Security Engineer jobs at Randstad North America, Inc.

Who We Are: We're powering a cleaner, brighter future. Exelon is leading the energy transformation, and we're calling all problem solvers, innovators, community builders and change makers. Work with us to deliver solutions that make our diverse cities and communities stronger, healthier and more resilient. We're powered by purpose-driven people like you who believe in being inclusive and creative, and value safety, innovation, integrity and community service. We are a Fortune 200 company, 19,000 colleagues strong serving more than 10 million customers at six energy companies -- Atlantic City Electric (ACE), Baltimore Gas and Electric (BGE), Commonwealth Edison (ComEd), Delmarva Power & Light (DPL), PECO Energy Company (PECO), and Potomac Electric Power Company (Pepco). In our relentless pursuit of excellence, we elevate diverse voices, fresh perspectives and bold thinking. And since we know transforming the future of energy is hard work, we provide competitive compensation, incentives, excellent benefits and the opportunity to build a rewarding career. Are you in? Primary Purpose: PRIMARY PURPOSE OF POSITION The Sr OT Systems Security Engineer (OTSSE) will support implementation of the Operational Technology (OT) Security Governance program and provide proactive cyber security risk management. The OTSSE will act as a liaison to OT teams, Security Architects and other CISS teams to effectively communicate and lead OT security engineering design specification, architecting and implementing effective OT security solutions. The OTSSE will also assist with vulnerability mitigation plans, incident response, and security event monitoring engineering support. The OTSSE will ensure the implementation of OT security measures in accordance with established procedures to ensure safety, reliability, confidentiality, integrity, availability, authentication, and non-repudiation, and will perform OT security reviews to identify gaps in security design and architecture. Note: This is a hybrid position (in-office with remote flexibility). Employees are required to be in office at least three days per week (Tuesday, Wednesday, and Thursday). This position must sit out of our Baltimore, MD, Newark, DE, Owings Mills, MD or Kennett Square, PA office. This position is NOT eligible for relocation assistance. Primary Duties: PRIMARY DUTIES AND ACCOUNTABILITIES Provide analytical and technical security recommendations to other team members, technical teams, and business clients, including: Provide OT cyber security guidance to leadership. Work with stakeholders to design OT security design specifications and architectures. Provide input to implementation plans and standard operating procedures as they relate to OT cyber security. Develop specific OT cyber security countermeasures and risk mitigation strategies for systems and/or applications. Work closely with technical teams to implement effective security configurations/requirements, including: Analyze and design security measures to resolve OT vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed. Mitigate/correct security deficiencies identified during Factory Acceptance Testing, Site Acceptance Testing, and/or recommend risk acceptance for the appropriate senior leadership. Verify and update security engineering documentation reflecting the application/system security design features. Verify minimum security design specifications are in place for OT assets to support security event monitoring and incident response. Work closely with the R&D and innovation teams to ensure secure implementation of OT systems into production. ( Assist with vulnerability mitigation planning, incident response and security event monitoring engineering activities for security and compliance requirements Conduct engagement and provide OT cyber security training to OT personnel Job Scope: JOB SCOPE The Senior Operational Technology Systems Security Engineer (OTSSE) will work closely (and primarily) with business OT teams, IT/Utility communications, Engineering and OT clients to implement effective security configurations and requirements; provide analytical and technical security recommendations to other team members, technical teams, and business clients; support OT Security Governance efforts; meet with Exelon business clients and management to help specify and negotiate system/network/application security requirements; work with the R&D and innovation teams to ensure secure implementation of OT systems into production; develop OT security solutions to improve security event monitoring and detection with CISS standards; actively participate in relevant industry OT cyber security workgroups and forums; act as a liaison to business OT teams, Security Architect and IT/UComm, and OT stakeholders to effectively communicate and lead OT security engineering design specification, architecting and implementing effective OT security solutions; develop documentation to support ongoing OT security systems operations, maintenance, and problem resolution; advise on vulnerability mitigation plans, and develop security event monitoring solutions to improve incident detection; work with the Security Policy and Risk Office to assist with the identification, analysis, and remediation of Exelon OT cyber security risk Minimum Qualifications: MINIMUM QUALIFICATIONS Bachelors Degree in Computer Science, engineering, or a related discipline, and typically 5 or more years of solid, diverse experience in OT/ICS, or equivalent combination of education and work experience. At least 3 years of demonstrated experience in the energy sector At least 5 years of demonstrable security engineering or related experience, including: Knowledge of disaster recovery continuity of operations plans Knowledge of Risk Management Framework (RMF) requirements Knowledge of incident response and handling methodologies. Knowledge of network security architecture concepts including topology, protocols, components, and principles Knowledge of authentication, authorization, and access control methods. Knowledge of cryptography and cryptographic key management concepts Knowledge of database systems Knowledge of embedded systems Knowledge of system fault tolerance methodologies Knowledge of how system components are installed, integrated, and optimized Knowledge of ICS supply chain security and risk management policies, requirements, and procedure Knowledge of human-computer interaction principle Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation) Ability to design architectures and frameworks Skill in applying cybersecurity methods, such as firewalls, demilitarized zones, and encryption Knowledge of network access, identity, and access Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services Knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs Knowledge of parallel and distributed computing concepts Knowledge of key concepts in security management (e.g., Release Management, Patch Management) Knowledge of configuration management techniques Comprehensive understanding of change management techniques associated with new technology implementation. Demonstrated experience producing an economic business case. Demonstrated leadership ability. Proven analytical, problem solving, and consulting skills. Excellent communication skills and the proven ability to work effectively with all levels of OT and business management. Preferred Qualifications: PREFERRED QUALIFICATIONS Graduate degree in cyber security, engineering, or related area of expertise. Relevant security certifications (CISSP, CISM, GICSP) At least 3 years of experience as part of an electric utility Appropriate technical skills and in-depth knowledge of business unit functions and applications, including: Demonstrated experience and subject matter knowledge of SCADA, ICS, Distribution Automation, Smart Grid, DMS, and ECS systems architecture. Demonstrated experience and subject matter knowledge of security vulnerabilities and mitigation strategies for industrial SCADA protocols such as DNP3, IEC-61850, Modbus, Tejas V, CDC 2, Vancomm, etc. Demonstrated experience in security risk assessments, requirements development, secure design analysis, architecture assessment and development, and security testing of applications and systems. Extensive experience developing, evaluating, and implementing OT security architectures, technologies, standards, and practices to secure applications and OT. Demonstrated knowledge and experience in the implementation of governance frameworks and security risk management processes, such as NIST, ISO, ISA99, IEC 62443 guidelines and standards. Demonstrated experience in addressing regulatory compliance for the security requirements in applicable laws and regulations, such as NERC CIP, CFATS, or API 1164. Demonstrated experience and subject matter knowledge in cyber security for applications, web architectures, operating systems, databases, and networks. Knowledge and experience in application security standards, methodologies, and technologies. Solid capability to assess network architectures and operating systems for vulnerabilities and develop appropriate security countermeasures. Solid knowledge and experience with OT security aspects of operating systems, embedded operating systems, Programmable Logic Controllers (PLC), Remote Terminal Units (RTU), and Protection and Control relays. Experience in assessing security applications and systems, such as firewalls, security appliances, IDS/IPS, SSL or TLS, IPSec. Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff. Benefits: Annual salary will vary based on a candidate's skills, qualifications, experience, and other factors: $102,400.00/Yr. - $140,800.00/Yr. Annual Bonus for eligible positions: 15% 401(k) match and annual company contribution Medical, dental and vision insurance Life and disability insurance Generous paid time off options, including vacation, sick time, floating and fixed holidays, maternity leave and bonding/primary caregiver leave or parental leave Employee Assistance Program and resources for mental and emotional support Wellbeing programs such as tuition reimbursement, adoption and surrogacy assistance and fitness reimbursement Referral bonus program And much more Note: Exelon-sponsored compensation and benefit programs may vary or not apply based on length of service, job grade, job classification or represented status. Eligibility will be determined by the written plan or program documents.

