Security architect jobs in Charlotte, NC

STRATEGIC STAFFING SOLUTIONS HAS AN OPENING! This is a Contract Opportunity with our company that MUST be worked on a W2 Only. No C2C eligibility for this position. Visa Sponsorship is Available! The details are below. “Beware of scams. S3 never asks for money during its onboarding process.” Job Title: Information Security Engineer- Automation (Cisco ISE) Location: Charlotte, NC 28262/ Raleigh, NC 27607 Onsite Work Contract Length: 24+ Months Pay: 75-80 an hr on W2 About the Role We are seeking a highly motivated Information Security Engineer to design and implement automation solutions that streamline and enhance management of the Cisco Identity Services Engine (ISE) platform. This role is ideal for a proactive, self-directed engineer who thrives in complex environments and enjoys building scalable, secure automation that reduces manual effort and improves operational efficiency. You will play a key role in developing automation workflows, integrating systems via APIs, and collaborating with cross-functional teams to translate business and security requirements into reliable, maintainable solutions. Key Responsibilities Design, develop, and implement automation workflows to support Cisco ISE configuration, policy updates, and operational tasks Build and maintain Python-based automation scripts and Ansible playbooks aligned with business and security requirements Develop application and system integrations using RESTful and/or SOAP APIs, including authentication mechanisms (OAuth, JWT), data transformation, and error handling Create secure, scalable API integrations with internal systems and third-party services Utilize API testing tools such as Postman and Swagger to validate functionality, performance, and security compliance Integrate automation solutions with external platforms (e.g., HashiCorp Vault) for secure credential and secrets management Develop custom tooling to simplify administrative processes and reduce manual day-to-day operational tasks Collaborate with internal stakeholders to gather requirements and deliver scalable automation solutions Document automation architecture, workflows, and usage guidelines to support maintainability and knowledge transfer Troubleshoot, optimize, and enhance automation scripts for reliability, scalability, and performance Required Qualifications Strong experience managing network infrastructure as code Advanced Python development skills Proven experience building Ansible playbooks based on business and operational requirements Hands-on experience creating and maintaining technical documentation (automation architecture, READMEs, runbooks) Ability to work independently, adapt to evolving requirements, and navigate complex or ambiguous processes with minimal supervision Nice-to-Have Qualifications Experience with Cisco Identity Services Engine (ISE) Background in network engineering or network security Work Location & Schedule This is a hybrid role requiring 3 full days per week onsite (8 hours per day) at one of the following locations:

Role: Information Security Analyst/IAM Analyst Duration: 12+ months Interview: PH/MS Teams This position supports the Central Access Provisioning team within IAM Operations. Resources will assist during a transition from manual access processes to increased automation, flexing across IAM functions to address capacity gaps and operational needs. Required Experience 2+ years in IAM / Information Security / Access Management Hands-on experience with at least one IAM tool (SailPoint, Okta, CyberArk, Ping, Microsoft Entra ID) Working knowledge of authentication standards (LDAP, SAML, OAuth, OpenID, SCIM) Experience supporting access provisioning, deprovisioning, and identity lifecycle activities Exposure to security frameworks such as NIST, ISO, SOX, or PCI What We're Looking For Strong IAM operations background (not architect-level) Ability to work onsite and interact with business and security stakeholders Candidates who can start quickly and operate in a high-volume IAM environment Best Regards, Shubhangi Pokhriyal Technical Recruiter Sibitalent Corp 118 Carolynn Lane, Murphy, TX 75094 ****************** Email: *************************

CULTURE SNAPSHOT: Broad River Retail is an organization of integrity, diversity and culture working together for the purpose of ‘ Furnishing Life's Best Memories' . At Broad River, we call all our employees “Memory Makers.” We do this because we know everyone that works for our Company has the power to make positive memories not only for our Guests, but also for their families, co-workers, and communities. We take pride in training and developing our teams so that they can provide a premier customer experience to every Guest. Our Memory Makers are the driving force that has led us to being the largest and fastest growing Ashley licensee in the U.S. and landing us on the Top Places to Work list two years in a row in our industry. AT A GLANCE: The IT Security Manager reports directly to the VP of IT/BI and is part of the IT/BI Department. The IT Security Manager is responsible for safeguarding the organization's digital assets by managing and monitoring, detecting, and responding to security threats. This role involves conducting risk assessments, managing incident responses, and implementing security protocols to ensure the integrity, confidentiality, and availability of enterprise systems and data. DAY IN THE LIFE AS THIS MEMORY MAKER: Monitor security networks and systems for breaches or suspicious activity. Respond to security incidents and conduct thorough investigations. Perform vulnerability assessments and penetration testing. Develop and implement security measures and protocols. Analyze security alerts and determine appropriate response actions. Collaborate with IT teams to ensure secure system configurations. Prepare regular security reports for management. Conduct security awareness training for staff. Lead and manage security-related projects and initiatives. WHAT YOU'LL NEED TO SUCCEED: Bachelor's degree in Computer Science, Information Technology, or related field. 