arlington facilities. In 2025, Fuse, a new 355,000 square foot building, will open to students, faculty, and research teams. This net-zero facility will house the Institute for Digital Innovation, state-of the-art classrooms, labs, and collaborative spaces. It will also include retail space, and leasing opportunities for local businesses. These initiatives reflect hundreds of millions of dollars in new investment by Mason that will rapidly elevate the university's already leading national position in computing and related areas.

Bookmark this Posting Print Preview | Apply for this Job Details Information About Us Howard Community College (HCC) is an exciting place to work, learn, and grow! We are proud to have received the Great Colleges to Work For honor for 12 consecutive years, 2009-2020. Howard Community College values diversity among its faculty, staff and student population. We are an innovative institution that is committed to responding to the ever-changing needs and interests of a diverse and dynamic community. No matter where you want to go in your career, you can get there from here! Health Insurance * Multiple medical options with no annual deductible and low co‑pays; prescription drugs covered through mail‑order or retail pharmacies. * Vision coverage includes an annual eye exam and a generous frame allowance. * Dental plans offer low deductibles and reasonable annual maximums. Paid Time Off & Leave * 20 days of vacation per year for full‑time staff (capped at 30 days), with additional accrual tiers for other employee groups. * Spring break and winter break each add one extra week of paid vacation. * 4 days of personal leave per year (rolls into sick leave if unused). * 12 days of sick leave per year, unlimited carry‑forward. * Additional leave options include bereavement, organ‑donor, sabbatical (faculty & staff), and an emergency‑leave bank. Tuition Waiver * Full‑time budgeted employees receive a tuition waiver for Howard Community College courses taken during non‑working hours (subject to space availability and prior approval). On‑Site Amenities * Fitness center accessible to all staff. * Library with research resources and bestseller collection. Café offering a variety of food options and a quick‑service kiosk and parking is free for faculty and staff. Position Title Information Security Manager FLSA Exempt FT/PT Full Time Hours Per Week 37.5 Work Schedule Monday-Friday Grade 18 Compensation Range $84,559 Summary We are seeking a highly skilled and experienced Information Security Manager to lead our IT security team. The successful candidate will be responsible for developing and implementing comprehensive security strategies to protect our organization's information assets from cyber threats. Essential Role Responsibilities Security Strategy Development: * Develop and implement a robust information security strategy aligned with organizational goals. * Conduct regular risk assessments and security audits to identify and mitigate potential threats. Policy and Procedure Management: * Establish, enforce, and update security policies, procedures, and guidelines. * Ensure compliance with industry standards, regulations, and best practices. Team Leadership: * Manage and mentor a team of IT security professionals, providing guidance and support in their daily activities. * Foster a culture of security awareness and continuous improvement within the organization. Security Technology Management: * Oversee the implementation and maintenance of security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and antivirus software. * Stay current with emerging security technologies and trends to ensure the organization remains protected against new threats. Collaboration and Communication: * Collaborate with other departments to ensure security measures are integrated into all aspects of the organization's operations. * Communicate security risks and strategies to senior management and other stakeholders. Minimum Education Required Bachelor's degree Experience Required 5 Preferred Experience Education: * Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field. A master's degree is preferred. Certifications: * Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA). Experience: * Minimum of five (5) years of experience in information security, with at least three (3) years in a managerial role. * Proven track record of developing and implementing successful security programs. Technical Skills: * In-depth knowledge of security frameworks (e.g., CIS) and best practices. * Proficiency with security technologies and tools, including firewalls, IDS/IPS, SIEM systems, and encryption methods. * Strong understanding of network protocols, operating systems, and application security. OTHER SKILLS * Excellent leadership and team management abilities. * Strong analytical and problem-solving skills. * Effective communication and interpersonal skills. Physical Demand Summary * This position may require occasional on-call duties and availability for emergency response. * Ability to work in a fast-paced, dynamic environment. Supervisory Position? Yes Division Information Technology Department Information Security Posting Detail Information Posting Number B556P Number of Vacancies 1 Best Consideration Date 11/14/2025 Job Open Date 10/29/2025 Job Close Date Continuous Recruitment? No Job Category Staff Benefits Summary Howard Community College offers competitive salaries, excellent medical and dental selections, tuition reimbursement and paid leave programs. As a participating member of the Maryland Retirement and Pension System, HCC offers two retirement options: The Pension, which requires a 7% employee contribution and The ORP, a 403(b) with a 7.25% employer contribution only. Employees in positions