ISSO/SYSTEMS SECURITY ENGINEER Bowhead is seeking a skilled full-time ISSO/Systems Security Engineer to join our team in Dahlgren, VA. The ideal candidate will have a strong background in computer networking concepts and protocols, as well as network security methodologies. The ISSO/Systems Security Engineer will be responsible for identifying and mitigating vulnerabilities in security systems, conducting vulnerability scans, and applying system, network, and operating system hardening techniques. Responsibilities Key Responsibilities: Conducting vulnerability scans and recognizing vulnerabilities in security systems. Using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.). Conducting application vulnerability assessments. Identifying systemic security issues based on the analysis of vulnerability and configuration data. Sharing meaningful insights about the context of an organization's threat environment that improve its risk management posture. Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Troubleshooting and diagnosing cyber defense infrastructure anomalies and working through resolution. Performing impact/risk assessments. Required Skills: Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems. Skill in using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.). Skill in system, network, and OS hardening techniques (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.). Skill in conducting application vulnerability assessments. Ability to identify systemic security issues based on the analysis of vulnerability and configuration data. Ability to share meaningful insights about the context of an organization's threat environment that improve its risk management posture. Ability to cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Tenable Assured Compliance Assessment Solution (ACAS) Trellix Endpoint Security System (ESS), previously known as McAfee Host Based Security System (HBSS) Skill in applying host/network access controls (e.g., access control list). Skill in using Virtual Private Network (VPN) devices and encryption. Skill in securing network communications. Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution. Skill in performing impact/risk assessments. Skill to develop insights about the context of an organization's threat environment Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Qualifications Required: Knowledge of computer networking concepts and protocols, and network security methodologies. Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth & concept of zero trust). Knowledge of basic system, network, and OS hardening techniques. Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. Knowledge of application vulnerabilities. Knowledge of system administration, network, and operating system hardening techniques. Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Preferred: Knowledge of cyber threats and vulnerabilities. Knowledge of specific operational impacts of cybersecurity lapses. Knowledge of host/network access control mechanisms (e.g., access control list, capabilities list). Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Knowledge of network traffic analysis methods. Knowledge of Virtual Private Network (VPN) security. Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly. Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). Knowledge of application security risks. Physical Demands: Must be able to lift up to 10 pounds Must be able to stand and walk for prolonged amounts of time Must be able to twist, bend and squat periodically SECURITY CLEARANCE REQUIREMENTS: Must be able to obtain a Top Secret clearance may start with a Secret clearance. US Citizenship is a requirement for Top Secret clearance at this location. #LI-JR1

DEVOPS/SYSTEMS SECURITY ENGINEER (CORPIT) Bowhead seeks a motivated DevOps/Systems Security Engineer to serve as the primary Splunk engineer in support of the Naval Surface Warfare Center, Dahlgren Division (NSWCDD). This position will play a central role in developing, managing, and optimizing the command's Splunk environment - establishing administrative governance, improving data visibility, and ensuring the platform aligns with DoD cybersecurity and RMF requirements. The ideal candidate will possess a strong foundation in Splunk administration and security operations, complemented by experience with DoD Risk Management Framework (RMF), aptitude in application-layer security and a collaborative, learning-driven mindset. Responsibilities * Serve as the primary point of contact for the NSWCDD's Splunk environment. * Establish and maintain administrative governance across multiple Splunk instances (e.g., data onboarding, index management, role-based access, and dashboard development). * Collaborate with cross-functional teams to define Splunk data ingestion priorities and ensure log sources align with mission and compliance objectives. * Lead initiatives to improve Splunk performance, health monitoring, and data integrity across the hybrid (on-prem and cloud) enterprise. * Partner with developers and system owners to integrate security telemetry from applications, containers, and cloud workloads into Splunk. * Create and maintain dashboards, alerts, and reports to improve situational awareness and decision-making across the Cloud Group. * Contribute to developing the long-term Splunk strategy and serve as the POC for all Splunk-related activities across NSWCDD. * Apply DoD Risk Management Framework (RMF) principles to ensure Splunk aligns with accreditation and compliance requirements. * Support application-layer and DevSecOps security efforts, including scanning and monitoring activities related to code, APIs, or containers. Qualifications * High School Diploma or Bachelor's degree required and at least five (5+) or more years of relavent expereince. * DOD 8570 IAT level II certification is required (i.e., CompTIA Security+ce). * Hands-on experience administering Splunk Enterprise or Splunk Cloud environments (indexers, search heads, data inputs, user/role management). * Knowledge of SIEM concepts, log management, and correlation rule creation. * Familiarity with DoD cybersecurity frameworks, particularly RMF and STIG compliance. * Understanding of application-layer security concepts, including secure coding, API protection, and container security. * Ability to troubleshoot and resolve data ingestion, parsing, and performance issues within Splunk. * Strong analytical and communication skills; able to convey technical insights to non-technical stakeholders. * Motivated self-starter with the ability to work independently while collaborating effectively across teams. * Curious and self-driven learner with a passion for mastering SIEM technologies. * Abiltiy to serve as the central point of contact for Splunk-related issues ("product owner" mindset). Preferred Qualifications: * Experience with Splunk Enterprise Security (ES) or similar security analytics platforms. * Familiarity with DevSecOps pipelines and code scanning tools (e.g., Fortify, SonarQube). * Experience integrating cloud-native telemetry from AWS, Azure, or hybrid environments. Physical Demands: * Must be able to lift up to 10 pounds * Must be able to stand and walk for prolonged amounts of time * Must be able to twist, bend and squat periodically SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the Top Secret level. US Citizenship is a requirement for Top Secret clearance at this location.

DEVOPS/SYSTEMS SECURITY ENGINEER (CORPIT) Bowhead seeks a motivated DevOps/Systems Security Engineer to serve as the primary Splunk engineer in support of the Naval Surface Warfare Center, Dahlgren Division (NSWCDD). This position will play a central role in developing, managing, and optimizing the command's Splunk environment - establishing administrative governance, improving data visibility, and ensuring the platform aligns with DoD cybersecurity and RMF requirements. The ideal candidate will possess a strong foundation in Splunk administration and security operations, complemented by experience with DoD Risk Management Framework (RMF), aptitude in application-layer security and a collaborative, learning-driven mindset. Responsibilities Serve as the primary point of contact for the NSWCDD's Splunk environment. Establish and maintain administrative governance across multiple Splunk instances (e.g., data onboarding, index management, role-based access, and dashboard development). Collaborate with cross-functional teams to define Splunk data ingestion priorities and ensure log sources align with mission and compliance objectives. Lead initiatives to improve Splunk performance, health monitoring, and data integrity across the hybrid (on-prem and cloud) enterprise. Partner with developers and system owners to integrate security telemetry from applications, containers, and cloud workloads into Splunk. Create and maintain dashboards, alerts, and reports to improve situational awareness and decision-making across the Cloud Group. Contribute to developing the long-term Splunk strategy and serve as the POC for all Splunk-related activities across NSWCDD. Apply DoD Risk Management Framework (RMF) principles to ensure Splunk aligns with accreditation and compliance requirements. Support application-layer and DevSecOps security efforts, including scanning and monitoring activities related to code, APIs, or containers. Qualifications High School Diploma or Bachelor's degree required and at least five (5+) or more years of relavent expereince. DOD 8570 IAT level II certification is required (i.e., CompTIA Security+ce). Hands-on experience administering Splunk Enterprise or Splunk Cloud environments (indexers, search heads, data inputs, user/role management). Knowledge of SIEM concepts, log management, and correlation rule creation. Familiarity with DoD cybersecurity frameworks, particularly RMF and STIG compliance. Understanding of application-layer security concepts, including secure coding, API protection, and container security. Ability to troubleshoot and resolve data ingestion, parsing, and performance issues within Splunk. Strong analytical and communication skills; able to convey technical insights to non-technical stakeholders. Motivated self-starter with the ability to work independently while collaborating effectively across teams. Curious and self-driven learner with a passion for mastering SIEM technologies. Abiltiy to serve as the central point of contact for Splunk-related issues (“product owner” mindset). Preferred Qualifications: Experience with Splunk Enterprise Security (ES) or similar security analytics platforms. Familiarity with DevSecOps pipelines and code scanning tools (e.g., Fortify, SonarQube). Experience integrating cloud-native telemetry from AWS, Azure, or hybrid environments. Physical Demands: Must be able to lift up to 10 pounds Must be able to stand and walk for prolonged amounts of time Must be able to twist, bend and squat periodically SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the Top Secret level. US Citizenship is a requirement for Top Secret clearance at this location.

