Cyber Security Analyst jobs at Lockheed Martin

MANTECH seeks a motivated, career and customer-oriented Senior Information System Security Officer (ISSO) to join our team in Huntsville, Alabama. Responsibilities include, but are not limited to: Ensure the day-to-day implementation, oversight, continuous monitoring, and maintenance of the security configuration, practices, and procedures for each IS and that selected security controls are implemented and operating as intended during all phases of the IS lifecycle Provide liaison support between the system owner and other IS security personnel Ensure that system security documentation is developed, maintained, reviewed, and updated on a continuous basis; Conduct required IS vulnerability scans according to risk assessment parameters Manage the risks to ISs and other FBI assets by coordinating appropriate correction or mitigation actions and oversee and track the timely completion of (POAMs). Coordinate system owner concurrence for correction or mitigation actions Monitor security controls for FBI ISs to maintain security Authorized to Operate (ATO); Upload all security control evidence to the Governance, Risk, and Compliance (GRC) application to support security control implementation during the monitoring phase Ensure that changes to an FBI IS, its environment, and/or operational needs that may affect the authorization status are reported to the system owner and IS Security Manager (ISSM) Ensure the removal and retirement of ISs being decommissioned in coordination with the system owner, ISSM, and ISSR; Working knowledge of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) and ATO processes Minimum Qualifications: Must meet one of the following levels of experience: A high school diploma/GED and 7 years' experience, a bachelor's degree in computer science cybersecurity or a related discipline and five years' experience, or a master's degree in computer science cybersecurity or a related discipline and 3 years' experience. Hold at least one of the following Information Assurance Management (IAM) Level III certifications: Certified Information Systems Security Professional (CISSP), Global Information Security Professional (GISP), or the CompTIA Advanced Security Practitioner (CASP) or equivalent certifications Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP Weblnspect, Network Mapper (NMAP), and/or similar applications Preferred Qualifications: A bachelor's or advanced degree in Computer Science, Cybersecurity, or other cyber discipline Clearance Requirements: Must have a current/active Top Secret security clearance with eligibility to obtain SCI prior to starting this position. Selected candidate must be willing to undergo a Polygraph. Physical Requirements: Must be able to remain in a stationary position 50% Needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer Often positions self to maintain computers in the lab, including under the desks and in the server closet Frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

Job Title: Cyber Security Risk Analyst. Job Type: Contract. IS NOT OPEN TO AGENCIES. The Cyber Security Risk Analyst supports enterprise governance, risk, and compliance (GRC) initiatives by strengthening cyber risk management practices, enhancing third-party risk oversight, and contributing to cybersecurity governance across a complex organizational environment. This role works closely with cybersecurity leadership, internal stakeholders, and partner teams to mature risk assessment processes and ensure consistent, well-documented risk management activities. Key Responsibilities Design, develop, and enhance cybersecurity risk management processes and supporting frameworks Support enterprise cyber risk governance, including risk identification, evaluation, and remediation tracking Perform cybersecurity risk assessments in collaboration with business and IT stakeholders Evaluate and manage third-party and vendor cybersecurity risk throughout the vendor lifecycle Contribute to the development and maintenance of a third-party risk register Review and analyze cybersecurity risk cases, exceptions, and justifications Document risks, mitigations, and remediation actions within a centralized risk register Assist in developing risk assessment procedures, methodologies, and testing approaches aligned with industry frameworks Collaborate with cross-functional teams and subject matter experts to gather risk intelligence Support remediation efforts by helping initiate corrective actions where vulnerabilities or weaknesses are identified Participate in special cybersecurity initiatives and projects as assigned Required Qualifications Minimum of 4 years of experience in one or more of the following areas: Cybersecurity risk management Cybersecurity risk assessment Third-party or vendor risk management within a cybersecurity function Strong understanding of GRC concepts and the cyber risk lifecycle Experience working in large, complex, multi-stakeholder environments Strong analytical, investigative, and documentation skills Excellent written and verbal communication skills Preferred Qualifications Bachelor's degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field Familiarity with one or more cybersecurity frameworks or standards, including: NIST ISO/IEC 27001 / 27002 CIS SANS PCI Relevant certifications are a plus, including but not limited to: CISSP, CISM, CRISC, CISA CompTIA Security+, CySA+, Network+ GIAC certifications Knowledge of cybersecurity laws, regulations, and data privacy principles Ability to work independently in a self-directed and organized manner About Buchanan Technologies Since Buchanan's inception over 30 years ago, we have operated on 5 core values - People Matter, Customers Matter, Principles Matter, Community Matters, and Every Interaction Matters. These values are represented across each facet of the company, from employee relations to client service delivery to corporate social responsibility initiatives and beyond. Why Work at Buchanan? At Buchanan Technologies, we offer a great employment experience with a fun but professional work environment, competitive salary, and various employee career advancement programs that add value to your skills and daily life. If you are excited about being part of an energetic team where your contributions are appreciated and hard work is recognized, Buchanan is the place for you. Things We Are Passionate About We are passionate about providing top-tier technology services to our customers and clients and fostering a culture of continuous learning for our employees. We are a people- centric company, focused on growth and diversity for our workforce. Come join us and let's build something amazing together. Follow Us: LinkedIn: ******************************************************* Website: **************** Buchanan Technologies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, protected veteran status, or genetics. In addition to federal law requirements, Buchanan Technologies complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Duration: 11+ Months Contract Contract Interview Type: In-person Scheduled Work Hours: Normal business hours Monday-Friday 35 hours/week (not including mandatory unpaid meal break after 6 hours of work). Requirement ID: NYC_OT735_SS contact Sandeep @ ********************** Job Description Justification: This request is for an NG911 Subject Matter Expert (SME) needed to continue the project work for the Class 1/2/3 and Call Handling upgrades of the Next Generation 9-1-1 emergency call system and provide expertise and technical knowledge during the configuration and test phases. NG911 - Cyber Security Tools Implementation Engineer Implement solutions for DNS, Email, remote access configuration, integration, performance monitoring, and security management. Test Next Generation firewall platforms, host operating systems, and applications such as LDAP, SMTP. Support for application development and database administration. Provide support for Email, DNS, AND Remote access solutions. Deploy appropriate network security solutions. Note: Normal Business Hours, Monday through Friday (not including a mandatory unpaid meal break after 6 hours of work), 35 work hours per week. If the consultant works more than 35 hours per week, the consultant must request overtime in the Agency's timekeeping system, and the project manager must approve those hours worked above the weekly maximum. SCOPE OF SERVICES: NG911 - Cyber Security Tools Implementation Engineer Implement solutions for DNS, Email, remote access configuration, integration, performance monitoring, and security management. Test Next Generation firewall platforms, host operating systems, and applications such as LDAP, SMTP. Support for application development and database administration. Provide support for Email, DNS, AND Remote access solutions. Deploy appropriate network security solutions. MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered At least 12 years of experience in an enterprise data center environment to plan, design, and install network & security infrastructure systems for public safety. 3+ years working experience with IBM QRadar SEIM solution integration with Cascade, Firemon, and Citrix & other critical security service technologies CISSP or other industry Cyber Security Certification Experience migrating DNS to a new platform. Experience participating in the design and implementation of a DMZ and all associated requirements for monitoring external threats. Experience with security infrastructure and implementation of perimeter network security components such as Next Generation firewalls. DESIRABLE SKILLS/EXPERIENCE: 3+ years working experience with IBM QRadar SEIM solution integration with Cascade, Firemon, and Citrix & other critical security service technologies CISSP or other industry Cyber Security Certification Experience migrating DNS to a new platform. -------------------------------------------------------------------------------------------------------------------------------------------------------------------- V Group Inc. is an IT Services company which supplies IT staffing, project management, and delivery services in software, network, help desk and all IT areas. Our primary focus is the public sector including state and federal contracts. We have multiple awards/ contracts with the following states: CA, FL, GA, MD, MI, NC, NY, OH, OR, PA, VA, VT, and WA. If you are considering applying for a position with V Group, or in partnering with us on a position, please feel free to contact me for any questions you may have regarding our services and the advantages we can offer you as a consultant. Please share my contact information with others working in Information Technology.