that do not require a bachelor's degree must participate in The Pension. Employees that possess a bachelor's degree and hold professional positions that require a bachelor's degree may choose to participate in either The Pension or The ORP. Applicant Instructions * Pre-employment criminal background investigation is a condition of employment. HCC is interested in all qualified applicants who are eligible to work in the United States. However, HCC will generally not sponsor applicants for work visas. Due to HCC policy, only employees living in states contiguous to Maryland are eligible for work at HCC and include Virginia, West Virginia, Washington DC, Pennsylvania. Candidates must live in the commutable area or willing to relocate at their own expense if offered the position because HCC does not offer relocation benefits. Please complete the entire HCC Employment Application (Candidates will be evaluated on completing the college's application in full). Quick Link for Internal Postings ********************************************** EEO Statement Howard Community College (HCC) is an Equal Employment Opportunity & Affirmative Action employer & values diversity within its faculty, staff & student population. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, gender, sexual orientation, gender identity, genetic information, disability or protected veteran status. HCC understands that persons with specific disabilities may need assistance with the job application process and/or with the interview process. For confidential assistance with the job application process, please contact the Office of Human Resources at ************. Reference Collection References Minimum Requests 3 Maximum Requests 3 Cut-off Date Special Instructions to Reference Provider Supplemental Questions Required fields are indicated with an asterisk (*). * * Do you have a bachelor's degree or higher? * Yes * No * * Do you have at least 5 years of related work experience, as defined in the position posting? * Yes * No Documents Needed to Apply Required Documents * Resume * Cover Letter Optional Documents

SES's Senior Insider Threat Security Analyst focuses on advancing SES's Information Security threat and compliance program by security monitoring, threat & vulnerability management, and delivering professional reports including findings and recommendations. The Senior Insider Threat Security Analyst is expected to be fully aware of the enterprise's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals. PRIMARY RESPONSIBILITIES / KEY RESULT AREAS Lead incident response in response to Insider security events and incidents. Correlation and trend analysis of security logs, network traffic, security alerts, events, and incidents. Perform in-depth root cause analysis and diligently gather information prior to escalation for future root cause analysis. Event and incident handling consistently with applicable plans and processes. Analyzing, triaging, aggregating, escalating, and reporting on Insider security events including investigation of anomalous network activity, and responds to cyber incidents within the network environment. Continuous & persistent monitoring of security technologies/tool data and network traffic which result in security alerts generated, parsed, triggered, or observed on in-scope networks, systems, or security technologies. Rapidly assess network traffic, detect data anomalies, and provide detailed reporting on the same. Correlation and trend analysis of security logs, network traffic, security alerts, events, and incidents. Perform in-depth root cause analysis and diligently gather information prior to escalation for future root cause analysis. Insider threat event and incident handling consistent with applicable plans and processes. Integration of activities with standard reports, such as Insider security metrics reports. Lead team/project meetings and technical meetings appropriate for the content. Ensure tasks and projects are completed on schedule. COMPETENCIES Strong organizational skills and ability to stay focused while managing multiple tasks concurrently. Understanding of current attack tools, tactics, procedures, and how to detect and/or mitigate them. Strong critical thinking/analytical skills, creativity, and a proven drive for quality QUALIFICATIONS & EXPERIENCE Must Have Four-year college degree in the technical field of study or equivalent work experience Technical knowledge and aptitude in the areas of networks, network topologies, remote network access, servers, applicable software and troubleshooting techniques required. Experience working in a SOC or similar environment. Experience with reviewing IDS/IPS, EDR, Firewall and other security/audit logs Experience monitoring and analyzing Security Information and Event Management (SIEM) to identify security issues for remediation, and rules fine tuning. Consolidate and conduct comprehensive analysis of Insider threat data obtained from security tools and make recommendations for optimizing various tools. Nice to Have Participates in the planning, design, and implementation of enterprise security architecture. Experience with Insider threat management tools and experience working on an Insider threat management team. One or more of the following security certifications: Security+, CEH, CYSA+, GCIA, GSEC, GCIA, GMON and GCDA SES and its Affiliated Companies are committed to providing fair and equal employment opportunities to all. We are an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, gender, pregnancy, sex, sexual orientation, gender identity, national origin, age, genetic information, protected veteran status, disability, or any other basis protected by local, state, or federal law. For more information on SES, click here.