A Southern Company Security Analyst participates in monitoring, hunting and responding to cyber security events. He or She, provides a front-line role during cyber security incidents, identifying the extent of the threat, business impacts and advising or sometimes performing the most suitable course of action to contain, eradicate and remediate an incident. A Southern Company Security Analyst maintains a good knowledge of the threat landscape, helps enhance visibility and response capabilities by identifying new methods of detecting threats. A Southern Company Security Analyst is proactive and seeks out adversaries determined to negatively impact Southern Companies reputation, financial interest or threatens the safety of our employees and customers. Candidates are expected to discuss and demonstrate they meet required qualifications for applicable roles. Responsibilities Take action on security events presented to Analyst via SIEM, user submissions, dashboards, etc. Self-initiate hunting initiatives to discover potential breaches or undiscovered cyber threats Remain abreast of emerging threat patterns and provide recommendations to detect threats Assists with patching recommendations and workarounds for zero-day threats. Coordinate mitigation or remediations task with stakeholders or supporting teams Communicates with management on incident updates. Monitors SIEM and analyzes security events to determine appropriate actions Monitors emails containing links/attachments associated with potential phishing attempts to determine appropriate actions Identify and tune false positives associated with current security events Document analytical steps and findings associated with security event investigations Qualifications Required for Cyber Security Analyst 2 years IT security experience Minimum 2 years of experience in performing analysis on Windows and LINUX/UNIX systems Minimum 2 years of experience and/or familiarity in the following areas: Network/Endpoint: analysis tools Scripting languages Windows/Unix command line utilities Reputation analysis associated with IP's, Domains, Email Addresses Ticketing Systems Required to submit to a background examination. Experience operating within a security application such as Kali, Metasploit, and etc. Familiar with and have worked within Cyber Security Frameworks such as: NIST 800 - 61 Attack Life Cycle SANS Security Controls MITRE SANS Security 500 Series or other industry standard equivalent Experience with PCAP analysis Experience investigating endpoint and network security events Experience investigating user reported Phishing events (specifically investigating suspicious links and attachments) Experience analyzing security events utilizing sandbox technology Experience operating within a security application such as Kali, Metasploit, and etc. Oral and written communication skills Experience taking ownership of incidents from acknowledgement to resolution Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies Experience initiating security event investigations Preferred capabilities: Oral and written communication skills Ability to take ownership of incidents from acknowledgement to resolution Ability to initiate security event investigations Ability to comprehend and articulate business impact associated with security events Interacting with vendors to support proof of concepts Proficient in Microsoft Office products: Excel, Word, Outlook and etc. Exposure, experience and/or knowledge of cloud technology Familiar with NIST 800-61 and SANS Critical Security Controls Ability to identify and mitigate security events by recommending and/or implementing defensive/preventive strategies Desired certifications: GIAC Security Essentials (GCIH) GIAC Certified Intrusion Analyst (GCIA) Security+ Other certifications within IT Security Characteristics of an Southern Company Cyber Analyst Self-Motivated - Cyber Analysts do not only act when security tools trigger alerts, we are suspicious by nature and can generate security events based on self-initiated task. Perseverance - Cyber Analysts identify resources that allow us to move through or around barriers as we analyze cyber security events. Dependable - Cyber Analysts work within a team environment and thus, we rely on one another for knowledge-sharing and dependence. Integrity - As Cyber Analysts, our reputation is our code of ethics. We are not perfect. We admit our mistakes. We do the right thing. Sense of Humor - Although this may vary, just have one; I promise we can work with it. We have a lot of fun in what we do, so you will need a sense of humor to keep up. This position falls under the company's Insider Threat Program and will have access to, and control over sensitive data, systems or assets. Enhanced personnel screening, which includes a background review, drug screen and psychological assessment, will be required if you are selected for this position

TekWissen provides a unique portfolio of innovative capabilities that seamlessly combines clients insights, strategy, design, software engineering and systems integration. Our tightly integrated offerings are tailored to each clients requirements and span the services spectrum from Application Development/Maintenance testing, IT Consulting & staffing for IT Infrastructure Management through strategic consulting and industry-oriented business process. Job Description Bachelor's preferably in computer science or technical discipline (i.e. engineering) or equivalent experience. 3-5 years experience in mainframe production support/operations environment Thorough understanding of data center hardware and software technologies including network, storage, security, servers, mainframes, and load balancers Expert level experience in Information Technology Security practices, CISSP certification preferred • Knowledge of maintaining and enhancing data security infrastructure, applications and processes 1-3 years experience in working with 3rd party mainframe software suppliers. Basic knowledge of mainframe operational tools (Tivoli, CA-Sysview, Omegamon) Experience with distributed, multi-platform architecture Experience with high volume production systems 1-5 years experience with TSO, MVS, JCL, JES III, FTP, and other operations related to mainframe 1-3 years experience in RACF, and CA-Top Secret security processes and procedures 3 or more years experience developing, deploying or supporting systems software and hardware technologies. Airline or Travel industry experience preferred. Able to successfully handle multiple assignments concurrently. Able to effectively communicate with internal and external customers. Able to follow technical methods and standards Analytic Approach to problem solving Please see attachment. Additional Information Thanks & Regards Raj **************************** ************

Crusoe's mission is to accelerate the abundance of energy and intelligence. We're crafting the engine that powers a world where people can create ambitiously with AI - without sacrificing scale, speed, or sustainability. Be a part of the AI revolution with sustainable technology at Crusoe. Here, you'll drive meaningful innovation, make a tangible impact, and join a team that's setting the pace for responsible, transformative cloud infrastructure. About This Role: At Crusoe, the AI Security Engineer is central to ensuring the safety, integrity, and resilience of our rapidly evolving AI ecosystem. You will serve as the technical authority on securing Large Language Models (LLMs), AI-powered platforms, and the infrastructure that supports them-driving both strategy and execution for our next generation of secure AI systems. What You'll Be Working On: AI Security SME & Strategic Partner: Act as the technical leader and SME on the practical security of our AI and LLM ecosystem and define the long-term technical roadmap for AI security architecture and drive high-impact cross-functional initiatives. LLM Architecture & Design Ownership: Lead the design and implementation of highly secure Generative AI solutions for security applications, focusing on architectural patterns like Retrieval-Augmented Generation (RAG) AI-Powered Tooling & Automation: Architect and implement custom, AI-powered security tooling that automates threat detection, vulnerability analysis, and data access control, moving from proof-of-concept to production at scale. Secure MLOps & Governance: Establish governance and processes for secure MLOps pipelines. Define standards for model versioning, deployment, and monitoring, ensuring they meet rigorous compliance and security requirements. Threat Mitigation & Mentorship: Lead threat modeling exercises for novel AI systems. Apply advanced security and privacy best practices, and mentor senior engineers on secure development practices in the GenAI domain. System-Level Ownership: Drive the entire lifecycle of critical AI security projects. What You'll Bring to the Team: 3+ years of professional experience building and maintaining production systems, with strong Python programming skills and experience across the stack (backend/frontend). Deep expertise in advanced Generative AI techniques, including implementing Retrieval-Augmented Generation (RAG), designing AI Agents and Multi-step Cognitive Processes (MCP), and building with workflow orchestration frameworks. Proven ability to own the entire model lifecycle by designing and managing robust MLOps pipelines; experience with containerization (Docker), virtualization (VMs), and cloud platforms (AWS, GCP, Azure) is a plus. Experience in designing, implementing, and fine-tuning custom LLMs, coupled with a strong understanding of NLP fundamentals, transformer architectures, PyTorch/TensorFlow, and data structures. Strong curiosity about security, privacy, and threat modeling; a desire to safely "break" systems to secure them and apply best practices to AI pipelines and deployments. Strong product sense for rapid iteration and refinement based on data, combined with a collaborative mindset to work closely with engineers, product managers, and security analysts in a fast-paced environment. Benefits: Industry competitive pay Restricted Stock Units in a fast growing, well-funded technology company Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents Employer contributions to HSA accounts Paid Parental Leave Paid life insurance, short-term and long-term disability Teladoc 401(k) with a 100% match up to 4% of salary Generous paid time off and holiday schedule Cell phone reimbursement Tuition reimbursement Subscription to the Calm app MetLife Legal Company paid commuter benefit; $300 per month Compensation: Compensation will be paid in the range of $135,000 - $150,000. Restricted Stock Units are included in all offers. Compensation to be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data. Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.