5+ years of experience in cybersecurity or related roles. 3+ years of Information Technology Management or related field Certifications such as CISSP, CISM, CEH, or GIAC preferred. Strong understanding of cybersecurity frameworks (e.g., NIST, ISO-27001, PCI-DSS). Experience with SIEM, IDS/IPS, firewalls, and endpoint protection tools. Excellent analytical, problem-solving, and communication skills. Ability to lead security-related projects and initiatives. Clearly convey ideas, expectations, and feedback to teams, ensuring transparency and alignment across all levels. Build strong relationships and a positive work culture. Address and resolve conflicts within the team, mediating differences and finding mutually beneficial solutions. Inspire and encourage team members, fostering a sense of purpose and driving performance toward shared goals. Respond to change with flexibility and a positive outlook, guiding teams through transitions and unforeseen challenges. Distribute tasks effectively based on team strengths, ensuring optimal workload balance and empowering others to take ownership. Mentor and provide constructive feedback to help team members grow, enhancing their skills and career development. WORKPLACE ENVIRONMENT: While performing the duties of this job the employee is: Prolonged periods sitting at a desk and working on a computer. Must be able to lift up to 15 pounds at a time. WORK SCHEDULE OUTLINED ON SITE, HYBRID, REMOTE WITH EXPECTATIONS Ability to work independently, as well as, in a collaborative team environment within an office setting. Physical requirements such as extended periods of sitting and computer use may be required. Physical requirements such as extended periods of standing may be required. Ability to communicate effectively verbally, in writing, and/or electronically. Ability to use logical reasoning for simple and complex problem solving. Travel up to 20% of your time. In accordance with the Americans with Disabilities Act (ADA), reasonable accommodations may be made to empower individuals with disabilities to undertake the essential duties and responsibilities of the position. MEMORY MAKER PERKS & BENEFITS: Salary Range based on background, skill, and experience Medical, dental, vision, and life insurance options Paid time off and 401K matching contribution Employee discount (40%) at BRR locations Internal Opportunities for career growth and advancement OUR COMMITMENT TO YOU: Broad River Retail is committed to creating a place where everyone feels respected, valued, and able to reach their full potential. Regardless of race, gender, religion, sexual orientation, age, disability, or if you're parenting the next generation of Memory Makers, we firmly believe our work is at its best when everyone feels free to be their most authentic self.

Insight Global is seeking a Cybersecurity Architect who is passionate about cybersecurity and has the analytical and multi-tasking abilities to thrive in a fast-paced environment. As a Cybersecurity Architect, you will ensure the technical feasibility and successful delivery of secure technology solutions. This role involves leading agile development, managing technical risks, providing expert technical guidance, and balancing agility with quality through effective security protocols. You must possess a strong technical background to ensure you are designing modular and scalable security architectures. Experience leading large cross-organizational cybersecurity projects and a well-rounded technical background in current cybersecurity technologies are essential. What You'll Do: - Architect, design, and deliver large-scale, reliable, maintainable, high-quality cybersecurity solutions and systems aligned with company guidelines and best practices. - Maintain comprehensive documentation and patterns for cybersecurity design, implementation, and maintenance, ensuring compliance with regulatory standards and internal policies. - Work with other cybersecurity SMEs to resolve the company's most difficult cybersecurity problems, develop groundbreaking solutions, and push the boundaries of cybersecurity technology in alignment with strategic business objectives. - Lead the craftsmanship, availability, resilience, and scalability of cybersecurity solutions. - Accountable for the technical feasibility and delivery of secure products. Address difficult and ambiguous cybersecurity problems spanning the interactions among multiple systems, products, organizations, people, and functions. - Model tech solutions by iteratively translating cybersecurity needs and business constraints into working designs. - Advisory Role: Advise on the best possible technical and innovative cybersecurity approaches. Balance agility and quality with the right security protocols. Lead and provide expert guidance and mentorship to Lead, and Senior engineers, lead technical discussions, and make architectural decisions that positively impact the product and company's direction. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements - Deep expertise in IAM or Cloud Security - Bachelor's degree in computer science, Information Systems, or a related field preferred. - 10+ years of experience in cybersecurity architecture and related fields. - Certifications in relevant areas (e.g., TOGAF, CISSP, CISM, CEH) desired. - Deep knowledge of network application and mobility security, security systems design, policy development, compliance, and incident response. - Experience in thought leadership and creating high-quality cybersecurity solutions. - Ability to work well across business units, building relationships to deliver on joint objectives and key results. - Expertise in building cybersecurity platforms. Experience working within Agile/Scrum/Kanban development teams.