About this role: Wells Fargo is seeking a senior Cybersecurity Threat Intel leader to lead a dynamic team of analysts across the globe. This position will help define strategy, products, and methodologies for an already established CTI team and will interact with leaders at all levels within the company. In this role, you will: * Manage a team, through less experienced managers, of cyber threat intelligence analysts * Engage more experienced information security and line of business management to identify, formulate and implement controls and response strategies for emerging events * Lead a large, complex information security unit or a number of smaller specialized work units with direct impact to companywide information security objectives having high risk and complexity * Manage security consulting on large projects for internal clients to ensure conformity with corporate information security policy and standards * Maintain a broad awareness of the state of information security across the enterprise and industry * Influence change to information security policy, standards and procedures for systems, applications or tools * Lead large, companywide projects and initiatives * Represent the organization to regulators, industry groups and governmental agencies * Interface with Information Security Industry Leaders, Financial industry Leaders, Analysts and Regulators * Advise more experienced leadership or executive management on issues with high, critical impact on the company Required Qualifications: * 6+ years of Cyber Threat Intelligence experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education * 6+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education * 6+ years of experience with threat intelligence, red team, incident response or similar background. * 3+ years of management or leadership experience Desired Qualifications: * 4+ years' experience managing an information security organization including subordinate senior managers and individual contributors across multi-site locations. This also includes contingent, managed and offshore resource base * 3+ years of managing managers in an engineering organization * Extensive leadership experience in overseeing cyber security red team or intel programs * Strong ability to communicate complex technical, information protection issues and value/impact in simple terms to very senior business and technology leaders. * A high level of comfort working with ambiguity or uncertainty and converting information into quantifiable concepts * Strong executive presence, the ability to interact and communicate with C-level executives and regulators * Strong organizational and project management skills with an ability to manage numerous, competing demands from internal and external stakeholders * Strong leadership and influencing skills within a complex, matrixed environment; able to gain support and cooperation and build effective business partnerships with all levels of team members to achieve results without direct organizational control * Strong ability to effectively communicate and broker agreements amongst diverse, differing, competing, and/or conflicting perspectives/priorities * Finance sector security experience or other regulated industry (e.g. utilities, health care, government) Salary Ranges: * $159,000 - $254,000 - Charlotte, NC * $159,000 - $254,000 - Chandler, AZ * $159,000 - $254,000 - San Antonio, TX * $159,000 - $254,000 - Raleigh, NC * $191,000 - $305,000 - Iselin, NJ * $191,000 - $305,000 - McLean, VA Pay Range Reflected is the base pay range offered for this position. Pay may vary depending on factors including but not limited to achievements, skills, experience, or work location. The range listed is just one component of the compensation package offered to candidates. $159,000.00 - $305,000.00 Benefits Wells Fargo provides eligible employees with a comprehensive set of benefits, many of which are listed below. Visit Benefits - Wells Fargo Jobs for an overview of the following benefit plans and programs offered to employees. * Health benefits * 401(k) Plan * Paid time off * Disability benefits * Life insurance, critical illness insurance, and accident insurance * Parental leave * Critical caregiving leave * Discounts and savings * Commuter benefits * Tuition reimbursement * Scholarships for dependent children * Adoption reimbursement Posting End Date: 18 Nov 2025 * Job posting may come down early due to volume of applicants. We Value Equal Opportunity Wells Fargo is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other legally protected characteristic. Employees support our focus on building strong customer relationships balanced with a strong risk mitigating and compliance-driven culture which firmly establishes those disciplines as critical