System Analyst is responsible for utilizing cyber security monitoring tools to provide day-to-day operational support and monitoring of the IT computing infrastructure. This is Shift Work. The Analyst will be expected to provide timely response, troubleshooting and escalation of alerts and coordinate incident response efforts with Cyber Security Operations Center (CSOC) within the Information Security Group. Required Education/Experience * Bachelor's Degree in computer science or related field and 2 years of work experience in Cyber or in an IT related field. or * Associate's Degree in computer science or related field and 4 years of relevant work experience, with at least 2 years of work experience in an IT field or * High School Diploma/GED and 5 years of relevant work experience, with at least 3 years of work experience in an IT field. Relevant Work Experience * Previous IT experience is required. * Previous Cyber Experience is required * Scripting experience preferred * Knowledge of security tools is preferred * Good understanding of industry standard policy, processes and procedures covering incident, problem and change management is preferred Skills and Abilities * Strong written and verbal communication skills * Ability to work within tight timeframes and meet strict deadlines * Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc. Licenses and Certifications * Driver's License Required * Other: Technical certifications Security+, CYSA+ or equivalent, CISSP, etc. Preferred Physical Demands * Sit or stand to answer a phone for the duration of the workday * Sit or stand to use a keyboard, mouse, and computer for the duration of the workday * Ability to read small print and symbols * Work rotating shifts, including nights, midnights, weekends and holidays Additional Physical Demands * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. * Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required. * Must be able and willing to travel within Company service territory, as needed. Core Responsibilities * Monitor, troubleshoot and support intrusion prevention, endpoint protection, data loss prevention, and access control technologies. * 1st Level triage, analysis, and processing of alerts. * Respond swiftly to all alerts; perform initial risk/impact assessments or escalating issues as appropriate. * Open and track incidents through to resolution. * Facilitate communications to both internal and external parties. * Support Corporate Security through forensics analysis of systems, malware, or network. * This is a rotating position with a shift differential that covers holidays, weekends, and nights. * Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required. * Enforce change management controls and guidelines. * Provide real time and near real time responses to end users, technical support groups and IT management. * Perform other related tasks and assignments as required. * Respond to and participate in any incident response efforts. * 1st level threat intelligence processing. * Metric collection. * Perform other related tasks and assignments as required.

System Analyst is responsible for utilizing cyber security monitoring tools to provide day-to-day operational support and monitoring of the IT computing infrastructure. This is Shift Work. The Analyst will be expected to provide timely response, troubleshooting and escalation of alerts and coordinate incident response efforts with Cyber Security Operations Center (CSOC) within the Information Security Group. Required Education/Experience Bachelor's Degree in computer science or related field and 2 years of work experience in Cyber or in an IT related field. or Associate's Degree in computer science or related field and 4 years of relevant work experience, with at least 2 years of work experience in an IT field or High School Diploma/GED and 5 years of relevant work experience, with at least 3 years of work experience in an IT field. Relevant Work Experience Previous IT experience is required. Previous Cyber Experience is required Scripting experience preferred Knowledge of security tools is preferred Good understanding of industry standard policy, processes and procedures covering incident, problem and change management is preferred Skills and Abilities Strong written and verbal communication skills Ability to work within tight timeframes and meet strict deadlines Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc. Licenses and Certifications Driver's License Required Other: Technical certifications Security+, CYSA+ or equivalent, CISSP, etc. Preferred Physical Demands Sit or stand to answer a phone for the duration of the workday Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Ability to read small print and symbols Work rotating shifts, including nights, midnights, weekends and holidays Additional Physical Demands The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required. Must be able and willing to travel within Company service territory, as needed. Core Responsibilities Monitor, troubleshoot and support intrusion prevention, endpoint protection, data loss prevention, and access control technologies. 1st Level triage, analysis, and processing of alerts. Respond swiftly to all alerts; perform initial risk/impact assessments or escalating issues as appropriate. Open and track incidents through to resolution. Facilitate communications to both internal and external parties. Support Corporate Security through forensics analysis of systems, malware, or network. This is a rotating position with a shift differential that covers holidays, weekends, and nights. Must be available 24/7, on call, and/or participate in off-hour emergency response activities as required. Enforce change management controls and guidelines. Provide real time and near real time responses to end users, technical support groups and IT management. Perform other related tasks and assignments as required. Respond to and participate in any incident response efforts. 1st level threat intelligence processing. Metric collection. Perform other related tasks and assignments as required.

The Cyber Security Operations Analyst is primarily responsible for monitoring the front lines of the company's cyber defense program, helping to protect critical systems and data from potential threats, responding to reported security violations, analyzing internet access, connectivity and threats (virus protection, spam, etc.) DUTIES AND RESPONSIBILITIES The following represents the majority of the duties performed by the position but is not meant to be all-inclusive nor prevent other duties from being assigned when necessary. 1. Complies with DOT and OSHA health, safety and environmental requirements and follows safety philosophy and procedures developed by the Company including: applicable environmental, health and safety rules, procedures, and accepted safe work practices, the use of appropriate personal protective equipment and safety systems, and the reporting of workplace hazards and injury or illness arising from workplace activities; observes the workplace to identify conditions or behaviors that should be corrected and takes appropriate action. 2. Monitors Security Information and Event Management (SIEM) alerts, firewall logs, intrusion detection systems, and network activity for suspicious behavior including public and private threat intelligence sources for emerging risks; analyzes internet access, connectivity logs, and alerts related to virus protection, spam, and suspicious behavior including user account activity providing reports on potential anomalies. 3. Conducts daily security log reviews and assists in identifying potential threats; summarizes and shares relevant alerts with the cybersecurity team. 4. Monitors incoming security tickets and alerts; documents and triages security incidents, escalating to senior analysts as needed; assists with evidence collection and incident tracking. 5. Performs scheduled vulnerability scans, analyzes findings, and maintains remediation tracking logs; assists with patch management processes including deployment, tracking, and reporting. 6. Assists with internal and external audits by collecting necessary documentation and evidence. 7. Maintains regulatory compliance documentation as required by TSA, DOT, O SHA, etc.; creates and updates procedural documents, runbooks, security playbooks, and knowledge base articles. 8. Documents all incidents, assessments, and routine checks to support audit readiness and knowledge transfer; manages project tracking logs. 9. Assists with the configuration and maintenance of endpoint protection, firewall settings, and other cybersecurity tools under guidance. 10. Reviews vendor solutions and compiles initial summaries for team consideration; maintains security-related inventories, software licenses, and access lists. 11. Assists with development and dissemination of basic cybersecurity awareness content for end users; tracks completion of required security training and assists with scheduling refresher sessions. 12. Participates in a scheduled on-call rotation for after-hours and weekend security support. REQUIREMENTS · Associate's degree or the equivalent in experience in Cyber Security, Information Technology or related field and a minimum of two (2) years of prior experience in cybersecurity, IT support, or SOC environment. Internship or hands-on training in networking, firewalls, or security systems preferred. Certification such as CompTIA Security+, CASP+, or CEH (preferred or in progress). Knowledge, Skills and Abilities · Ability to actively engage in safe behavior and understand and follow the principles and methods related to pipeline and workplace safety as established by the Company. · Knowledge of emergency and safety procedures, policies procedures, equipment operating parameters, and all applicable DOT, EPA, FERC, DHS, and OSHA requirements. · Knowledge of Active Directory, Exchange, SharePoint, CISCO routing and switching configuration. · Knowledge of firewall and network security and IDS (intrusion detection systems), and network management tools. · Knowledge of TSA security requirements and regulations. · Knowledge of identity management processes and procedures. · Skill in project management. · Ability to manage, track and analyze information. · Ability to effectively work and cooperate with supervisors, co-workers, and vendors. · Ability to follow corporate policies and the directions of supervisors. · Ability to refrain from causing or contributing to the disruption of the workplace.