Title: Sr. Cloud Security Engineer Seeking an experienced and dedicated Senior Cloud Security Engineer to join our team. This role is crucial for ensuring the security and compliance of our cloud infrastructure in a highly regulated financial environment. The ideal candidate will have a strong background in cloud security, a deep understanding of regulatory requirements, and the ability to design, implement, and maintain secure cloud solutions. Primary Success Factors Design, develop, and deploy scalable cloud-based security solutions to protect sensitive financial data and ensure compliance with industry regulations. Perform comprehensive vulnerability testing, risk analyses, and security assessments to identify and mitigate potential threats. Develop and coordinate robust cloud security procedures Monitor for and respond to security incidents in the cloud environment, utilizing advanced security tools and techniques. Collaborate with IT and development teams to ensure cloud solutions are securely integrated with existing software and infrastructure, following best practices and security standards. Keep abreast of the latest security issues, regulatory changes, and industry trends to proactively address emerging threats. Assist with the design of security training and awareness programs to educate staff about cloud security risks and responsibilities, fostering a culture of security within the organization. Regularly report on the status of cloud security, including any breaches or vulnerabilities, to senior management and stakeholders. Work with third-party vendors to ensure that security requirements are met and maintain strong relationships with external security partners. Maintain compliance with all relevant security and privacy laws and regulations, including PCI-DSS, GDPR, SOX, and other industry-specific standards Required Experience Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Specific experience will be considered in lieu of a degree. Minimum of 7 years of experience Relevant certifications in Cyber Security, with Cloud specific certifications a plus. Proven experience in cloud security engineering, preferably in a financial institution, with a track record of successfully implementing secure cloud solutions. Strong knowledge of cloud platforms and cloud security best practices, including identity and access management, encryption, and network security. Experience with regulatory compliance frameworks such as PCI-DSS, GDPR, and SOX, and the ability to navigate complex regulatory environments. Excellent problem-solving skills and the ability to work under pressure, with a proactive and detail-oriented approach to security. Strong communication and collaboration skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences. Experience with DevSecOps practices and tools, including continuous integration and continuous deployment (CI/CD) pipelines. Knowledge of infrastructure as code (IaC) and automation tools, such as Terraform, Ansible, or CloudFormation. Familiarity with security monitoring and incident response tools, such as SIEM, IDS/IPS, and EDR solutions. Ability to deliver with minimal management oversight