E*Pro Consulting service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website ****************** Job Description FULL TIME PERM JOB-GC/GC EAD/US Citizens As a key contributor of the Finance Systems Roadmap Security and Controls team, individual will be responsible for working with project teams to obtain security and control requirements for an end state SAP ERP solution. Business requirements will be used to configure a role based security design within various SAP applications. These SAP applications include ECC, BI, BPC, PI, Enterprise Portal, CE, Bank Analyzer, Solution Manager, and GRC. Individual will be responsible for day to day system security configuration tasks and user administration throughout all project lifecycles and production support. Individual should have strong communication skills, ability to lead or participate in project workshops, and ability to share or transfer technical knowledge to less experienced team members Qualifications Relevant Years of Experience: 4+ Total IT experience: 5-7 years (or lesser with technical knowledge) Must Have Technical Qualifications: - Strong communication skills to facilitate working in a dynamic project environment - Role design, configuration, testing, and deployment methodology within SAP application architecture - Detailed knowledge of ABAP and Java based authorizations within SAP applications - SAP ECC Profile Generator (single roles, master / derived roles, composite roles) - SAP BI analysis authorization concepts - SAP BPC security and administration - SAP Central User Administration configuration and administration - SAP GRC configuration and administration - SAP Enterprise Portal UME administration Additional Information All your information will be kept confidential according to EEO guidelines.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

Discovery Education is seeking an experienced and strategic VP, Chief Information Security Officer to lead the continued maturation, implementation, and continuous improvement of our enterprise-wide information security and compliance programs. The person in this role will be responsible for protecting our corporate systems, customer-facing products, data assets, and brand reputation in an increasingly complex global environment. The ideal candidate will bring a balanced blend of strategic leadership, technical expertise, and business acumen, ensuring security is both a foundation of trust and an enabler of innovation at Discovery Education. In This Role You Will: Security Strategy & Governance Develop and execute a comprehensive information security strategy aligned with business goals and regulatory requirements. Establish governance frameworks and policies to ensure consistent and effective security practices. Enterprise & Product Security Oversee IT security operations, including network security, endpoint protection, identity and access management, and disaster recovery. Integrate security principles across the product development lifecycle, including secure coding, vulnerability management, and incident response. Risk & Compliance Management Lead programs to achieve and maintain compliance with ISO 27001, SOC 2, FERPA, COPPA, GDPR, and other relevant standards. Conduct risk assessments and implement mitigation strategies across the organization. Vendor & Third-Party Management Oversee third-party risk assessments and ensure vendors meet security requirements. Collaborate with Legal, IT, and Business Systems teams to manage vendor relationships. Incident Response & Crisis Management Lead proactive incident response planning and real-time management of security events. Develop and maintain crisis communication protocols. Data Privacy & Protection Partner with Legal, Product, Engineering, and Data teams to uphold global data privacy standards. Implement governance practices for data protection. Security Awareness & Education Promote a strong security culture through training, simulations, and executive tabletop exercises. Leadership & Collaboration Lead and develop a high-performing security team. Partner with IT, Engineering, Legal, and Product Management to embed security into business operations. Customer & Stakeholder Engagement Respond to customer security inquiries and support audits and contract reviews. Provide clear, actionable updates to executives and board-level stakeholders Core Competencies for Success: Strategic Mindset Drives Results Collaborates Manages Complexity Builds Effective Teams Communicates Effectively Instills Trust Tech Savvy Credentials and Experience: 10+ years of experience in information security leadership roles. Proven expertise in cloud-native environments (AWS preferred), SaaS security, and modern software development. Deep understanding of regulatory frameworks relevant to the education and technology sectors. Strong communication skills with the ability to translate technical issues into business impacts. Experience leading audits and certifications (ISO 27001, SOC 2 Type II). Bachelor's degree in Computer Science, Information Security, or related field; advanced degree or certifications (CISSP, CISM, CISA) preferred. Legal right to work in the United States Experience in K-12, EdTech, SaaS, or regulated industries. Familiarity with Microsoft Security Stack (Defender, Sentinel) and Hyperproof or similar compliance tools. Knowledge of AI-related security threats and mitigation strategies. M&A analysis experience. High integrity, ownership, and accountability. This role is designed to be hybrid in Charlotte, NC. The hiring range for this position is between $225,000 - $250,000 annually, however, base pay offered may vary depending on job-related knowledge, skills, experience, and location. Additionally, this position is eligible for an annual bonus.