CURRENT EMPLOYEES - Please apply using "Jobs Hub" in Workday. This career site is for external applicants only. The SAP Security/GRC Admin is responsible for the management and support of SAP Roles and Security with the Diamondback SAP environment. This position will provide technical and thought leadership in the design, development, implementation, and support of the SAP Role Administration functions across the entire landscape. This role will also provide key contributions in a cross functional approach in the overall and ongoing management, testing and support of the SAP landscape for patches, upgrades and day to day operational issues. Job Duties and Responsibilities: * Design, deploy and maintain security solutions that enables the business community to achieve their goals while providing proper identity and access management controls * Analyze processes and system user needs to deliver quality solutions that meet both business and functional end-to-end requirements * Drive overall security strategy including role design and provisioning for S4Hana ecosystem including SAP S/4 HANA, FIORI, GTS, Solution manager, HANA & other Databases, BTP, etc. * Identify security risks, determines the root causes of security violations, suggest the risk mitigation and control measures and build required procedures and controls * Ensures SAP security development and deployment execution align with standards, methodologies, and processes * Identify the root cause of the issues and providing a permanent solution. Work with the Functional team in proposing solutions for the overall stability of the applications * Daily monitoring of jobs that are necessary for the GRC application(s) to run effectively and efficiently, for example nightly management risk analysis reporting * Responsible for day-to-day technical support and resolution of security issues, troubleshooting sap security problems including approval procedures and all the necessary compliance * Develop and maintain processes with applicable documentation related to security by coordinating with IT management and governance teams * Work with IT management as well as governance groups to facilitate appropriate controls around user/system access * Proactively Interact with senior management to discuss and explain issues affecting users or systems * Generate SOX/ad hoc reports on monthly/quarterly/semi-annual basis * Provide production support and enhancement testing for existing security roles and positions/functions * Work closely with SAP functional teams to create roles, profiles and authorizations that meet audit requirements as well as functional requirements for end users * Maintain Segregation of Duties for the SAP environment (e.g. HR/Payroll, BASIS, Security Administration, and BI) * Work collaboratively with a team to design, build and deploy security frameworks, devices and applications * Vulnerability Assessment and Penetration Testing: Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address potential security weaknesses in SAP S/4 environments. * Be able to provision and de-provision users and roles with appropriate SAP security levels * Able to effectively prioritize tasks in a high-speed environment * Candidate must have strong problem-solving skills, be self-directed and capable of working with minimal supervision * Must have a strong, demonstrated commitment to customer service and be committed to pro-active review of processes and procedures to continually enhance service quality, service delivery and support * Cross Training Support for other SAP S/4 HANA Cross-functional team * Occasional work in off-hours to minimize disruption to business Required Qualifications: * Bachelor's Degree in Business Management, Information Systems or related field or equivalent in years of experience * Four (4+) years in-depth experience in SAP GRC, Role Administration & Security implementation, and production support in ECC 6.0/S4-HANA * Experience with SAP S/4 HANA security and authorizations * Experience in SAP S/4 HANA version 1909 or later * Experience in creating and assigning FF ID's and extracting Fire Fighter logs * In-Depth understanding of SAP Security Role design & GRC Architecture * Very good understanding of role remediation, setting up of SAP Security processes * Expertise in SAP Security automation and scripts creation for mass maintenance * Expertise in Running and publishing various SOX reports like, UAR, Critical Actions, SOD, Critical Permissions, Firefighter Log Review * Experience in maintaining and troubleshooting Structural Authorizations Preferred Qualifications: * Experience in SAP security engagements with cloud applications, Azure, etc * Experience in supporting end-to-end SAP Security projects, Security and GRC workshops, testing support, Cutover prep, and Hyper care activities * Experience in Role design in S/4 with Catalog and Group for Fiori Apps and good analytical skills in issue resolution * SAP GRC Certification * In-Depth understanding on FIORI requirement specifications, design, development, and testing * In-Depth understanding of core BASIS functions and activities * Minimum of three (3+) years of SAP experience within a large organization including implementing and supporting * Experience in creating/maintaining GRC solutions * Experience creating user and security roles for Fiori applications * Experience with SOD development and ongoing controls * Role administration across multiple landscape * Oil and Gas experience preferred * Experience with system monitoring, background job administration, spool administration * Experience working with SAP GRC 10.0/10.1, SAP HCM and SAP Solution Manager * Experience with SAP GRC Access Control configuration that includes MSMP and BRFPlus * Experience in designing, configuring, and implementing SAP GRC Access Request Analysis (ARA), Access Request Management (ARM), Emergency Access Management (EAM), and Business Role Management (BRM) * Strong knowledge in provisioning to SAP LDAP and SAP Enterprise Portal platforms for ABAP Roles, UME Roles, and Portal Roles/Groups. Work Authorization: Diamondback Energy is not currently sponsoring employment visas for this position. Diamondback is an Equal Employment Opportunity Employer. Diamondback provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, veteran or disability status, genetic information, pregnancy, or any other status protected by law. Diamondback participates in E-Verify. Learn more about E-Verify.

Job Description Crusoe's mission is to accelerate the abundance of energy and intelligence. We're crafting the engine that powers a world where people can create ambitiously with AI - without sacrificing scale, speed, or sustainability. Be a part of the AI revolution with sustainable technology at Crusoe. Here, you'll drive meaningful innovation, make a tangible impact, and join a team that's setting the pace for responsible, transformative cloud infrastructure. About This Role: At Crusoe, the Corporate Security Engineer is essential for safeguarding our employees, data, and infrastructure. You will be responsible for designing, implementing, managing, and optimizing security solutions across our corporate landscape. By leveraging modern security principles like "secure by design" and Zero Trust, you will help build and maintain a robust corporate security posture, with a key focus on endpoint security, identity and access management (IAM), SaaS application security, data loss prevention (DLP), and incident response. What You'll Be Working On: MDM Administration & Endpoint Security: Implementing, administering, and optimizing Mobile Device Management (MDM) solutions and enforcing security policies across diverse endpoints (laptops, mobile devices). Hardware & Software Security Standards: Establishing and maintaining hardware/software security standards and ensuring the strong security posture of corporate devices. Identity & Access Management (IAM): Designing, implementing, and managing core Identity & Access Management (IAM) technologies, including SSO, MFA, PAM, and identity lifecycle solutions, contributing to our Zero Trust architecture. Data Protection & Email Security: Implementing, configuring, and tuning Data Loss Prevention (DLP), SaaS Security Posture Management (SSPM), and email security solutions to protect against various threats. Secure Architecture & Technology Evaluation: Designing secure corporate environments using "secure by design" principles and evaluating the security posture of new technologies, vendors, and applications. Security Operations & Incident Response: Actively participating in corporate security operations, including monitoring security alerts, detecting, triaging, investigating, and responding effectively to security incidents. Security Consulting & Best Practices: Consulting with and advising IT, Engineering, and other teams on secure architecture, IAM best practices, and secure configurations. What You'll Bring to the Team: 3-5+ years of hands-on experience in a Corporate Security, Enterprise Security, or similar role. Proven experience designing, implementing, and managing security technologies at scale, including: MDM solutions (e.g., Intune, Kandji, Jamf, etc.) IAM solutions (e.g., Okta, Azure AD, IGA applications, etc. including SSO, MFA, PAM concepts) Endpoint security tools (EDR/XDR) Email threat protection solutions DLP and/or SSPM solutions. Strong understanding of modern security principles, including Zero Trust architecture, "secure by design," and defense-in-depth. Experience with securing SaaS applications and enforcing security policies. Demonstrated experience in security incident response, including triage, investigation, and remediation. Familiarity with scripting languages (e.g., Python, PowerShell) for automation and integration. Excellent problem-solving, analytical, and critical-thinking skills. Strong communication and collaboration skills, with the ability to work effectively across different teams. Embody the Company values. Benefits: Industry competitive pay Restricted Stock Units in a fast growing, well-funded technology company Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents Employer contributions to HSA accounts Paid Parental Leave Paid life insurance, short-term and long-term disability Teladoc 401(k) with a 100% match up to 4% of salary Generous paid time off and holiday schedule Cell phone reimbursement Tuition reimbursement Subscription to the Calm app MetLife Legal Company paid commuter benefit; $300 per month Compensation: Compensation will be paid in the range of $130,000 - $170,000 + Bonus. Restricted Stock Units are included in all offers. Compensation to be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data. Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.

Crusoe's mission is to accelerate the abundance of energy and intelligence. We're crafting the engine that powers a world where people can create ambitiously with AI - without sacrificing scale, speed, or sustainability. Be a part of the AI revolution with sustainable technology at Crusoe. Here, you'll drive meaningful innovation, make a tangible impact, and join a team that's setting the pace for responsible, transformative cloud infrastructure. About This Role: At Crusoe, the Corporate Security Engineer is essential for safeguarding our employees, data, and infrastructure. You will be responsible for designing, implementing, managing, and optimizing security solutions across our corporate landscape. By leveraging modern security principles like "secure by design" and Zero Trust, you will help build and maintain a robust corporate security posture, with a key focus on endpoint security, identity and access management (IAM), SaaS application security, data loss prevention (DLP), and incident response. What You'll Be Working On: MDM Administration & Endpoint Security: Implementing, administering, and optimizing Mobile Device Management (MDM) solutions and enforcing security policies across diverse endpoints (laptops, mobile devices). Hardware & Software Security Standards: Establishing and maintaining hardware/software security standards and ensuring the strong security posture of corporate devices. Identity & Access Management (IAM): Designing, implementing, and managing core Identity & Access Management (IAM) technologies, including SSO, MFA, PAM, and identity lifecycle solutions, contributing to our Zero Trust architecture. Data Protection & Email Security: Implementing, configuring, and tuning Data Loss Prevention (DLP), SaaS Security Posture Management (SSPM), and email security solutions to protect against various threats. Secure Architecture & Technology Evaluation: Designing secure corporate environments using "secure by design" principles and evaluating the security posture of new technologies, vendors, and applications. Security Operations & Incident Response: Actively participating in corporate security operations, including monitoring security alerts, detecting, triaging, investigating, and responding effectively to security incidents. Security Consulting & Best Practices: Consulting with and advising IT, Engineering, and other teams on secure architecture, IAM best practices, and secure configurations. What You'll Bring to the Team: 3-5+ years of hands-on experience in a Corporate Security, Enterprise Security, or similar role. Proven experience designing, implementing, and managing security technologies at scale, including: MDM solutions (e.g., Intune, Kandji, Jamf, etc.) IAM solutions (e.g., Okta, Azure AD, IGA applications, etc. including SSO, MFA, PAM concepts) Endpoint security tools (EDR/XDR) Email threat protection solutions DLP and/or SSPM solutions. Strong understanding of modern security principles, including Zero Trust architecture, "secure by design," and defense-in-depth. Experience with securing SaaS applications and enforcing security policies. Demonstrated experience in security incident response, including triage, investigation, and remediation. Familiarity with scripting languages (e.g., Python, PowerShell) for automation and integration. Excellent problem-solving, analytical, and critical-thinking skills. Strong communication and collaboration skills, with the ability to work effectively across different teams. Embody the Company values. Benefits: Industry competitive pay Restricted Stock Units in a fast growing, well-funded technology company Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents Employer contributions to HSA accounts Paid Parental Leave Paid life insurance, short-term and long-term disability Teladoc 401(k) with a 100% match up to 4% of salary Generous paid time off and holiday schedule Cell phone reimbursement Tuition reimbursement Subscription to the Calm app MetLife Legal Company paid commuter benefit; $300 per month Compensation: Compensation will be paid in the range of $130,000 - $170,000 + Bonus. Restricted Stock Units are included in all offers. Compensation to be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data. Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.