DNI is on the lookout for a Senior Cyber Security Analyst - Information Systems Security Manager (ISSM) to deliver expert guidance in Information Systems Security and cybersecurity support for the Enterprise Information Services at the Department of Energy (DOE) Savannah River Operations Office (DOE-SR), located at the Savannah River Site (SRS) in Aiken, SC. Requirements Reports to the Chief Information Security Officer (CISO) and Program Manager. Oversee the Authority to Operate (ATO) lifecycle, manage risk assessments, develop and monitor Plan of Action and Milestones (POAMs), ensuring compliance with security standards and timely mitigation of organizational boundary security risks. Actively participate in the bi-weekly accreditation boundary meetings and keep the AODR informed of any changes/updates to eRAMS/POA&Ms/STAR items or any new VPM and CM issues that may arise. Provide technical and procedural cyber security advice to DOE, associate contractor partners, and Industrial Control Systems (ICS) teams as necessary. Oversee operational information systems security implementation programs. Coordinate with Information System Security Officer (ISSO) or PSO on approval of External Information Systems (e.g. guest systems, interconnected system with another organization). Oversee ISSOs to ensure they follow established policies and procedures and timelines. Ensure CM policies and procedures for authorizing the use of hardware/software on an IT system are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the AODR prior to the addition, change or modification. ISSM shall have authority to veto any proposed change they feel is detrimental to security in boundaries under their purview. Appeals on an ISSM/ISSO veto may be taken to the AODR. Ensure approved procedures are used for sanitizing and releasing system components and media as necessary. Ensure proper measures are taken when cyber security incident or vulnerability is discovered. Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. Manage, maintain, and execute the information security continuous monitoring plan. Ensure a record is maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AODR; and assess changes to the system, its environment, and operational needs that could affect the security authorization. Other related tasks as assigned. Support information technology (IT) security goals and objectives and reduce overall organizational risk; Advise senior management (e.g., Chief Information Security Officer [CISO] and Chief Information Officer [CIO] on risk levels and security posture.); Advise appropriate senior leadership of changes affecting the organization's cybersecurity posture; Communicate the value of information technology (IT) security. Knowledge, Skills, and Abilities: Highly organized individual with exceptional communication skills, ensuring all stakeholders are consistently informed and updated as required. Excellent written and oral communication skills (writing samples may be requested). Attention-to-detail is critical, proven ability to look closely at your work to identify and correct errors, spot and improve weaknesses and produce a near-perfect end-result. Ability to identify problems, brainstorm and analyze answers, and implement the best solutions. Ability to develop and review security related procedures or processes and reports. Demonstrated ability to provide clear, precise, and factual information to senior leaders, team members, and external stakeholders. Capable of attending all customer-required meetings and promptly providing responses as requested. Familiarity with applicable regulations affecting Cyber Security NIST 800 Series Standards. Clearance: Must possess (or be able to obtain) a “Q” level security clearance. Education: A bachelor's degree in information technology systems, computer science, or related field and experience in information technology systems or related area. Relevant experience may be substituted for education on a year-for-year basis. Experience: 7+ years in IT security or related field. Authority to Operate Life Cycle (ATO), Risk Management, POAMS & Milestones Certification: Highly desired certifications: Certified Information System Security Professional (CISSP) Certified Information Security Manager (CISM) Benefits Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental Matching 401K Short- and Long-Term Disability Pet Insurance Professional Development/Education Reimbursement Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Client: Metropolitan Transportation Authority Job Title: IGA/Security Analyst Duration: 12+Months Contract Number of Hours: 37.50 Hrs/Week Interview Type: Either Webcam Interview or In Person Ceipal ID: MTA_SECU154_MA Requirement ID: 5154-1 **PLEASE NOTE THIS POITION WILL ALLOW CONSULTANT TO WORK A HYBRID REMOTE SCHEDULE. UPON START DATE CONSULTANT WILL BE REQUIRED TO WORK FIRST MONTH FULLY ONSITE. ONCE WORK CAPABILITY IS ESTABLISHED, CONSULTANT WILL BE ALLOWED TO WORK A HYBRID REMOTE SCHEDULE CONSISTING OF 3 DAYS ONSITE/ 2 DAYS REMOTE. ASLO HOURS PER WEEK IS 37.5 NO OVERTIME** Overview: The IGA Analyst will play a critical role in strengthening the organization's identity security posture across corporate, frontline, and operational technology (OT) environments. This role will focus on onboarding applications into the enterprise IGA platform, modernizing authentication through FIDO2 and passwordless technologies, and reducing technical debt through effective governance and lifecycle management controls. The ideal candidate has hands-on experience with major IGA, PAM, and MFA platforms, possesses a strong understanding of Active Directory and Entra ID, and can collaborate with cross-functional teams to implement scalable identity controls that align with Zero Trust principles. KEY RESPONSIBILITIES: **Application Onboarding & Integration** * Partner with application owners to onboard and certify applications within the IGA platform (e.g., SailPoint, Saviynt, or Oracle). * Define and enforce access models, entitlements, and approval workflows for new and existing applications. * Establish least-privilege and segregation-of-duties (SoD) controls within IGA. **Identity Security Posture & Technical Debt Reduction** * Identify and remediate identity risks such as orphaned accounts, excessive entitlements, and privileged access sprawl. * Contribute to ongoing cleanup initiatives for AD, Entra ID, and connected systems to align with modern identity hygiene standards. * Support implementation of risk-based access policies and automated lifecycle management processes. **Authentication Modernization** * Support the adoption of phishing-resistant authentication methods, including FIDO2 security keys and passwordless sign-ins. * Collaborate with MFA and SSO platform teams to migrate legacy authentication flows to modern protocols (e.g., WebAuthn, OIDC, SAML). * Evaluate user experience, security impact, and deployment readiness across diverse user populations (corporate, frontline, OT). **Federation & Access Management** * Configure and manage federated SSO integrations via Entra ID and other IdPs. * Apply conditional access and adaptive authentication policies based on user risk, device health, and context. * Coordinate with PAM teams to align privileged session management with federated access controls. **Cross-Domain Collaboration** * Partner with security architecture, IAM engineering, and compliance teams to ensure IGA controls meet enterprise and regulatory standards. * Document and report on metrics related to access certifications, compliance posture, and identity lifecycle performance. * Provide operational support for IGA platform maintenance, upgrades, and new integrations. QUALIFICATIONS * Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience). * 3-5 years of hands-on experience in Identity Governance & Administration (IGA). * Strong knowledge of Active Directory, Entra ID, and federated authentication protocols (SAML, OIDC, OAuth2). * Familiarity with one or more of the following platforms: * IGA: SailPoint, Saviynt, Oracle IDCS * PAM: BeyondTrust, CyberArk, ManageEngine PAM360 * MFA/SSO: Microsoft Entra ID, Duo, Okta, Ping Identity * Working knowledge of Zero Trust, FIDO2, passwordless, and phishing-resistant MFA concepts. * Experience applying IGA controls for diverse user types (corporate, frontline, OT). * Strong analytical, documentation, and communication skills; ability to collaborate across technical and business teams. Additional Skills and Information: * Experience with identity lifecycle automation and role-based access control (RBAC) modeling. * Understanding of privilege escalation risks, identity threat detection, and compliance frameworks (NIST 800-63B, CIS, TSA, etc.). * Scripting knowledge (PowerShell, Python, or SQL) for data analysis or automation. * Familiarity with cloud identity models (Azure, AWS, GCP). V Group Inc. is a NJ based IT Services and Products Company with its business strategically categorized in various Business Units including Public Sector, Enterprise Solutions, Professional Services, Ecommerce, Projects, and Products. Within Public Sector business unit, we cater IT Professional Services to Federal, State and Local. We have multiple awards/ contracts with 30+ states, including but not limited to NY, CA, FL, GA, MD, MI, NC, OH, OR, CO, CT, TN, PA, TX, VA, NM, VT, and WA. If you are considering applying for a position with V Group, or in partnering with us on a position, please feel free to contact me for any questions you may have regarding our services and the advantages we can offer you as a consultant. Please share my contact information with others working in Information Technology. Website: ************************************** LinkedIn: ***************************************** Facebook: ********************************* Twitter: *********************************