to the success of our customers and company. They are accountable for execution of all applicable risk programs (Credit, Market, Financial Crimes, Operational, Regulatory Compliance), which includes effectively following and adhering to applicable Wells Fargo policies and procedures, appropriately fulfilling risk and compliance obligations, timely and effective escalation and remediation of issues, and making sound risk decisions. There is emphasis on proactive monitoring, governance, risk identification and escalation, as well as making sound risk decisions commensurate with the business unit's risk appetite and all risk and compliance program requirements. Applicants with Disabilities To request a medical accommodation during the application or interview process, visit Disability Inclusion at Wells Fargo. Drug and Alcohol Policy Wells Fargo maintains a drug free workplace. Please see our Drug and Alcohol Policy to learn more. Wells Fargo Recruitment and Hiring Requirements: a. Third-Party recordings are prohibited unless authorized by Wells Fargo. b. Wells Fargo requires you to directly represent your own experiences during the recruiting and hiring process.

Artech Information Systems is the #12 Largest IT Staffing Company in the U.S. and an employer of choice for over 7,000 consultants. We recruit world-class talent for IT, engineering, and other professional jobs at 70+ Fortune and Global 500 companies coast-to-coast across the U.S., India, and China. We are one of the fastest-growing companies in the US and we welcome you to search the thousands of jobs in our cutting-edge GEM system for employment opportunities that fit your qualifications. At the forefront of the staffing industry, Artech is a minority and women-owned business enterprise (MWBE) committed to maximizing global workforce solutions on behalf of its clients. Artech's deep heritage, proven expertise and insightful market intelligence has secured long-term partnerships with Fortune 500 and government clients seeking world-class professional resources. Job Title: Information Security Operations Center - Incident Handler III Location: Washington, DC Duration: 12+ Months Job Description: Essential Job Functions: • Monitor Security Events from IDS, SIEM, etc. • Log tickets to the Ticketing System • Handle calls from the MSSP(Managed security service provider & users regarding incidents/events, perform triage, resolve problems, or escalate to team members • Perform triage on alerts from all sources including Monitored Email Distribution Lists • Participate in rotating weekly shift supporting off hours and weekend activity (24x7) • Produce ad hoc reports and other ad hoc tasks Qualifications Required Skills/Abilities: • Monitoring skills related to IDS and SIEM • Understanding of TCP/IP, Ethernet, OSI model, layer 2 and layer 3 concepts • Understanding of Windows Registry, File system, etc. • Hands-on knowledge of Network Packet Analysis using tools • Ability to work with team members with varying levels of technical skills and diverse international backgrounds • Strong understanding of Networking and Operating systems concepts • Ability to adapt to and function in a project environment with multiple timetables and changing priorities • Ability to learn new concepts and approaches in Analyzing Security Incidents. • Good communication skills (Verbal and Written) Educational Qualifications and Experience: • Education: Bachelor's degree in Computer Science or Information Systems • Role Specific Experience: 2+ years of relevant experience in Information Security Incident Handling • Experience with Firewalls and information security technologies • Experience with CERT/CSIRT/CIRT/SOC Certification Requirements: Any two certifications would be a plus. CEH, Security +, CCNA Response activities, including containment, remediation, and root cause analysis Bachelor's degree and 5+ years of information security experience Experience in malware remediation and containments Hands on experience of Incident Response /Malware analysis Essential Job Functions: § Perform advanced Malware Analysis, along with Incident Response § Generate detailed Malware Analysis reports on PE and other common file structure samples § Provide actionable intelligence and suggestions for control updates based on the reverse engineering and malware analysis § Assist OIS in Identifying zero-day/vulnerable applications and impact Experience Matrix for Levels: • Level I - 2+ years of experience • Level II - 5+ years of experience • Level III - 7+ years of experience Note: The specific shift he wants to get covered is the 12pm-8pm EST window Strong experience in SOC environment and great soft skills/customer service Required people who can come for an in-person interview Additional Information For more information, Please contact Siva Kumar ************