Job Description Crusoe's mission is to accelerate the abundance of energy and intelligence. We're crafting the engine that powers a world where people can create ambitiously with AI - without sacrificing scale, speed, or sustainability. Be a part of the AI revolution with sustainable technology at Crusoe. Here, you'll drive meaningful innovation, make a tangible impact, and join a team that's setting the pace for responsible, transformative cloud infrastructure. About This Role: At Crusoe, the Corporate Security Engineer is essential for safeguarding our employees, data, and infrastructure. You will be responsible for designing, implementing, managing, and optimizing security solutions across our corporate landscape. By leveraging modern security principles like "secure by design" and Zero Trust, you will help build and maintain a robust corporate security posture, with a key focus on endpoint security, identity and access management (IAM), SaaS application security, data loss prevention (DLP), and incident response. What You'll Be Working On: MDM Administration & Endpoint Security: Implementing, administering, and optimizing Mobile Device Management (MDM) solutions and enforcing security policies across diverse endpoints (laptops, mobile devices). Hardware & Software Security Standards: Establishing and maintaining hardware/software security standards and ensuring the strong security posture of corporate devices. Identity & Access Management (IAM): Designing, implementing, and managing core Identity & Access Management (IAM) technologies, including SSO, MFA, PAM, and identity lifecycle solutions, contributing to our Zero Trust architecture. Data Protection & Email Security: Implementing, configuring, and tuning Data Loss Prevention (DLP), SaaS Security Posture Management (SSPM), and email security solutions to protect against various threats. Secure Architecture & Technology Evaluation: Designing secure corporate environments using "secure by design" principles and evaluating the security posture of new technologies, vendors, and applications. Security Operations & Incident Response: Actively participating in corporate security operations, including monitoring security alerts, detecting, triaging, investigating, and responding effectively to security incidents. Security Consulting & Best Practices: Consulting with and advising IT, Engineering, and other teams on secure architecture, IAM best practices, and secure configurations. What You'll Bring to the Team: 3-5+ years of hands-on experience in a Corporate Security, Enterprise Security, or similar role. Proven experience designing, implementing, and managing security technologies at scale, including: MDM solutions (e.g., Intune, Kandji, Jamf, etc.) IAM solutions (e.g., Okta, Azure AD, IGA applications, etc. including SSO, MFA, PAM concepts) Endpoint security tools (EDR/XDR) Email threat protection solutions DLP and/or SSPM solutions. Strong understanding of modern security principles, including Zero Trust architecture, "secure by design," and defense-in-depth. Experience with securing SaaS applications and enforcing security policies. Demonstrated experience in security incident response, including triage, investigation, and remediation. Familiarity with scripting languages (e.g., Python, PowerShell) for automation and integration. Excellent problem-solving, analytical, and critical-thinking skills. Strong communication and collaboration skills, with the ability to work effectively across different teams. Embody the Company values. Benefits: Industry competitive pay Restricted Stock Units in a fast growing, well-funded technology company Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents Employer contributions to HSA accounts Paid Parental Leave Paid life insurance, short-term and long-term disability Teladoc 401(k) with a 100% match up to 4% of salary Generous paid time off and holiday schedule Cell phone reimbursement Tuition reimbursement Subscription to the Calm app MetLife Legal Company paid commuter benefit; $300 per month Compensation: Compensation will be paid in the range of $130,000 - $170,000 + Bonus. Restricted Stock Units are included in all offers. Compensation to be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data. Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.

Title: Sr. Engineer - Cyber Security Pioneer the next generation of innovation. Join us and you'll develop your skills and expertise to the very highest levels, working in an international environment for a company known the world over for its brilliance. Position Summary: This position performs engineering work related to product security, supporting development and production activities relating to safety and cyber security. Functions include: Key Accountabilities: * Define and lead the implementation of product cybersecurity processes, including the integration of security-related procedures across multiple projects. * Conduct threat analyses and develop appropriate mitigation strategies, document findings and providing actionable recommendations across various projects. * Support the classification, handling, and resolution of security incidents, ensuring timely tracking and closure. * Assist project teams in interpreting and applying standard and technical cybersecurity requirements related to product development. * Lead the review of requirements, architectural design documents, and testing activities from a cybersecurity perspective. * Develop security-related requirements for product use, integration, operation, and maintenance-including customer documentation, training materials, and technical manuals. * Assess and evaluate suppliers based on their competencies and capabilities in product cybersecurity, contributing to supplier selection and integration. * Create detailed reports and documentation to support ongoing and future cybersecurity initiatives. * Contribute to the continuous improvement and evolution of the product cybersecurity process framework. Basic Requirements: * Applicants must be authorized to work for any employer in the U.S without sponsorship. We are unable to sponsor or take over sponsorship of an employment Visa at this time * Bachelor's degree in software or cyber security Engineering with 5-7 years of experience in Software development or similar industry or 9 years of relevant experience Preferred Qualifications: * Proven work experience as a cyber security specialist or similar background * Background in computer science with web application development (Full stack or Front end/Back end) * Dependable, Creative, Versatile, Flexible and Team Orientated * Knowledge in one or more of the following Java/C++, HTML, CSS and APIs, SQL, Influx DB, or any other Database system, Programming: PLC and structure text programming, scripted languages, Boolean/digital logic. * Experience in implementation of SDLC (Software Development Life Cycle) * Device communication: TCP-IP, Modbus, and CAN bus systems is desired. * Power systems: fundamentals, paralleling system management, power electronics * Ability to read, understand and interpret blueprints, line drawings and ladder diagrams * Security field or related field with hands on applied experience. * Strong attention to detail, with excellent written and verbal communication skills. * Strong interpersonal skills and an ability to build and maintain productive, positive relationships with team members and other employees. * Ability to solve problems with limited input. * A desire to learn and grow in a fast-paced environment. * Reasonable accommodations may be made to enable an individual with disabilities to perform essential job functions. * Daily work is performed in an office environment * This position has a traditional work schedule * While performing duties of this position, an employee is regularly required to sit and use hands to manipulate small items such as a keyboard or mouse * Occasionally required to stand, reach, and / or grasp * Frequently required to walk within the work environment * There are no specific vision requirements Rolls-Royce is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to any protected characteristics. At Rolls-Royce, we are committed to creating a workplace where all employees feel respected, supported, and empowered to do their best work. We foster a welcoming and innovative work environment that invests in you, giving you access to an incredible breadth and depth of opportunities where you can grow your career and make a difference. Job Posting Date 18 Nov 2025; 00:11 Pay Range $90,985 - $136,477-Annually Location: Mankato, MN Benefits Rolls-Royce provides a comprehensive and competitive Total Rewards package that includes base pay and a discretionary bonus plan. Eligible employees may have the opportunity to enroll in other benefits, including health, dental, vision, disability, life and accidental death & dismemberment insurance; a flexible spending account; a health savings account; a 401(k) retirement savings plan with a company match; Employee Assistance Program; Paid Time Off; certain paid holidays; paid parental and family care leave; tuition reimbursement; and a long-term incentive plan. The options available to an employee may vary depending on eligibility factors such as date of hire, and employment type. The Business Unit Power Systems of Rolls-Royce provides world-class power solutions and complete life-cycle support under our product and solution brand mtu. Through digitalization and electrification, we strive to develop drive and power generation solutions that are even cleaner and smarter and thus provide answers to the challenges posed by the rapidly growing societal demands for energy and mobility. We deliver and service comprehensive, powerful and reliable systems, based on both gas and diesel engines, as well as electrified hybrid systems. These clean and technologically-advanced solutions serve our customers in the marine and infrastructure sectors worldwide.