Immediate need for a talented Information Security Analyst - Lead . This is a 09+ months contract opportunity with long-term potential and is located in Atlanta,GA(Hybrid). Please review the job description below and contact me ASAP if you are interested. Job ID:25-93807 Pay Range: $68 - $68.61/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Act as a liaison between cybersecurity metric owners, data engineers, and governance teams to ensure accurate and timely metric development. Facilitate metric working sessions to define metric name, definition, calculation, system of record, and critical data elements (CDEs). Support the documentation and validation of metric logic and data lineage. Coordinate and lead standing meetings to provide updates, manage timelines, and escalate blockers or data challenges. Review and validate data quality and completeness of metric inputs in coordination with data engineers. Support the development of root cause commentary and trend analysis for metrics that breach established thresholds. Partner with control and process owners to align metrics with applicable frameworks (e.g., NIST CSF, CIS, FFIEC). Prepare clear, concise executive-level summaries and presentations on metric performance and risk trends. Maintain oversight of multiple metrics in different stages of the build lifecycle, ensuring governance and consistency. Contribute to continuous improvement of the metrics program, including standardization, automation, and data quality enhancements. Key Requirements and Technology Experience: Key Skills;Metrics governance/Risk Metrics/Performance Metrics . Bachelor's degree or five years of related experience or an equivalent combination of education and experience In-depth knowledge of principles, practices, theories, and/or methodologies associated with the professional discipline (e.g., information technology, project management, finance, risk management, etc.) Understands foundational concepts of other related professional disciplines. Experience managing small projects Ability to interpret and explain complex information to a range of audiences and build consensus among different stakeholders. Ability to provide direction and mentor less experienced teammates Strong organizational skills with the ability to manage multiple priorities simultaneously. Excellent written and verbal communication skills, including experience drafting executive summaries. Proficiency in Microsoft Excel, PowerPoint, and collaboration tools (e.g., Teams, SharePoint). 5-7 years of experience in cybersecurity, risk management, technology project coordination, or data analytics. Familiarity with cybersecurity domains (e.g., vulnerability management, DLP, IAM, cloud security, incident management). Working knowledge of risk and performance metric design, including KRIs, KPIs, and operational indicators. Experience gathering and documenting business requirements and translating them into actionable data or metric logic. Basic understanding of SQL or ability to read data dictionaries and data mappings. Exposure to cyber control frameworks such as NIST CSF, ISO 27001, or CIS. Exposure to Agile or iterative project delivery methods. Cybersecurity/Risk management Vulnerability management Stakeholder engagement . Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration. Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

Essential Duties and Responsibilities: Working with security tools and API integration work including writing scripts and development of automation around detection and remediation activities. Given the growing nature of the organization, you will work closely with other internal and external groups and may also assist in other security activities as necessary in response to assessments and/or audits. Implementing and operating vulnerability management and security log collection and monitoring tools, analyzing data from those tools and providing recommendations for security improvements to existing processes and technology, and participating in and leading incident response efforts. Identification and remediation of OS and network security weaknesses and vulnerabilities Respond to internal and/or external reports, events, and incidents (e.g. scanning, hacking, phishing) Qualifications: Bachelor's in computer science (or equivalent) degrees Minimum of 5+ years of documented information security work experience At least 5+ years of system/network security experience, including threat modeling, threat assessments, risk identification techniques, penetration testing Detailed knowledge of network and Web related protocols (e.g., TCP/IP, IPSec, HTTP, SSL, routing protocols) Atalla HSM experience (knowledge of transaction encryption) and Imperva, SecureSphere, WAF, and DB experience. Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, MDM etc. Demonstrated experience with malware remediation. Experience in one or more technical forensic tools Experience with Splunk from systems deployment and endpoint configuration to log analysis and interpretation. Ability to identify signs of intrusion or infection on a variety of systems. Expertise in administration of enterprise OS's Ability to move seamlessly between a hacker / attacker mindset and a security engineer / defender mindset Hands on experience with Nmap, vulnerability scanners, ZAP, Kali, MetaSploit, Wireshark, Kismet, Aircrack-ng Penetration testing experience Application and database security experience, including code reviews Network and security engineering experience, including log and network traffic capture analysis IT security certifications (SANS GIAC, CISSP, CCNA Security, CCNP Security, RHCSA or RHCE, MCP or MCSE ) are a plus Experience with advanced malware technologies is a plus. MerchantE does not provide visa sponsorship for this position. Candidates must be legally authorized to work in the United States without current or future sponsorship.