ISSO Employment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success: * Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. * Maintain responsibility for managing cybersecurity risk from an organizational perspective. * Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership. * Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies. * Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO). * Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes. * Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF. * Provide subject matter expertise for cyber security and trusted system technology. * Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems. * Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. * Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring. * Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications: * Bachelor's Degree. * A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc. * eMASS experience. * Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher. * Strong desktop publishing skills using Microsoft Word and Excel. * Experience with industry writing styles such as grammar, sentence form, and structure. * Ability to multi-task in a deadline-oriented environment. Ideally, you will also have: * CISSP, CASP, or a similar certificate is preferred. * Master's Degree in Cybersecurity or related field. * Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking. * Demonstrated ability to work well independently and as a part of a team. * Excellent work ethic and a high commitment to quality. Our Commitment: Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package. Health, Dental, and Vision Life Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation! Explore additional job opportunities with CGS on our Job Board: ************************************* For more information about CGS please visit: ************************** or contact: Email: [email protected] #CJ $92,213.33 - $125,146.66 a year We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Job Description FLSA Status: Exempt Immediate Supervisor: CISO Date Revised: February 18, 2025 The Information Security Manager is a hands-on/ working manager position that defines, implements and monitors security policy for on-prem, cloud, and remote access deployments. The primary duty of the job is to maintain a security posture that allows the business to thrive while preventing a security breach. The IS Manager hires, retains, and trains an IS Engineer to assist with day-to-day duties. The IS team maintains on-premises firewall rules and active directory as well as overseeing vulnerability management. In the cloud, the IS Manager is responsible for designing security measures, and the IS team is responsible for their implementation and monitoring. The IS team also designs, implements, and maintains a remote access VPN for associates when working outside the corporate offices. Essential Functions: Demonstrate an understanding of all applications deployed, and data stored within the enterprise. Demonstrate an understanding of security measures that are in place and their role in securing the enterprise. Assess the threat of zero-day vulnerabilities and third-party risk to the enterprise. Take action to remediate such vulnerabilities. Effectively report status to executive management in terms of the threat level and associated risk. Assess risks related to general threat landscape. Identify, design and implement controls to mitigate those threats and prevent security breaches. Measure, monitor, and report on vulnerabilities that have been identified within the enterprise. Maintain on-premises firewall rules; maintain cloud security settings and restrictions; maintain remote access rules and restrictions. Identify new security related vendors as needed and assist in evaluating new and existing vendors from a security perspective. Participate and communicate effectively in external audits, third-party vulnerability scans, and regulatory examinations. Maintain, comply with, and develop Infovisa's policies, procedures, and strategies to provide a safe and efficient environment for Infovisa software to run and associates to work. Liaison with IT-ISAC, InfraGard, and other industry groups. Manage projects and create detailed technical documentation. Hire, train, mentor and manage associates on the security team. Qualifications: 10 years of information security experience required. Three years of management experience. Displays strong technical aptitude with IT Security, VPN, Endpoint Detection and Response, IIS, networking concepts and technologies, and other third-party and internally developed tools and technologies. Prefer familiarity with Check Point technologies. Prefer one or more applicable network security certifications. Valid driver's license. Four-year degree in information technology / systems, or computer science. Preferred Talents: Analytical and detailed. Effective communicator technically, in the board room, and with customers and coworkers. Organized. Independent with good judgment. Proven ability to multitask and prioritize projects. Self-directed and takes initiative. Working Environment: Mostly indoor work with occasional exposure to outdoor elements or hazards. Medium workload - lifting and/or carrying up to 20 pounds frequently and exerting up to 75 pounds of force occasionally. Some travel required. Weekend, evening and on-call. About Infovisa Infovisa is a leading provider of financial technology solutions delivered to forward-thinking trust, wealth management, and retirement professionals. Infovisa's solutions empower its clients to acquire new customers, invest assets effectively, manage trust and investment portfolios efficiently, and flexibly report results to customers. For more information about Infovisa, visit ***************** Follow us on LinkedIn. We are interested in every qualified candidate who is lawfully eligible to work in the United States. However, we are unable to sponsor visas. Infovisa, Inc. is an Equal Opportunity Employer. Powered by JazzHR RoeJ7o0DcN

FLSA Status: Exempt Immediate Supervisor: CISO Date Revised: February 18, 2025 The Information Security Manager is a hands-on/ working manager position that defines, implements and monitors security policy for on-prem, cloud, and remote access deployments. The primary duty of the job is to maintain a security posture that allows the business to thrive while preventing a security breach. The IS Manager hires, retains, and trains an IS Engineer to assist with day-to-day duties. The IS team maintains on-premises firewall rules and active directory as well as overseeing vulnerability management. In the cloud, the IS Manager is responsible for designing security measures, and the IS team is responsible for their implementation and monitoring. The IS team also designs, implements, and maintains a remote access VPN for associates when working outside the corporate offices. Essential Functions: Demonstrate an understanding of all applications deployed, and data stored within the enterprise. Demonstrate an understanding of security measures that are in place and their role in securing the enterprise. Assess the threat of zero-day vulnerabilities and third-party risk to the enterprise. Take action to remediate such vulnerabilities. Effectively report status to executive management in terms of the threat level and associated risk. Assess risks related to general threat landscape. Identify, design and implement controls to mitigate those threats and prevent security breaches. Measure, monitor, and report on vulnerabilities that have been identified within the enterprise. Maintain on-premises firewall rules; maintain cloud security settings and restrictions; maintain remote access rules and restrictions. Identify new security related vendors as needed and assist in evaluating new and existing vendors from a security perspective. Participate and communicate effectively in external audits, third-party vulnerability scans, and regulatory examinations. Maintain, comply with, and develop Infovisa's policies, procedures, and strategies to provide a safe and efficient environment for Infovisa software to run and associates to work. Liaison with IT-ISAC, InfraGard, and other industry groups. Manage projects and create detailed technical documentation. Hire, train, mentor and manage associates on the security team. Qualifications: 10 years of information security experience required. Three years of management experience. Displays strong technical aptitude with IT Security, VPN, Endpoint Detection and Response, IIS, networking concepts and technologies, and other third-party and internally developed tools and technologies. Prefer familiarity with Check Point technologies. Prefer one or more applicable network security certifications. Valid driver's license. Four-year degree in information technology / systems, or computer science. Preferred Talents: Analytical and detailed. Effective communicator technically, in the board room, and with customers and coworkers. Organized. Independent with good judgment. Proven ability to multitask and prioritize projects. Self-directed and takes initiative. Working Environment: Mostly indoor work with occasional exposure to outdoor elements or hazards. Medium workload - lifting and/or carrying up to 20 pounds frequently and exerting up to 75 pounds of force occasionally. Some travel required. Weekend, evening and on-call. About Infovisa Infovisa is a leading provider of financial technology solutions delivered to forward-thinking trust, wealth management, and retirement professionals. Infovisa's solutions empower its clients to acquire new customers, invest assets effectively, manage trust and investment portfolios efficiently, and flexibly report results to customers. For more information about Infovisa, visit ***************** Follow us on LinkedIn. We are interested in every qualified candidate who is lawfully eligible to work in the United States. However, we are unable to sponsor visas. Infovisa, Inc. is an Equal Opportunity Employer.