DSA is hiring an Intermediate Information Security Analyst. This is a full-time position supporting a customer in the DC Metro area with a HYBRID Schedule. This position supports the Environmental Protection Agency (EPA). DSA is the Prime and has been working with this customer on this contract for more than 13 years. It is a dynamic team with a passion for supporting Federal programs that serve US Citizens. Location is Hybrid: Allows the candidate the ability to work onsite at DSA or customer site with potential for telework. DSA work locations include Fairfax VA. Work Location is flexible with telework as approved. The ability to work onsite each week is required. Core work hours dedicated to DSA and our direct customer are 8 am est to 5 pm est. The Environmental Protection Agency (EPA) Office of Information Security and Privacy (OISP) is responsible for developing and maintaining agency wide information security and privacy programs; developing and maintaining information security and privacy policies, procedures, and control techniques; training personnel with significant information security responsibilities and assisting senior agency officials with information security and privacy responsibilities. The Intermediate Information Security Analyst will be an integral part of a team responsible for supporting the development and maturation of an Agency-wide information security (InfoSec) program for a large civilian Federal agency. The candidate will serve as a subject matter expert with regards to the Risk Management Framework (RMF) and all associated information security policies and procedures and should possess in-depth knowledge of applying, selecting and testing the NIST family of security controls. Primary Responsibilities: Advising stakeholders on InfoSec initiatives including compliance, awareness and training, and security operations. Leading Independent Validation and Verification (IV&V) efforts on security authorization/ATO packages to ensure compliance to agency requirements. Leveraging the existing Governance, Risk, and Compliance (GRC) tool, Telos Xacta (or an alternate like CSAM or RSA Archer), to track and reconcile findings from assessments, audits, and vulnerability scans. Coordinating government data calls (FISMA, FMFIA, BDR, etc.) and monthly reports. Assessing the effectiveness of the InfoSec and privacy training program and leading the collection, analyzing, and presentation of enterprise-level InfoSec performance metrics. Managing InfoSec Program POA&Ms, including advising on remediation efforts. Providing administrative support to Xacta (or equivalent GRC tool) users and authoring operational procedures. Working closely with senior agency security officials, system owners, information system security officers (ISSOs) and other stakeholders to advise and implement security solutions. Identifying opportunities for efficiencies in work process and innovative approaches. Participating in team problem solving efforts and offer ideas to solve client issues. Preparing and assisting in the development of policy and procedures. Conducting relevant research, data analysis, and developing reports. Preparing and assisting in the development of policy and procedures for program-level management and promoting consistency in program management best practices. Implementing processes and procedures to monitor risk across programs / projects. Preparing briefings to executive team to debrief the results of studies, analyses, and plans. Required Qualifications: Ability to obtain a Public Trust Bachelor's degree in Information Technology or related field and 5 years of relevant IA experience. May substitute security certification (e.g. CISSP) for 2 years of experience. Strong data analysis skills. Excellent written and verbal communication skills. Possess in-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 4 security controls. Possess in-depth knowledge of NIST 800-37 Risk Management Framework. Experience with a Governance, Risk and Compliance tool (e.g., Xacta, RSA Archer, CSAM or eMASS). Excellent attention to detail. Ability to handle and prioritize multiple tasks and deadlines. Possible travel to DC Client site/DSA office for badging/equipment. Desired Qualifications: Intermediate level cybersecurity certification (e.g., CompTIA Security+, ISC2 CGRC). In-depth knowledge of applying, selecting and testing the NIST 800-53 Rev 5 security controls. Public Trust #DSA209 #LI-CW1 Many of DSA's positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information. DSA is proud to be an Equal Opportunity Employer. DSA is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. DSA requires background checks , where permitted , by law. DSA is an E-Verify Employer.