Immediate need for a talented Cloud Security Engineer.This is a 12+ Months contract opportunity with long-term potential and is located in Richmond, VA USA (Onsite) Please review the job description below and contact me ASAP if you are interested. Job Diva ID: 25-95757 Pay Range: $80 - $84/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Wiz Platform Deployment & Ownership CSPM, CWPP, CI/CD Integration & Remediation Alerting, Monitoring & Incident Response Integration Remediation, Ownership & Continuous Improvement Cloud Security Engineering & Architecture playbook creation. Leadership, Strategy & Governance Develop and maintain the technical IT/cyber capabilities including all phases of the software development lifecycle and software stack which includes threat modeling of application designs, static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST), and penetration testing. Lead efforts related to designing, planning, enhancing, and testing all Cloud cybersecurity technologies used throughout the enterprise including base-lining current systems, trend analysis, and capacity planning as required for future systems requirements and new technologies. Analyze information to determine, recommend, and plan the use of new Cloud information security technologies, or modifications to existing equipment and systems that will provide capability for proposed project or workload, efficient operation and effective use of allotted resources Lead the implementation of new Cloud security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff Use sophisticated analytical thought through models, testing, and experience to exercise judgment and identify innovative solutions. Responsible for technical support of Cloud security technologies providing expert problem analysis and resolution in a timely manner. Creation of CI/CD automation leveraging Terraform for Cloud Security Services and Modules Leads teams or projects with moderate resource requirements, risk, and complexity. Key Requirements and Technology Experience: Key Skills; Cloud Security, AWS/Azure/GCP, Wiz platform Bachelor's degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security Previous experience in leading complex IT projects 10+ years Cloud Security experience 6+ years securing AWS/Azure/GCP Deep expertise in Wiz platform Strong experience with CSPM, CWPP, CI/CD security Strong automation and scripting background Experience in Global 100 or Fortune 50 environments Wiz Architect/Practitioner certifications AWS/Azure/GCP security certifications Banking or financial services experience. Other security certifications (e.g. CCNA Security, GSEC, GCED, GPPA, etc.) Other technical Certifications (e.g. CCNA, RHCE, MCSE, etc.) Certification in Information Security Management (e.g. Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Manager (CISM)), or related security certification(s) Our client is a leading Banking Industry , and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. By applying to our jobs, you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

We're looking for an Information Security Engineer to join our team and help strengthen our endpoint, access, and compliance security posture across the organization. If you thrive in a fast-paced environment and enjoy solving complex security challenges, we'd love to connect. 🔐 Key Responsibilities Support endpoint and access security across Windows and mac OS environments. Review and validate privileged access requests using least-privilege principles. Assist in developing and implementing security policies, elevation rules, and device configurations. Troubleshoot security-related issues, including elevation failures and policy conflicts, using tools like BeyondTrust EPM. Participate in compliance and governance initiatives, including secure analytics and data protection efforts. Prepare clear documentation, meeting updates, and stakeholder communications. Contribute to continuous improvements in cyber engineering and endpoint security. 💡 Ideal Candidate Experience with endpoint security tools (e.g., BeyondTrust, EDR, MDM). Strong understanding of access control, least-privilege frameworks, and security best practices. Ability to collaborate with cross-functional teams and communicate effectively. Curious, proactive, and ready to solve complex security problems.

Our client is currently seeking a Information Security Engineer 3 ***W2 only, No corp to corp - No 1099 - No 3rd party*** Information Security Engineer 3 Schedule: Friday-Monday, 10:30am-8:30pm AZT Contract with potential to convert to full-time Pay: $53-$57 HR Role Overview This role supports the Cyber Threat Fusion Center, specifically covering weekend operations. The consultant will work closely with threat analysts, incident responders, and engineering teams to monitor, investigate, and respond to security events across the enterprise. There is potential for: Full‑time conversion, and Transition to the weekday team if a position opens due to promotion or movement. Core Technical Skills (Required) Splunk - SIEM monitoring, alert triage, dashboarding, log analysis CrowdStrike Falcon - EDR investigation, threat hunting, incident response Nice-to-Have Skills FireEye - Malware and threat analysis Palo Alto XSOAR - Case management and automation workflows NetWitness - Network traffic analysis and packet investigation Experience Requirements 2-3 years working in a Security Operations Center (SOC) or Cyber Threat Fusion Center Hands-on experience with incident response, threat detection, and security monitoring Additional Notes Candidates must be willing to work the Friday-Monday schedule