Hours: 40 Pay Details: $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions : The Manager Information Security manages / leads a team of Technology Controls / Information Security experts in the development and/ or management of relevant strategies, programs, tools, frameworks and policies and provides specialized oversight / control / governance activities for a key business line/segment or transformational (change the bank) strategic initiative / program, liaising across the organization and primarily interfacing with executive and/or functional stakeholders to minimize overall technology risks to the Bank for own area. Job Description: This position manages junior level penetration testers, vendor coordination for multiple testing services, processes, procedures and scheduling for penetration, dynamic scanning, and manual code review testing services. Responsibilities: * Vendor Management: Manage and coordinate penetration testing engagements with vendors. * People Management: Manage a team of Junior level penetration testers and their development. * DAST: Manage the DAST program and tooling. Familiarity with current industry tooling and technologies and those being introduced. * Facilitate Penetration Tests: Perform thorough and methodical penetration testing. * Evaluate and Assign: penetration tests to appropriate resources. * Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. * Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. * Develop Test Procedures: Design and execute detailed test requirements. * Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. * Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements; work closely with advisory and SDLC pipeline teams to ensure compliance; work closely with PCS team to manage PCI testing requirements. This position will collaborate with many application security teams. * Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies. * Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies. * Incidents: Act as a testing SME on incident calls; support testers on the calls. Depth & Scope: * Advanced knowledge of Bank, technology standards and managing people / projects * Leads a small team of IT professionals; coaches/ educates, monitors and manages team members * Strong communication, negotiation and organizational skills specifically including the ability to present options in business terms to both IT and business staff including executives Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience Preferred Qualifications : * Technical Skills: * Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. * Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. * Penetration testing, DAST, Manual Code Review knowledge. * Analytical Skills: Strong analytical and problem-solving abilities with attention to detail. * Organizational Skills: Manage documents and procedures for testing team. * Multi-tasking: This job requires exceptional ability to multi-task with multiple workstreams to manage daily. * Communication: Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. * Ethical Standards: Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards. * Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. * Familiarity with security standards and frameworks. * Previous experience managing and developing teams. * Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. * Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities * Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team #TDCyberSecurity #Hybrid Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Sr. Information Security Officer - Gen AI will be a member of the Business Information Security Office (BISO) residing within the Global Information Security (GIS) organization. In this role you will work closely with the line of business, their Chief Operating Officer (COO) and supporting technology teams from the Chief Information Officer (CIO)/Chief Technology Officer (CTO). This job is responsible for partnering with senior leaders to balance the needs of the business while ensuring information security risk are appropriately identified and managed to mitigate risk to the organization and drive uncompromising cyber security protection. The role will also support a group/team to develop a deep understanding of the business to lead specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities and enable you to provide guidance on information security topics, policies, and controls. Job expectations include acting as an integrated business partner with cross-functional senior leaders to provide blended security and business expertise to ensure appropriate business management of information security risks. This position will be integral to activities establishing and maintaining a strong security posture with respect to Generative Artificial Intelligence (AI) applications and workloads both internal and external to Bank of America. Key Responsibilities in order of criticality: * Leads cybersecurity risk assessments of Generative AI use cases, including assessment of the inherent risk and control effectiveness * Guides business leaders and technology organizations on initiatives requiring Global Information Security engagement and/or manage problem resolution on cyber security related issues * Serves as a common risk control partner to identify emerging security risks in the portfolio * Drives adherence and appropriate risk tolerance levels, operating in accordance with the information security policies defined to protect against threats to data confidentiality, integrity, and availability * Promotes awareness of current and emerging cybersecurity threats and advise on potential information security exposure * Facilitates risk reviews across logical and physical boundaries to identify gaps and recommend secure designs * Interprets the information security requirements outlined in policy, standards and procedures as well as reinforces requirements through education and awareness * Leads as a "security ambassador" to help business leaders drive strategic and innovative risk mitigation priorities and navigate the Global Information Security organization Required Qualifications: * 8+ years of experience in cybersecurity, with at least 2 years focused on cyber assessment of Artificial Intelligence or Machine Learning systems * A deep understanding of Generative AI/Large Language Models and assessment frameworks including MITRE ATLAS, OWASP Top 10 for LLM and GenAI, and NIST AI RMF * In-depth knowledge of cybersecurity threats, controls and technologies, with a deep understanding/experience with software developer experiences to bridge the gap between the theoretical and practical application * Ability to apply knowledge of internal and external information vulnerabilities to evaluate the degree of threat to an information system and answer tactical questions about current operations, predict future behavior or recommend appropriate mitigation countermeasures * Ability to manage and design controls that may contribute to a remediation plan developed to address policy, technology, environmental, and/or operational gaps * Ability to bring multiple stakeholders together, including senior business and technology leaders, and cut to the heart of issues to reach consensus * Ability to decompose complex issues and drive timely decisions, knowing when to engage others for additional input, and when to act independently * Bias for action and a commitment to build partnerships in a dynamic risk & threat driven environment * Strong interpersonal skills; ability to make effective presentations and communicate technical concepts to non-technical parties * Ability to identify, measure, monitor, and control risk as part of daily business activities, with a focus on specific risk types (e.g., Strategic, Credit, Market, Liquidity, Operational, Compliance, Reputational) * Ability to design, architect, analyze, support, and secure cloud-based workloads * Excellent communication, influencing and facilitation skills Shift: 1st shift (United States of America) Hours Per Week: 40

Information Security Engineer Duration: 12 Months contract with potential to extend The Information Security Engineer will play a critical role in ensuring the security and integrity of information systems. This position requires a highly organized and detail-oriented individual with strong communication and leadership skills. The ideal candidate will have experience in technology, network technologies, and information security, as well as the ability to collaborate with cross-functional teams to implement effective security solutions. Responsibilities: Develop and implement information security solutions and controls in collaboration with Security Architecture, Principal Engineers, and Subject Matter Experts. Conduct in-depth research, compile data, and perform detailed analysis to support security initiatives. Lead meetings effectively and provide concise communications to higher-level and executive leadership. Translate requirements into actionable information for both executive-level and individual-level stakeholders. Manage initiatives, including detailed planning, process management, and documentation. Utilize tools such as MS Office (Word, Excel, PowerPoint) to support project management and reporting. Qualifications: Strong organizational, multi-tasking, and prioritizing skills. Excellent communication and presentation skills. Proven experience in technology, network technologies, and information security, including firewalls, intrusion detection, and endpoint security. Demonstrated ability to work with cross-functional teams to identify and implement security solutions. Experience in cybersecurity and technology project management. Strong leadership skills and the ability to manage complex initiatives. About PTR Global: PTR Global is a leading provider of information technology and workforce solutions. PTR Global has become one of the largest providers in its industry, with over 5000 professionals providing services across the U.S. and Canada. For more information visit ***************** At PTR Global, we understand the importance of your privacy and security. We NEVER ASK job applicants to: Pay any fee to be considered for, submitted to, or selected for any opportunity. Purchase any product, service, or gift cards from us or for us as part of an application, interview, or selection process. Provide sensitive financial information such as credit card numbers or banking information. Successfully placed or hired candidates would only be asked for banking details after accepting an offer from us during our official onboarding processes as part of payroll setup. Pay Range: $55 - $60 The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits including medical, dental, vision and 401K contributions as well as any other PTO, sick leave, and other benefits mandated by appliable state or localities where you reside or work. If you receive a suspicious message, email, or phone call claiming to be from PTR Global do not respond or click on any links. Instead, contact us directly at ***************. To report any concerns, please email us at *******************

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. Join the Slalom Cloud Team -a team of trailblazers ensuring we achieve our strategic goals through innovation and investment in the future. You'll collaborate with local market teams, niche experts, and global partners to drive cloud solution sales and empower clients on their cloud transformation journey. As a key member of Slalom's Google Cloud Center of Excellence, you'll leverage our award-winning partnerships and multidisciplinary teams to deliver business value and technical excellence for high-impact security and infrastructure solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired but not required, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. Slalom is committed to fair and equitable compensation practices. For this role, we are targeting the following levels and salary ranges: East Bay, San Francisco, Silicon Valley: * Senior Consultant: $131,000-$196,500 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Senior Consultant: $120,000-$180,000 All other locations: * Senior Consultant: $110,000-$165,000 In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process.