About Coalfire Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies. Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients' toughest security challenges. But that's not who we are - that's just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. We're currently seeking a Senior System Security Analyst to support our Federal team. Position Summary This position will potentially be supporting a government customer's Security Assessment and AI Pilot program, therefore previous experience emphasizing NIST AI RIsk Management Framework will be required. Location Details Remote with occasional meetings at the customer site in Rockville, MD. Open to local candidates in the Washington, D.C. / Northern VA / Maryland areas. What you'll do Support federal customers and provide a firm understanding of how to apply the principles of information security in a variety of circumstances and security requirements into common technical implementations Support customers with implementing the core principles of the NIST AI Risk Management Framework Support teams in the review and analysis of Security Packages for completeness and compliance with FedRAMP/DoD/NIST requirements Assist in the development of Risk Assessment Reports (RAR), and security briefings Validate Cloud Service Provider (CSP) compliance with FedRAMP/DoD/NIST security control baselines through review of evidence, testing, interviews, and analysis of scans, etc Familiarity with SSP, SAP, SAR, Plan of Action and Milestones (POA&M) Report, Deviation Requests, Significant Change Requests, Continuous Monitoring artifacts is required Conduct client interviews to assess the technical and operational effectiveness of security control implementations Assess existing security environments to validate that security implementations remain up to date throughout the life cycle of a system or environment What you'll bring Knowledge of the NIST AI Risk Management Framework Knowledge of computer networking concepts and protocols, and network security methodologies. Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. Knowledge of cybersecurity and privacy principles. Knowledge of cyber threats and vulnerabilities. Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations. Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Education Completed Bachelor's degree from an accredited university, preferably in an IT related field. Clearance / Suitability Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered. Certifications One or more of the following: CISSP or CISM Years of Experience At minimum 7 years of information security experience relative to the position qualifications. Bonus Points Knowledge of GRC tools e.g., CSAM Why you'll want to join us Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve. Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you'll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You'll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. You'll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options. Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Knowledge Management, Inc. (KMI) has the leadership and experience to deliver innovative technology, logistics and management solutions to meet real mission requirements. KMI is a Minority Business Enterprise (MBE) and Small Disadvantage Business (SDB) that specializes in Logistics, Warehouse Services, Distance Learning/Training, Enterprise Solutions, Financial Management Support, Program Management, Intelligence Analysis & Threat Assessment, and Data Analytics/Operations Research. Since 1998, our solutions and services have helped our clients improve performance, drive cost and operational effectives, and map technology needs for tomorrow's requirements. Title: Information Security Analyst Location: Washington, DC (onsite) Position: 1 Duration: Ongoing contract Start Date: ASAP Clearance Required: Minimum of a DOD Secret clearance Employment Type: Full-time Salary: $95,000-$105,000 The Information Security Analyst serves as a subject matter expert on PeopleSoft HCM 9.2 security and IAM workflow governance. This role manages complex access provisioning, ensures compliance with separation of duties, troubleshoots escalated access issues, and contributes to continuous improvement of security models and approval workflows. The analyst collaborates with Training, ISSOs, HR, DBAs, OAB, and functional stakeholders to ensure accurate and secure user access across domestic and overseas environments. Responsibilities: Maintain Security Access Control list to PROD, CPY, UAT, ASB, TRN, MHME, EAPS, EMS, and Kiteworks Utilizes Security Tables, Security Trees, and RLS structures to administer and validate user access across enterprise environments. Performs SQL based troubleshooting and develops custom queries in PeopleSoft Query Manager to support audit controls, performance analysis, and issue resolution. Maintain and enhance PeopleSoft security structures (roles, permission lists, row-level security) across environments. Ensure access provisioning aligns with compliance and separation of duties. Recommend and support improvements to IAM workflows