Delta Information Systems, Inc. is seeking a highly skilled Information Security Specialist to protect and secure critical systems, data, and intellectual property in a fast-paced Aerospace & Defense environment. This role is responsible for implementing and managing security controls, ensuring compliance with strict regulatory requirements, and defending against advanced cyber threats. The ideal candidate will bring deep technical knowledge, strong problem-solving skills, and the ability to work across teams to maintain the confidentiality, integrity, and availability of sensitive information that supports our national security mission. This is a fully onsite position located in Horsham, PA. Key Responsibilities Implement, monitor, and maintain security tools, including firewalls, intrusion detection/prevention systems, endpoint protection, and SIEM platforms. Perform continuous monitoring, vulnerability assessments, penetration testing, and risk analysis of systems and networks. Ensure compliance with DoD, NIST 800-171, CMMC, ITAR, DFARS, and other regulatory frameworks. Champion the company's certification to CMMC Level 2. Develop, document, and enforce cybersecurity policies, procedures, and incident response plans. Support Government and customer security audits, preparing evidence and remediation plans as required. Investigate and respond to cybersecurity incidents, performing root-cause analysis and recommending corrective actions. Collaborate with IT, Engineering, Program Management, and Security teams to embed cybersecurity best practices into operations and product development. Provide cybersecurity awareness training to employees with a focus on handling sensitive defense-related data. Stay current on emerging cyber threats, nation-state tactics, and evolving compliance regulations impacting aerospace and defense. Qualifications Required: Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience). 5+ years of experience in information security, IT security operations, or cybersecurity. Strong knowledge of NIST 800-171, CMMC, and DFARS cybersecurity requirements. Experience developing, implementing and achieving CMMC compliance. Experience supporting DoD or government contracts with cybersecurity compliance needs. Hands-on experience with security infrastructure: SIEM, IDS/IPS, endpoint security, and network monitoring tools. Strong understanding of Windows, Linux, and cloud environments (Microsoft Office 365, Deltek Costpoint). Excellent analytical, documentation, and communication skills. U.S. Citizenship (required due to defense industry regulations). Preferred: Active security clearance (Secret or higher), or ability to obtain one. Relevant certifications: CISSP, CISM, Security+, CEH, or GIAC. Experience with RMF (Risk Management Framework) and STIG compliance. Familiarity with secure software development, DevSecOps practices, or classified system security. Compensation Competitive salary Outstanding benefits package 100% Paid Coverage for Medical, Dental, and Vision 401(k) Employer Match Employee Stock Ownership Program (company funded) Life Insurance (company funded) Short-Term Disability (company funded) Long-Term Disability (company funded) Vacation & Sick Holidays: 11 days HealthCare FSA Dependent Care FSA What We Offer Opportunities for training, certifications, and career growth. A mission-driven culture where your work contributes to national security. Exposure to advanced technologies and programs critical to the aerospace and defense sector. About Delta Information Systems, Inc. Delta Information Systems (DIS) is an industry-leading supplier of high-quality aerospace telemetry products for Flight Test, Missile Test, Range Safety, Launch Support and Satellite Command and Control applications. Their products address the complete telemetry chain from Data Acquisition, Storage, Transport and Distribution to Telemetry Processing and Display. DIS customers include all DoD entities, all Major Primes, Integrators, Gov Labs, Aircraft & Missile Manufacturers, & Launch Facilities. In addition, Delta Information Systems (DIS) designs and develops sophisticated electronic equipment that is specifically designed to reliably operate in harsh environments. They deliver critical video communications capability for manned and unmanned Intelligence, Surveillance and Reconnaissance (ISR) programs.

Immediate need for a talented Senior Cloud Security Engineer . This is a 04 months contract opportunity with long-term potential and is located in Elkhorn,NE(Remote). Please review the job description below and contact me ASAP if you are interested. Job ID:25-94911 Pay Range: $90 - $91.19/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Deploy and configure container scanning tools to ensure secure containerized environments. Analyze vulnerabilities identified through SAST, DAST, SCA, and container scans, prioritizing remediation based on risk. Develop and maintain custom scripts to automate security processes and enhance scanning capabilities. Consult with development teams to provide secure coding guidance and assist with remediation strategies. Onboard applications into DAST scanning workflows, ensuring proper configuration and coverage. Configure and troubleshoot DAST scans, resolving issues related to application accessibility and scan accuracy. Review and validate SAST and SCA findings, confirming or rejecting false positives and “mitigated by design” claims from development teams. Document findings, create actionable reports, and communicate technical details effectively to stakeholders. Key Requirements and Technology Experience: Key Skills; Strong experience with application security tools: DAST (e.g., Burp Suite, OWASP ZAP), SAST (e.g., Checkmarx, Veracode), and SCA (e.g., Black Duck, Snyk). Hands-on experience with container security and deployment of scanning tools (e.g., Wiz, Prisma, Aqua Security). Proficiency in scripting languages (Python, Bash, or PowerShell) for automation and tool integration. Deep understanding of secure software development lifecycle (SDLC) and common vulnerabilities (OWASP Top 10). Strong experience with application security tools: DAST (e.g., Burp Suite, OWASP ZAP), SAST (e.g., Checkmarx, Veracode), and SCA (e.g., Black Duck, Snyk). Hands-on experience with container security and deployment of scanning tools (e.g., Wiz, Prisma, Aqua Security). Proficiency in scripting languages (Python, Bash, or PowerShell) for automation and tool integration. Deep understanding of secure software development lifecycle (SDLC) and common vulnerabilities (OWASP Top 10). Ability to troubleshoot complex scanning issues and optimize configurations for accuracy and performance. Strong analytical skills for vulnerability triage and risk prioritization. Excellent communication skills for consulting with development teams and explaining technical findings. Experience integrating security tools into CI/CD pipelines. Familiarity with cloud-native security (AWS, Azure, GCP) and container orchestration (Kubernetes). Knowledge of API security testing and microservices architecture. Exposure to DevSecOps practices and security automation frameworks. Relevant certifications such as OSWE, GWAPT, or CSSLP. Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration. Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