Title: Sr. Engineer - Cyber Security Pioneer the next generation of innovation. Join us and you'll develop your skills and expertise to the very highest levels, working in an international environment for a company known the world over for its brilliance. Position Summary: This position performs engineering work related to product security, supporting development and production activities relating to safety and cyber security. Functions include: Key Accountabilities: * Define and lead the implementation of product cybersecurity processes, including the integration of security-related procedures across multiple projects. * Conduct threat analyses and develop appropriate mitigation strategies, document findings and providing actionable recommendations across various projects. * Support the classification, handling, and resolution of security incidents, ensuring timely tracking and closure. * Assist project teams in interpreting and applying standard and technical cybersecurity requirements related to product development. * Lead the review of requirements, architectural design documents, and testing activities from a cybersecurity perspective. * Develop security-related requirements for product use, integration, operation, and maintenance-including customer documentation, training materials, and technical manuals. * Assess and evaluate suppliers based on their competencies and capabilities in product cybersecurity, contributing to supplier selection and integration. * Create detailed reports and documentation to support ongoing and future cybersecurity initiatives. * Contribute to the continuous improvement and evolution of the product cybersecurity process framework. Basic Requirements: * Applicants must be authorized to work for any employer in the U.S without sponsorship. We are unable to sponsor or take over sponsorship of an employment Visa at this time * Bachelor's degree in software or cyber security Engineering with 5-7 years of experience in Software development or similar industry or 9 years of relevant experience Preferred Qualifications: * Proven work experience as a cyber security specialist or similar background * Background in computer science with web application development (Full stack or Front end/Back end) * Dependable, Creative, Versatile, Flexible and Team Orientated * Knowledge in one or more of the following Java/C++, HTML, CSS and APIs, SQL, Influx DB, or any other Database system, Programming: PLC and structure text programming, scripted languages, Boolean/digital logic. * Experience in implementation of SDLC (Software Development Life Cycle) * Device communication: TCP-IP, Modbus, and CAN bus systems is desired. * Power systems: fundamentals, paralleling system management, power electronics * Ability to read, understand and interpret blueprints, line drawings and ladder diagrams * Security field or related field with hands on applied experience. * Strong attention to detail, with excellent written and verbal communication skills. * Strong interpersonal skills and an ability to build and maintain productive, positive relationships with team members and other employees. * Ability to solve problems with limited input. * A desire to learn and grow in a fast-paced environment. * Reasonable accommodations may be made to enable an individual with disabilities to perform essential job functions. * Daily work is performed in an office environment * This position has a traditional work schedule * While performing duties of this position, an employee is regularly required to sit and use hands to manipulate small items such as a keyboard or mouse * Occasionally required to stand, reach, and / or grasp * Frequently required to walk within the work environment * There are no specific vision requirements Rolls-Royce is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to any protected characteristics. At Rolls-Royce, we are committed to creating a workplace where all employees feel respected, supported, and empowered to do their best work. We foster a welcoming and innovative work environment that invests in you, giving you access to an incredible breadth and depth of opportunities where you can grow your career and make a difference. Job Category Electrical and Electronics Job Posting Date 18 Nov 2025; 00:11 Pay Range $90,985 - $136,477-Annually Location: Mankato, MN Benefits Rolls-Royce provides a comprehensive and competitive Total Rewards package that includes base pay and a discretionary bonus plan. Eligible employees may have the opportunity to enroll in other benefits, including health, dental, vision, disability, life and accidental death & dismemberment insurance; a flexible spending account; a health savings account; a 401(k) retirement savings plan with a company match; Employee Assistance Program; Paid Time Off; certain paid holidays; paid parental and family care leave; tuition reimbursement; and a long-term incentive plan. The options available to an employee may vary depending on eligibility factors such as date of hire, employment type, and the applicability of collective bargaining agreements.