Job DescriptionISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Mount Laurel, New Jersey, United States of America **Hours:** 40 **Pay Details:** $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Line of Business:** Technology Solutions **:** The Manager Information Security manages / leads a team of Technology Controls / Information Security experts in the development and/ or management of relevant strategies, programs, tools, frameworks and policies and provides specialized oversight / control / governance activities for a key business line/segment or transformational (change the bank) strategic initiative / program, liaising across the organization and primarily interfacing with executive and/or functional stakeholders to minimize overall technology risks to the Bank for own area. **Job Description:** This position manages junior level penetration testers, vendor coordination for multiple testing services, processes, procedures and scheduling for penetration, dynamic scanning, and manual code review testing services. **Responsibilities:** + **Vendor Management:** Manage and coordinate penetration testing engagements with vendors. + **People Management:** Manage a team of Junior level penetration testers and their development. + **DAST:** Manage the DAST program and tooling. Familiarity with current industry tooling and technologies and those being introduced. + **Facilitate Penetration Tests:** Perform thorough and methodical penetration testing. + **Evaluate and Assign:** penetration tests to appropriate resources. + **Vulnerability Assessment:** Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. + **Report Findings:** Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. + **Develop Test Procedures:** Design and execute detailed test requirements. + **Stay Current:** Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. + **Collaborate with Teams:** Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements; work closely with advisory and SDLC pipeline teams to ensure compliance; work closely with PCS team to manage PCI testing requirements. This position will collaborate with many application security teams. + **Perform Risk Assessments:** Evaluate and assess potential security risks related to new and existing systems and technologies. + **Compliance:** Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies. + **Incidents:** Act as a testing SME on incident calls; support testers on the calls. **Depth & Scope:** + Advanced knowledge of Bank, technology standards and managing people / projects + Leads a small team of IT professionals; coaches/ educates, monitors and manages team members + Strong communication, negotiation and organizational skills specifically including the ability to present options in business terms to both IT and business staff including executives **Education & Experience:** + Bachelor's degree preferred + Information security certification / accreditation an asset + 7+ years of relevant experience **Preferred Qualifications :** + **Technical Skills:** + Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. + Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. + Penetration testing, DAST, Manual Code Review knowledge. + **Analytical Skills:** Strong analytical and problem-solving abilities with attention to detail. + **Organizational Skills:** Manage documents and procedures for testing team. + **Multi-tasking** : This job requires exceptional ability to multi-task with multiple workstreams to manage daily. + **Communication:** Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. + **Ethical Standards:** Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards. + Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. + Familiarity with security standards and frameworks. + Previous experience managing and developing teams. + **Certifications:** Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. + Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities + Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team \#TDCyberSecurity #Hybrid **Physical Requirements:** Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% + Domestic Travel - Occasional + International Travel - Never + Performing sedentary work - Continuous + Performing multiple tasks - Continuous + Operating standard office equipment - Continuous + Responding quickly to sounds - Occasional + Sitting - Continuous + Standing - Occasional + Walking - Occasional + Moving safely in confined spaces - Occasional + Lifting/Carrying (under 25 lbs.) - Occasional + Lifting/Carrying (over 25 lbs.) - Never + Squatting - Occasional + Bending - Occasional + Kneeling - Never + Crawling - Never + Climbing - Never + Reaching overhead - Never + Reaching forward - Occasional + Pushing - Never + Pulling - Never + Twisting - Never + Concentrating for long periods of time - Continuous + Applying common sense to deal with problems involving standardized situations - Continuous + Reading, writing and comprehending instructions - Continuous + Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more (*************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at *************** . Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process. Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Front Line Units (FLU) / CIO executives. In this role, you will be supporting a group/team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls. Scale/Scope * Contribute to the ongoing information security initiatives and improvements development, implementation and maintenance of information security for FLU/Ops * Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for FLU/Ops * Aligned to Fraud Authentication , Financial Center, and Automated Teller Machines channel segments to drive a security strategy and to ensure appropriate security by design requirements execution * Provides guidance and advocacy regarding the prioritization of investments that impact information security * Advises management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs * Monitors information security trends internal and external to the bank and keeps leadership informed * Manages quality control and reporting * Ensures compliance with policies and laws Required Skills * Information Security & Technology professional with 10+ years' experience * 7+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations * Subject matter expertise in application security, vulnerability testing and development of risk appetite * Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (Cloud, PaaS) * Experience evaluating third party information security control and providing guidance to reduce risk on identify observations * Experience with information security for No SQL, Big Data , and unstructured data stores (Cassandra, Hadoop, and /or Teradata) * Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security application security controls * Exceptional executive presentation and communication skills * Excellent influencing and problem resolution skills * Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs * Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding * Strong leadership skills and qualities which enable you to work with peers and various levels of management Desired Skills: * Bachelors and/or Master's degree in Computer Science, Information Technology or related field * Experience working on cloud control assessment in Microsoft Azure, Amazon Web Services and Google Cloud Platform environments Risk Management * Drives GIS/FLU/Ops risk deliverables * Collaborates with risk partners on info security critical priorities * Participates in senior FLU/Ops specific Risk Management & Business Continuity Routines * Identifies and measures global information security (GIS) controls on most critical business processes or channels Leadership/Strategy * Ability to build strong Partner relationships with peer technology groups and supported FLU/Ops * Supports the triage process with the client and helps them understand the GIS support structure * Drives required risk culture and partnership with peer technology teams and supported FLU/Ops * Participates in key operating routines to drive information security risk strategy Shift: 1st shift (United States of America) Hours Per Week: 40

In this contingent resource assignment, candidate may: Participate in low to moderately complex initiatives and identify opportunity for process improvements within Information Security Analysis. Review and analyze basic or tactical Information Security Analysis assignments or challenges that require research, evaluation, and selection of alternatives, related to low-to-medium risk deliverables. Present recommendations for resolving low to moderately complex situations and exercise some independent judgment while developing understanding of function, policies, procedures, and compliance requirements. Provide information to client personnel in Information Security Analysis. Required Qualifications: 2 plus years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work or consulting experience, training, military experience, education. Desired Qualifications: Hands-on experience with IAM Tools (SailPoint, Okta, CyberArk, Ping, Microsoft Entra ID) Experience with authentication standards (LDAP, SAML, OAuth, Open ID, SCIM). Experience with security compliance frameworks (ISO, NIST, SOX, PCI) Ability to interact with various layers of leadership Ability to prioritize work, meet deadlines, and achieve deliverables Strong organizational, multi-tasking, and prioritizing skills Customer service focus with the ability to respond to requests in a timely manner Intermediate Microsoft Office (Word, Excel, Outlook, PowerPoint, Access, and Project) skills Pay Range: $40- $45 The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits including medical, dental, vision and 401K contributions as well as any other PTO, sick leave, and other benefits mandated by appliable state or localities where you reside or work.