Immediate need for a talented Cloud Security Engineer. This is a 12 months contract opportunity with long-term potential and is located in Westlake, TX/ Merrimack, NH(Onsite). Please review the job description below and contact me ASAP if you are interested. Job Diva ID: 25-95092 Pay Range: $70 - $75 /hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: Designing, scaling, and deploying various cloud security controls and services Building processes and workflows along with a consolidated and collaborative integration of IaaS, SaaS, and PaaS cloud services Ensuring seamless user experience with advanced security and compliance of our cloud infrastructure Maintaining and containing business risk as it pertains to the Azure cloud infrastructure Working across teams and Business Units to define requirements and deliver solutions Building comprehensive security controls to enforce policy Supporting business unit technologists deploying to the public cloud Key Requirements and Technology Experience: Key skills; Azure Policy Exp Azure Security Services - Security Center, Key Vault, Log Analytics Identity and Access Management Exp Prior Software Engineering background, any language is fine but someone coming from a Sys Admin/Devops background won't be the right fit here. 6-9 years of experience in IT infrastructure, security, compliance A strong understanding of Azure services and security capabilities Solid hands-on experience with at least two of the following: Engineering/operational support of cloud account configuration in AWS or Azure Software Development, Linux Systems Administration, Data Networking Hands-on configuration of CI/CD pipelines for cloud-native deployments Very strong with scripting languages, including integration with CSP APIs; python preferred Azure Networking Identity and Access Management - RBAC Azure Policies Azure Security Services - Security Center, Key Vault, Log Analytics Azure ARM/PowerShell Ability to work with application and security teams to promote a secure posture in the cloud You can mentor and train other team members to work effectively in the cloud You are a self-starter who can independently by reading technical documentation Advanced Azure Certifications Our client is a leading financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. By applying to our jobs, you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here.

About Company, Droisys is an innovation technology company focused on helping companies accelerate their digital initiatives from strategy and planning through execution. We leverage deep technical expertise, Agile methodologies, and data-driven intelligence to modernize systems of engagement and simplify human/tech interaction. Amazing things happen when we work in environments where everyone feels a true sense of belonging and when candidates have the requisite skills and opportunities to succeed. At Droisys, we invest in our talent and support career growth, and we are always on the lookout for amazing talent who can contribute to our growth by delivering top results for our clients. Join us to challenge yourself and accomplish work that matters. We're hiring Senior Backend Engineer - Cloud Security in Sunnyvale, CA What You Will Do Build containerized microservices and related components for a multi-tenant, distributed system that ingests and processes real-time cloud events, system telemetry, and network data across major cloud platforms. Your work will enable customers to detect risks and strengthen their cloud security posture. Mentor junior engineers, interns, and new graduates, helping them develop strong technical skills and become effective contributors. Write production-quality software primarily in Java using Spring Boot, and work extensively with Kafka, SQL, and other data interfaces. Work within a Kubernetes-based service infrastructure, while learning new technologies as needed. Take ownership of major features and subsystems through the entire development lifecycle-requirements, design, implementation, deployment, and customer adoption. Participate in operational responsibilities, gaining firsthand experience with real-world performance, reliability, and support scenarios-informing how you design and build better systems. Prioritize quality at every stage, performing thorough developer testing, functional validation, integration checks, and performance testing to ensure highly resilient systems. Collaborate closely with Product Management to review, refine, and finalize requirements. Develop a deep understanding of customer needs by engaging with peers, stakeholders, and real-world use cases. What You Bring Bachelor's degree in computer science or similar (Master's preferred). 5+ years of experience building scalable, distributed systems. Passion for software engineering, continuous learning, and working in a collaborative environment. Hands-on experience with AWS, Azure, or GCP, with strong familiarity at the API/programming level. Experience with networking and/or security concepts is a plus. Experience developing containerized services on Kubernetes is strongly desired. Strong programming experience in Java/Spring Boot or Golang. Experience building or using REST APIs. Knowledge of infrastructure-as-code tools such as CloudFormation, Terraform, or Ansible is a plus. Understanding of TCP/IP networking fundamentals. Experience developing in Unix/Linux environments. Droisys is an equal opportunity employer. We do not discriminate based on race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law. Droisys believes in diversity, inclusion, and belonging, and we are committed to fostering a diverse work environment

Are you considering a new role in Cyber Security and want to work in a company that is helping to change the world? Consider joining an organization serving the global scientific research community, supporting the brightest minds on the planet. Are you a collaborative Incident Response Engineer looking to work for a mission driven global organization? About the role, Elsevier is expanding its Global InfoSec Security Incident Response team. As a Security Incident Response Engineer, you will play a crucial role in our internal security support team, assisting with incident response investigations. This team is entrusted with analyzing, triaging, scoping, containing, and providing guidance for remediation, as well as determining the root cause of security incidents. This team also is empowered by collecting and analyzing security incident-related data to identify indicators of attack and compromise. Responsibilities: Assisting in scoping security incidents and identifying indicators of attack and compromise. Analyzing incident data from threat analytics tools. Communicating recommendations and guidance based on security incident analysis. Coordinating responses to security incidents with other security and consulting teams. Developing, documenting, and implementing runbooks, capabilities, and techniques for Incident Response. Performing security triage and analysis on endpoint, server, and network infrastructure. Conducting activities necessary for immediate containment and short-term resolution of incidents. Maintaining current knowledge of the threat landscape, emerging security threats, and vulnerabilities. Investigating the root cause of complex security incidents. Maintaining a high level of confidentiality. Requirements Possess experience in cybersecurity incident response or related fields. Proven ability to analyze, triage, scope, contain, and remediate security incidents. Have current and extensive knowledge of security technologies, tools, and processes. Experience with major cloud providers, including cloud security, networking, and multi-cloud or hybrid deployments. Have current skills in automation using PowerShell, Python, Java, or similar languages. Experience in Linux and/or Mac administration. Experience in Network Security Administration or Systems Administration. Experience supporting large, complex, and geographically distributed enterprise environments. Preferred certifications: CISSP, CISM, SANS, GIAC, ethical hacking/penetration tester, or security risk assessment. Elsevier employs 10,000 people worldwide, including over 2,500 technologists. We have supported the work of our research and health partners for more than 140 years. Growing from our roots in publishing, we offer knowledge and valuable analytics that help our users make breakthroughs and drive societal progress.