Title: Network & Systems Security Analyst, Cisco Focus, Progression Company: Tampa Electric Company State and City: Florida - Tampa Shift: 8 Hr. X 5 Days Hiring Manager: David Cain Recruiter: Mark E Koener TITLE: Network & Systems Security Analyst Progression PERFORMANCE COACH: Mgr Network Engineering & Cyber Security Operations COMPANY: Tampa Electric DEPARTMENT: High Performance Computing & BP Support FOCUS Areas - Cisco Networking - Cisco Wireless - Cisco ISE - Networking Engineering Related Skills POSITION CONCEPT The Network & Systems Security Analyst is responsible for planning/designing, implementing, and supporting new and existing network, server, storage infrastructure. This role is also responsible for ensuring all network security controls (i.e., firewalls, web application firewalls [WAF], proxies, network segmentation, NAC, ACLs, etc.) are implemented and managed per corporate information security standards. Additionally, responsibilities include assessing enterprise assets and critical assets for secure configurations and maintaining and enforcing regulations and standards such as NERC Critical Infrastructure Protection (CIP), Sarbanes-Oxley (SOX), and Payment Card Industry (PCI). Responsible for the design, planning, operation, maintenance, and support of the TECO and NMGC network infrastructure. This includes primary accountability for network technologies such as route/switch, on-premise LAN/WAN, IPAM, Wi-Fi, ISP management, site-to-site VPNs, proxies (forward and reverse), perimeter firewall management, DNS, Azure cloud environments, automation, NAC/user access, hyperconverged infrastructure, and overall network security. Partners with the Telecommunication teams on establishing/upgrading existing circuits/communication links. Responsible for the NERC Cyber Infrastructure Protection and disaster recovery plans. Responsible for VoIP, SIP, DHCP, DNS, TCP/IP routing and routing protocols such as OSPF and BGP, binary mathematics, NAT, PAT, IPsec and SSL VPN technologies, GRE tunneling, route redistribution, traffic shaping, port-level filtering, SD-WAN, MPLS and other communications related technologies. Responsible for the installation, configuration, and maintenance of all WAN and LAN connectivity which includes core and campus switches, routers, firewalls, wireless access points, WAN scalers and load balancer technologies. Responsible for the design, installation, configuration, and maintenance of DNP over IP and serial SCADA communications between the primary and backup control centers, power plants, solar sites, and substations. Responsible for the configuration and maintenance of Smart GRID communication hardware switches and routers between the primary and backup control centers. NETWORK & SYSTEMS SECURITY ANALYST I (LEVEL 1) Monitors and troubleshoots server, network, and security controls related problems and failures; and installs and configures hardware/software. Works under direct supervision. PRIMARY DUTIES AND RESPONSIBILITIES 1. Plan, design, and implement network, server, and storage infrastructure based on project requirements, capacity plans, and system support. (20%) 2. Problem solving involves basic troubleshooting following the OSI (Open Systems Interconnection) model, making or calling for equipment repairs, and problem escalation. (20%) 3. Detection and correction of work stoppages and/or errors are accomplished by monitoring systems and changing configurations, as necessary. (20%) 4. Install and support network, server, and storage hardware and software. (10%) 5. Direct participation in the planning and designing, maintenance, testing and documentation of the company's disaster recovery plans are vital. (10%) 6. Provide and apply appropriate security consulting and support for IT infrastructure across multiple platforms (Firewalls, proxies, WAFs, ACLs, NAC, Operating Systems, NetScaler load balancers, DDoS protection, and other network devices). (10%) 7. Provide third-level technical support for security systems and authentication mechanisms on all operating system platforms. (10%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least one related network, system, operating system, or information security professional certification: (e.g., Microsoft Certified Solutions Associate (MCSA), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Certified Ethical Hacker (CEH), GIAC Certifications, Certified Information Systems Security Professional (CISSP). Preferred: ITIL v3, CCNA, MCSA, VCP, Security+, CISSP EXPERIENCE Required: Minimum four (4) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, or Cisco Networking. In lieu of some experience listed above, may consider three (3) years of related experience with an Associate's Degree or two (2) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Working knowledge of network, server, and security controls infrastructure regardless of the complexity • Working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal and organizational skills • Basic working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI WORKING CONDITIONS Normal working conditions with occasional extended hours during the week and weekends. PHYSICAL DEMANDS/REQUIREMENTS Normal physical demands related to an office and operational (Power Plant, Solar, Control Center) workplace environment. Must be able to lift 50-pound boxes and ascend/descend a ladder to service network access points. NETWORK & SYSTEMS SECURITY ANALYST II (LEVEL 2) In addition to the duties & responsibilities of the Level 1 Analyst, has increased responsibilities in consulting on small project design and plans. May serve as a project lead and mentor Level 1 Analyst. Works under general supervision. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (30%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (40%) 3. Design and planning required for small projects. (20%) 4. Project leadership, consulting, or cross-train peers. (10%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least two related network, system, operating system, or information security professional certification: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum six (6) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider four (4) years of related experience with an Associate's Degree or three (3) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least two related network, system, operating system, or information security professional certification: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum six (6) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider four (4) years of related experience with an Associate's Degree or three (3) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Intermediate knowledge of network, server, and security controls infrastructure regardless of the complexity • Good working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Good working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal and organizational skills • Good working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI NETWORK & SYSTEMS SECURITY ANALYST III (LEVEL 3) In addition to the duties & responsibilities of the Level 2 Analyst, has increased responsibilities in consulting on small project design and plans. May serve as a project lead, cross-train peers, and mentor Analysts. Works under general direction. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (20%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (20%) 3. Design and planning required for small projects. (40%) 4. Project leadership, consulting, or cross-train peers. (20%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least three or two, with the condition to obtain a third certification within one year of hire for this position, related network, system, operating system, or information security professional certifications: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum eight (8) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider six (6) years of related experience with an Associate's Degree or four (4) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Expert knowledge of network, server, and security controls infrastructure regardless of the complexity • Thorough working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Thorough working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal, mentoring, and organizational skills • Good working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI NETWORK & SYSTEMS SECURITY ARCHITECT (LEVEL 4) In addition to the duties & responsibilities of the Level 3 Analyst, has increased responsibilities in consulting on small project design and plans. May serve as a project lead on larger projects, cross-train peers, and mentor all levels of Analysts. Works under general direction. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (10%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (10%) 3. Design and planning required for small and large projects. (40%) 4. Project leadership, consulting, or cross-train peers. (40%) QUALIFICATIONS EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (MIS). LICENSES/CERTIFICATIONS Required: Has obtained at least three related network, system, operating system, or information security professional certifications: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA). Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EXPERIENCE Required: Minimum ten (10) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider eight (8) years of related experience with an Associate's Degree or six (6) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Expert knowledge of network, server, and security controls infrastructure regardless of the complexity • Thorough working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Thorough working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal, mentoring, consulting, and organizational skills • Thorough working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI LEAD NETWORK & SYSTEMS SECURITY ANALYST (PERFORMANCE COACH) In addition to the duties & responsibilities of the Level 3 Analyst, has increased responsibilities in leading and managing Level 1 through 3 Analyst. May serve as a project lead on larger projects, cross-train peers, and mentor all levels of Analyst. Works under general direction. ADDITIONAL DUTIES AND RESPONSIBILITIES 1. Monitors, troubleshoots, diagnoses, and remedies server, network, DDoS protection, NetScaler load balancers, and security controls related problems and failures. (10%) 2. Installs and configures server and network related hardware/software which meet the company's security standards. (10%) 3. Design and planning required for small and large projects. (25%) 4. Project leadership, consulting, or cross-train peers. (25%) 5. Lead and manage the network analyst (Level 1, 2, and 3) team (30%) QUALIFICATIONS LICENSES/CERTIFICATIONS Required: Has obtained at least three or two, with the condition to obtain a third certification within one year of hire for this position, related network, system, operating system, or information security professional certifications: (e.g., Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE), VMware Certified Professional (VCP), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Certified Ethical Hacker (CEH), GIAC Network Forensic Analyst (GNFA) or other GIAC Certifications, Certified Information Systems Security Professional (CISSP), Certified SCADA Security Architect (CSSA). Leadership/management certifications/certificates may be considered in lieu of professional certifications. Preferred: ITIL v3, CCNP, MCSE, VCP, GNFA, CISSP EDUCATION Required: High School Diploma or GED Preferred: Bachelor's degree in Computer Science, Engineering, Math, or equivalent IT discipline (MIS). EXPERIENCE Required: Minimum ten (10) years of related hands-on experience implementing and maintaining Windows, VMware, firewall support, DDoS protection, proxies, WAFs, NetScaler load balancers, Storage Area Networks, or Cisco Networking. In lieu of some experience listed above, may consider eight (8) years of related experience with an Associate's Degree or six (6) years of related experience with a Bachelor's Degree in Computer Science, Engineering, Math, or equivalent IT discipline (e.g., MIS). KNOWLEDGE/SKILLS/ABILITIES (KSA) • Expert knowledge of network, server, and security controls infrastructure regardless of the complexity • Thorough working knowledge for most of the following technologies and operational functions: switching, routing, DNS/DHCP, Windows Active Directory, VMware, Voice over IP, Storage Area Networking, firewall support, DDoS protection, proxy, WAF, NetScaler load balancing, network segmentation, NAC, IDS/IPS, antivirus support, cyber security best practices, and networking/hardware installation and maintenance • Thorough working knowledge with packet analysis and denial of service protection • Strong critical thinking, analytical, problem solving, and risk assessment skills as well as strong listening and communication skills (oral and written) • Ability to present issues and topics of a complex technical nature to non-technical audiences • Excellent interpersonal, mentoring, coaching, and organizational skills • Thorough working knowledge of the processes that ensure compliance with regulatory or industry requirements such as NERC CIP, SOX, and PCI #LI-SC1 TECO offers a competitive Benefits package!! Competitive Salary *401k Savings plan w/ company matching * Pension plan * Paid time off* Paid Holiday time * Medical, Prescription Drug, & Dental Coverage *Tuition Assistance Program * Employee Assistance Program * Wellness Programs * On-site Fitness Centers * Bonus Plan and more!

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience * Master's Degree and with 3 years of relevant experience IT or Information security or * Bachelor's Degree and with 5 years of relevant experience IT or Information security or * Associate's Degree and with 6 years of relevant experience IT or Information security or * High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience * Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). * Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience * Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. * Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. * Knowledge of IAM, rolebased access control, and policy enforcement, required. * Experience integrating cloud telemetry and logs with SIEM tools, required. * Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. * Experience with scripting (Python, PowerShell, Bash) and automation, required. * Experience with WAF and cloud API gateway configurations, required. * Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. * Experience collaborating with cloud service teams for planning and remediation, required. * Experience implementing application security best practices and training engineering teams, required. * Familiarity with CDN operations, certificates, and brand monitoring preferred, required. * Experience with SIEM integration, telemetry collection, and event analysis, preferred. * Demonstrated experience leading technical teams or project groups, preferred. * Experience with Container Security, preferred. * Experience securing API endpoints and implementing advanced cloud application protections, preferred. * Knowledge of AI/ML data protection and secure model deployment practices, preferred. * Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. * Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities * Effective leadership skills * Demonstrated problem solving skills * Demonstrated problem solving skills * Strong written and verbal communication skills * Ability to drive multiple projects to successful completion * Proactively approaches responsibilities Licenses and Certifications * Driver's License Required * Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred * Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands * Ability to push, pull, and lift up to 25 pounds * Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. * The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities * Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. * Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. * Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. * Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. * Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. * Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. * Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. * Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. * Implement and manage WAF policies and API gateways to safeguard cloud applications and services. * Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. * Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. * Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute. Required Education/Experience Master's Degree and with 3 years of relevant experience IT or Information security or Bachelor's Degree and with 5 years of relevant experience IT or Information security or Associate's Degree and with 6 years of relevant experience IT or Information security or High School Diploma/GED and with 8 years of relevant experience IT or Information security. Preferred Education/Experience Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute). Relevant Work Experience Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required. Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required. Knowledge of IAM, rolebased access control, and policy enforcement, required. Experience integrating cloud telemetry and logs with SIEM tools, required. Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required. Experience with scripting (Python, PowerShell, Bash) and automation, required. Experience with WAF and cloud API gateway configurations, required. Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required. Experience collaborating with cloud service teams for planning and remediation, required. Experience implementing application security best practices and training engineering teams, required. Familiarity with CDN operations, certificates, and brand monitoring preferred, required. Experience with SIEM integration, telemetry collection, and event analysis, preferred. Demonstrated experience leading technical teams or project groups, preferred. Experience with Container Security, preferred. Experience securing API endpoints and implementing advanced cloud application protections, preferred. Knowledge of AI/ML data protection and secure model deployment practices, preferred. Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred. Experience developing and delivering cloud security training and awareness programs, preferred. Skills and Abilities Effective leadership skills Demonstrated problem solving skills Demonstrated problem solving skills Strong written and verbal communication skills Ability to drive multiple projects to successful completion Proactively approaches responsibilities Licenses and Certifications Driver's License Required Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred Physical Demands Ability to push, pull, and lift up to 25 pounds Sit or stand to use a keyboard, mouse, and computer for the duration of the workday Additional Physical Demands The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays. Core Responsibilities Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth. Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture. Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement. Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively. Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms. Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect. Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities. Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting. Implement and manage WAF policies and API gateways to safeguard cloud applications and services. Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices. Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy. Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.