and automation. Oversee and resolve escalated access requests, ensuring proper routing and approval. Validate user role eligibility in partnership with Training and business owners. Maintain accuracy and traceability of access lifecycle records in ServiceNow. Lead troubleshooting of complex access errors, workflow stoppages, and profile inconsistencies. Partner with Tier II/III Functionals, DBAs, and OAB on environment and configuration issues. Support environment refreshes by rebuilding internal user security profiles to maintain consistency. Validate role and security behavior during PUM updates and deployment events. Collaborate with ISSOs and leadership to align with security policies and operational standards. Mentor team members and support documentation of access workflows and SOPs. Required: 4+ years in HRIS security, IAM, enterprise system support, or information security. Experience working in ServiceNow. Experience with PeopleSoft HCM security or comparable enterprise access control models. Strong analytical and troubleshooting skills. Effective communication across technical and non-technical groups. Preferred: Experience supporting global or distributed users. Experience with DoS GTM systems. Familiarity with audit controls or IAM compliance frameworks. Understanding of workflow automation and identity lifecycle management. Benefits: All full-time employees are eligible to participate in our benefits programs: Health, dental, and vision insurance 401(k) retirement plan Paid time off (PTO) and holidays Group Term Life and Accidental Death and Dismemberment Insurance Voluntary Term Life Insurance Short and Long-term disability insurance Equal Employment Opportunity Statement. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. E-Verify Statement. Knowledge Management, Inc. participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, KMI is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the Form I-9. Pay Transparency Non-Discrimination Provision. Knowledge Management, Inc. will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c) Disability Statement. If you have a disability and need reasonable accommodation or assistance at any point in the application or onboarding process, please email us at *****************************.

About the Role: We are seeking a highly skilled IAM and Security Systems Analyst to support the design, implementation, and operation of critical security controls across our infrastructure, cloud, and application environments. While the title reflects an analyst level, the role requires a hands-on engineering mindset with deep technical experience in identity management, security tooling, and threat detection. This individual will play a key role in securing our systems, applications, and data by evaluating, implementing, and managing tools and processes across the security stack, from access governance to application security, SIEM operations, and incident response. Key Responsibilities Identity & Access Management (IAM) Manage and support identity platforms including Active Directory, Azure AD, and Okta. Implement RBAC, least privilege principles, and automated provisioning/deprovisioning. Conduct periodic access reviews and support access certification processes. Integrate IAM controls into application and cloud environments. Security Engineering & Tooling Administer and optimize Mimecast, OKTA, Microsoft Defender, Intune, and other endpoint/cloud security tools. Manage SIEM tools including rule tuning, log ingestion, and correlation. Implement and automate application code reviews using security scanning tools (e.g., SAST, DAST). Perform application security testing and contribute to threat modeling and risk evaluations. Lead cloud control monitoring, data protection measures, and compliance reporting. Threat Detection & Incident Response Conduct analysis of security alerts and lead incident response efforts. Leverage threat intelligence to update detection mechanisms and enhance response playbooks. Perform root cause analysis and evidence handling following incidents. Support red team/blue team exercises and penetration testing activities. Architecture, Process & SDLC Integration Review and evaluate system and application security architectures. Support integration of security controls across the SDLC and DevSecOps pipelines. Design and continuously improve security processes and documentation. Participate in security metrics and reporting efforts to track control effectiveness. Support SOC design discussions and contribute to its operational maturity. Collaboration & Compliance Partner with IT Operations teams, Infrastructure, HR, and Compliance to support security initiatives. Assist with internal and external audits, control documentation, and evidence collection. Maintain awareness of frameworks such as SOC 2, NIST, and ISO 27001. Help run awareness training, phishing simulations, and risk assessments. This is a hybrid role that will require regular in-person work in office for work tasks and/or activities for coaching and support of our students. You must live within a commutable distance to either Boston, MA, New