Minimum Experience: 10+ Years Key Responsibilities Security & Compliance Serve as divisional lead for NIST 800-171 control alignment, tracking, and remediation. Partner with Internal Audit and Enterprise Security to review non-compliance findings and drive resolution. Maintain and improve Defender for Cloud posture management across Azure infrastructure. Identify, prioritize, and remediate vulnerabilities across infrastructure, networks, and systems. Develop and implement Linux patch management strategy and compliance reporting. Contribute to policy documentation and control evidence collection for SOX and NIST readiness. Infrastructure & Cloud Security Operations Work closely with Infrastructure, Cloud Ops, and Application teams to assess risk and prevent operational disruption. Integrate security best practices into Azure, network, and datacenter operations. Utilize Defender, Azure Security Center, and related tools to monitor and report on environment health. Coordinate with Cloud and Systems Engineers to validate patch success, compliance metrics, and configuration baselines. Automate recurring security validation and compliance tasks using scripting (PowerShell, Python, Bash). Governance, Reporting, and Training Maintain centralized tracking for security initiatives, audit remediations, and policy adherence. Partner with PMs to ensure remediation workstreams are integrated into project schedules. Support KnowBe4 phishing campaign analysis and contribute to security awareness reinforcement. Report key risk indicators (KRIs) and compliance metrics to leadership. Required Qualifications 8 years of experience in Information Security, Infrastructure Engineering, or Cloud Operations. Proven experience with Defender for Cloud, Azure Security Center, or equivalent platforms (e.g., Tanium, Nessus, Qualys). Working knowledge of NIST 800-171, NIST CSF, or ISO 27001 frameworks. Experience managing patching and vulnerability remediation across Windows and Linux environments. Proficiency with scripting or automation tools (PowerShell, Python, Bash). Familiarity with Active Directory, Azure AD, and network security principles. Preferred Qualifications Experience with Fortify or similar static code analysis tools. Familiarity with KnowBe4, VRX, or patch compliance tracking systems. Exposure to Azure DevOps, IaC, and configuration-as-code methodologies. Security or cloud certifications (e.g., AZ-500, Security+, CISSP, or equivalent). Success Measures Reduction in open audit findings and non-compliant controls. Establishment of measurable Linux and infrastructure patch compliance reporting. Defender for Cloud secure score improvement over baseline. Defined and repeatable NIST alignment process for divisional systems. Improved coordination between Infrastructure, Cloud, and Security teams during vulnerability remediation. If I missed your call ! Please drop me a mail. Thank you, Harish Accounts Manager/Talent Acquisition Astir IT Solutions, Inc - An E-Verified Company Email:******************* Direct : ***********788 50 Cragwood Rd. Suite # 219, South Plainfield, NJ 07080 ***************

Job Posting Title DevOps & Security Engineer We are looking for a DevOps & Security Engineer to maintain and secure our Web3 stablecoin infrastructure. You will be responsible for overall server architecture, security hardening, node maintenance, and CI/CD deployments to ensure 24/7 system reliability for both our off-chain systems and on-chain nodes. Location: Miami, Florida (temporarily remote, with future hybrid in-office requirements) Key Responsibilities: Manage day-to-day operations of company infrastructure including servers, cloud services, and container platforms. Maintain critical node services including RPC services and oracle components. Establish security protocols and implement host/network security hardening (WAF, security groups, firewalls) Oversee service monitoring, log analysis, troubleshooting, and capacity planning. Build and maintain CI/CD pipelines using GitHub Actions/GitLab CI Manage Docker and Kubernetes clusters. Administer certificates, TLS, VPN, and IAM permission systems. Conduct regular vulnerability scans, coordinate penetration tests, and manage patch updates. Undertake ad hoc projects as we continue to grow. Qualifications: 3+ years of experience in DevOps, infrastructure, or security roles. Strong Linux administration skills with substantial experience in troubleshooting and performance tuning. Proficiency with Docker/Kubernetes, Nginx, load balancing, and logging systems (ELK/EFK). Solid understanding of network security concepts: VPC, ACL, WAF, DDoS protection, firewalls, zero-trust. Experience with at least one major cloud platform (AWS/GCP/Azure). Scripting skills in Shell, Python, or Go.

Sales Representative -- Anindya Mazumdar Role: Not looking for an Architect - require individual heavy on engineering side / looking for a builder. Strong background in cloud security, a deep understanding of regulatory requirements, and the ability to design, implement, and maintain secure cloud solutions Design, develop, and deploy scalable cloud-based security solutions to protect sensitive financial data and ensure compliance with industry regulations. Perform comprehensive vulnerability testing, risk analyses, and security assessments to identify and mitigate potential threats. Develop and coordinate robust cloud security procedures Monitor for and respond to security incidents in the cloud environment, utilizing advanced security tools and techniques. Required: Minimum of 7 years of experience Relevant certifications in Cyber Security, with Cloud specific certifications a plus. Proven experience in cloud security engineering, preferably in a financial institution, with a track record of successfully implementing secure cloud solutions. Strong knowledge of cloud platforms and cloud security best practices, including identity and access management, encryption, and network security. Experience with regulatory compliance frameworks such as PCI-DSS, GDPR, and SOX, and the ability to navigate complex regulatory environments. Experience with DevSecOps practices and tools, including continuous integration and continuous deployment (CI/CD) pipelines. Knowledge of infrastructure as code (IaC) and automation tools, such as Terraform, Ansible, or CloudFormation. Familiarity with security monitoring & incident response tools, such as SIEM, IDS/IPS, and EDR solutions.