ISSOEmployment Type: Full-Time, Experienced Department: Information Technology CGS is seeking an Information Systems Security Officer (ISSO) with DIACAP and/or RMF experience who has deep expertise in security assessment documentation to support Dept. of Commerce systems and efforts to achieve their Authorization to Operate (ATO). This position is located at the client site in the Herbert Hoover building in Washington, DC. The scope of this position includes full life-cycle Assessment and Authorization (A&A) management through all 6 Steps of the RMF process in support of the Government ISSM.In this role, you'll conduct security assessment, and information system security oversight activities in accordance with NIST 800.53 that support systems from the perspective RMF requirements. CGS brings motivated, highly skilled, and creative people together to solve the government's most dynamic problems with cutting-edge technology. To carry out our mission, we are seeking candidates who are excited to contribute to government innovation, appreciate collaboration, and can anticipate the needs of others. Here at CGS, we offer an environment in which our employees feel supported, and we encourage professional growth through various learning opportunities. Skills and attributes for success:- Review systems to identify potential security weaknesses and recommend improvements to amend vulnerabilities, implement changes, and document upgrades. - Maintain responsibility for managing cybersecurity risk from an organizational perspective. - Identify organizational risks, prioritize those risks, and maintain a risk registry for escalating and presenting those risks to senior leadership.- Provide security guidance and IS validation using the National Institute of Standards and Technology (NIST) RMF, DoC, and local security policies.- Providing configuration management (CM) recommendations for information system security software, hardware, and firmware and coordinating changes and modifications with the ISSM, Security Control Assessor (SCA), and Authorizing Official (AO).- Maintain vulnerability scanning tool compliance, such as HBSS or ACAS, and patch management, such as IAVM to ensure IT staff pushes patches to all systems in an effort to maintain compliance with all applicable directives, manage system changes, and assess the security impact of those changes.- Support security authorization activities, including transitioning from the legacy Information Assurance Certification and Accreditation Process (DIACAP) to compliance with the DoC RMF.- Provide subject matter expertise for cyber security and trusted system technology. - Apply advanced technical knowledge and analysis of specialized functional areas in task requirements to develop solutions to complex problems.- Research, write, review, disposition feedback, and finalize recommendations regarding cyber security policy, assessment and authorization assessments (A&As), security test and evaluation reports, and security engineering practices and processes. - Conduct research and write risk assessment reports to include risk thresholds, evaluation, and scoring.- Support analysis of the findings and provide expert technical guidance for mitigation strategies, including implementation advice on the cyber security risk findings, and other complex problems. Qualifications:- Bachelor's Degree.- A minimum of five (5) years experience as an Information Assurance (IA) Analyst, ISSE, ISSO, or similar role in ATO package development, including generating security documentation for requirements, security control assessment, STIG and IAVA compliance, Standard Operating Procedures, test results, etc.- eMASS experience.- Professional security certification such as: CCNA Security, CySA+, GICSP, GSEC, CompTIA Security+ CE, SSCP, or higher.- Strong desktop publishing skills using Microsoft Word and Excel.- Experience with industry writing styles such as grammar, sentence form, and structure.- Ability to multi-task in a deadline-oriented environment. Ideally, you will also have:- CISSP, CASP, or a similar certificate is preferred.- Master's Degree in Cybersecurity or related field.- Strong initiative, detail orientation, organizational skills, and aptitude for analytical thinking.- Demonstrated ability to work well independently and as a part of a team.- Excellent work ethic and a high commitment to quality. Our Commitment:Contact Government Services (CGS) strives to simplify and enhance government bureaucracy through the optimization of human, technical, and financial resources. We combine cutting-edge technology with world-class personnel to deliver customized solutions that fit our client's specific needs. We are committed to solving the most challenging and dynamic problems. For the past seven years, we've been growing our government contracting portfolio, and along the way, we've created valuable partnerships by demonstrating a commitment to honesty, professionalism, and quality work. Here at CGS we value honesty through hard work and self-awareness, professionalism in all we do, and to deliver the best quality to our consumers mending those relations for years to come. We care about our employees. Therefore, we offer a comprehensive benefits package.Health, Dental, and VisionLife Insurance 401k Flexible Spending Account (Health, Dependent Care, and Commuter) Paid Time Off and Observance of State/Federal Holidays Contact Government Services, LLC is an Equal Opportunity Employer. Applicants will be considered without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Join our team and become part of government innovation!Explore additional job opportunities with CGS on our Job Board:**************************************** more information about CGS please visit: ************************** or contact:Email: ******************* #CJ