York City, NY, or Washington DC. Salary Range: $90,000-$110,000/annually Required Qualifications 3-5 years of experience in a security engineering or analyst role Strong experience with IAM platforms (Active Directory, Azure AD, Okta) Proficient in SIEM platforms, incident response, and Microsoft security tools Experience with automated security testing tools (SAST, DAST) Familiarity with cloud security (Microsoft 365, Azure) and application security principles Hands-on experience in scripting/automation (PowerShell, Python, or Terraform a plus) Strong understanding of network protocols, system hardening, and endpoint defense Excellent problem-solving and communication skills Preferred Qualifications Familiarity with red teaming, penetration testing, and threat modeling Exposure to compliance frameworks such as SOC 2, HIPAA, or ISO 27001 Participation in SOC design or operations Experience with security metrics/reporting and risk assessments Why Join Us: You'll be part of a mission-driven team focused on protecting a modern IT and cloud-first organization. This is an opportunity to shape and grow a scalable security program, drive impact across critical systems, and mature key security domains. #LI-HybridCOMPENSATION & BENEFITS: Year Up United has established salary ranges for each of our sites, which allows us to pay employees competitively, equitably and consistently in different geographic markets. For roles in which the location is listed as flexible, the range displayed reflects the minimum and maximum target for new hire salaries for the position across all US locations. Salary offers take into account a candidate's skills, experience, and location. Your recruiter can share more about the specific salary range for your location during the hiring process. Benefits: Comprehensive healthcare options and dental coverage; 401(k) match for eligible participants. Vacation: Earn three weeks paid vacation in first year of employment; four weeks after initial year. Professional Development: Funds available to support staff in achieving career objectives ($2,500 per year) ** This is an exempt role (paid on a salaried basis). ** ORGANIZATION DESCRIPTION: Year Up United is a national 501(c)3 workforce development organization committed to ensuring equitable access to economic opportunity, education, and justice for all young adults-no matter their background, income, or zip code. Employers face a growing need for talent while millions of talented young adults lack access to meaningful careers. These inequities only further perpetuate the opportunity gap that exists in our country-a gap that Year Up United is determined and positioned to close through three interconnected strategies: providing targeted skills training and connections to livable-wage employment for students and alumni; empowering others to serve and support young adults, and changing systems that perpetuate the opportunity gap. Year Up United's intensive training program utilizes a high expectations, high support model where students learn in-demand technical and professional skills and apply them during a corporate internship. Year Up United has directly served more than 40,000 young adults since its founding in 2000. Year Up United's nationwide presence includes Arizona, Austin, Bay Area, Charlotte, Chicago, Dallas/Fort Worth, Greater Atlanta, Greater Boston, Greater Philadelphia, Jacksonville, Los Angeles, the National Capital Region, New York City/Jersey City, Pittsburgh, Puget Sound, Rhode Island, South Florida, Tampa Bay, and Wilmington. Voted one of the Best Nonprofits to Work For in the country by The NonProfit Times, Year Up United is a rewarding and impactful place to work. Our staff is passionate, supportive, mission-driven, and committed to positive change and continuous learning. We set high standards for both ourselves and our students and live by a set of core values that reflect an unshakable belief in the talent and potential of our young people. The work we do is life-changing, and we know that our team is the greatest asset in achieving our mission. COMMITMENT TO DIVERSITY: Year Up United embraces diversity and equal opportunity in a serious way. All aspects of employment, including the decision to hire, promote, discharge, or discipline, are based on meritocracy. We do not permit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristics protected by federal, state, or local laws. Learn more about our commitment to diversity: *************************************************************** Year Up United is also committed to working with and providing reasonable accommodations to individuals with disabilities. Your recruiter can provide details regarding the expected work environment and any physical requirements. Please let our hiring team know if you need an accommodation at any point during the interview process. Information received relating to accommodation will be addressed confidentially. TO APPLY: Please submit a thoughtful cover letter and resume through our website. Note that applications without a cover letter will not be considered. We respectfully request no phone calls.