Security architect jobs in Cincinnati, OH

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Seramount, Fair360 and others. If you're as passionate about your future as we are, join our team. KPMG is currently seeking a Director, Tech Engineering to join our Tax Ignition Group. Responsibilities: * Lead the function of responding to clients' security inquires * Meet with clients to answer their security questions and negotiate compensating controls when there are gaps between client requirements and our product offerings * Drive innovation and improvement in the client security inquiry process such incorporating Artificial Intelligence into the process, creating additional collateral such as whitepapers, managing metrics, and improving the tooling and interactions with requestors * Partner with various groups within Tax's technology function and business teams to incorporate trends into product roadmaps; collaborate with other compliance teams, and raise awareness around client security requirements * Review and respond to client security questionnaires and assessments * Build and maintain a knowledge base of common client questions Qualifications: * Minimum ten years of recent experience in Information Technology (IT) security compliance, risk management or related IT security within a large IT organization, preferably within a professional services firm, software product, or other highly regulated environment * Bachelor's degree from an accredited college or university is preferred * Deep understanding of cloud architecture, modern software development, and technical security controls is required; Azure experience is preferred * Strong executive presence, negotiation, presentation, and communication skills are required; excellent analytical and problem-solving skills to assess complex security issues and develop effective solutions; capability to work effectively in a global environment, understanding diverse cultural perspectives and international client needs * Proven experience in client-facing roles, particularly in handling security inquiries, negotiations, and managing client relationships; demonstrated ability to drive innovation and continuous process improvement, particularly in integrating new technologies and methodologies into existing processes * Demonstrated knowledge of industry authoritative sources such as COBIT, NIST, ISO standards; CISM, CISA, ISO 27001 Auditor, LSS Green Belt, CRISC, CIPP, CGEIT or ITIL preferred * Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Reports to: Chief Information Officer (CIO) Company: Global Industrial Manufacturing ($3B Revenue) Team: 12 global employees (USA, Germany, India) Budget: $3M Opex The Vice President & Chief Information Security Officer (CISO) is the senior-most leader responsible for the global Information Security program. This role sets the strategy, establishes governance, oversees execution of technical and operational controls, and ensures the protection of the company's data, systems, and digital assets across a complex global manufacturing environment. The CISO leads a distributed team across the U.S., Germany, and India, and partners closely with IT, Legal, Compliance, and business leadership to manage cyber risk, secure new technologies, and meet regulatory and customer expectations. This role presents quarterly to the Audit Committee and Executive Management Team on cybersecurity posture, risks, and key initiatives. Key Responsibilities Strategic Leadership & Governance Develop and execute the global information security strategy aligned to business objectives and risk appetite. Provide quarterly cybersecurity updates to the Audit Committee and Executive Management Team. Establish security governance, policies, and standards consistent with leading frameworks (NIST CSF, ISO 27001, CIS). Oversee enterprise risk assessments and maintain a risk-based roadmap for continuous improvement. Security Operations & Technical Controls Lead the design, implementation, and management of all security technologies and controls including endpoint protection, identity & access management, SIEM/SOC operations, cloud security, vulnerability management, and network security. Ensure proactive monitoring, rapid detection, and response to security incidents across global operations. Oversee business continuity and disaster recovery security components in partnership with Infrastructure and Applications teams. Security Architecture & New Technology Reviews Embed security-by-design into IT and business projects, including cloud, ERP, operational technology (OT), and Industry 4.0 initiatives. Conduct architectural reviews and threat modeling for new technologies and digital transformation efforts. Compliance, Privacy & Legal Collaboration Partner closely with Legal to ensure compliance with global data privacy laws, including GDPR, CCPA, and emerging regulations. Oversee data protection practices, records retention security considerations, and reporting obligations related to data privacy incidents. Third-Party & Customer Security Lead the global third-party risk management program, including supplier assessments and ongoing monitoring. Respond to and manage customer security inquiries, audits, and contractual security requirements. Drive vendor governance for security tools, MSSP partnerships, and other outsourced services. Team Leadership & Budget Management Lead a global Information Security team of 12 across the U.S., Germany, and India. Manage a $3M annual operating budget, ensuring cost-effective investments in technology, services, and capabilities. Mentor, develop, and scale the team to support global manufacturing operations and business growth. Qualifications Required 10+ years of progressive experience in Information Security leadership roles. Minimum 3 years as a CISO or a deputy/second-in-command security leader in a larger enterprise. Deep expertise in security operations, architecture, governance, risk, compliance, and incident response. Strong working knowledge of NIST CSF, ISO 27001, CIS Controls, and modern cybersecurity technologies. Experience in global environments and working with distributed teams. Demonstrated ability to present complex cybersecurity topics to Audit Committees and senior executives. Experience managing multimillion-dollar security budgets. Strong understanding of GDPR, CCPA, and global privacy regulations. Preferred Experience in industrial manufacturing or OT/ICS security environments. Certifications such as CISSP, CISM, CISA, CCSP, or similar. Familiarity with ERP environments, cloud security (Azure/AWS), and M&A cybersecurity integration. Experience working with India-based operations or offshore security teams. Personal Attributes Executive presence and strong communication skills. Business-oriented mindset with the ability to translate technical issues into business risk. Proven ability to drive process discipline, build governance, and mature a security program. Collaborative leadership style with strong partnership skills across IT, Legal, and business units. #LI-SC1 Who we are: Hillenbrand (NYSE: HI) is a global industrial company that provides highly-engineered, mission-critical processing equipment and solutions to customers in over 100 countries around the world. Our portfolio is composed of leading industrial brands that serve large, attractive end markets, including durable plastics, food, and recycling. Guided by our Purpose - Shape What Matters For Tomorrow™ - we pursue excellence, collaboration, and innovation to consistently shape solutions that best serve our associates, customers, communities, and other stakeholders. To learn more, visit: ******************** EEO: The policy of Hillenbrand Inc. is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, Hillenbrand Inc. and our operating companies are committed to being an Equal Employment Opportunity (EEO) Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us @recruitingaccommodations@hillenbrand.com . In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying. At Hillenbrand, everyone is welcome to apply and "Shape What Matters for Tomorrow".

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G. Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide. Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands. From Day 1, you'll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful work that will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded. The Opportunity Are you a person who is passionate about breaking applications, devices, services and/or processes to help protect them against the world's most advanced cyber security adversaries? The Information Security Protect organization at P&G is responsible for providing a realistic depiction of threat actor behaviors and scenarios during simulated exercises. We drive improvements to applications and systems, as well as detection and response capabilities through regular testing of security controls across the enterprise. Responsibilities: + Lead end-to-end red team operations aligned to priority threat actors: scenario design, ROE, pre-briefs, execution, and hot-wash/AAR. + Support purple-team engagements with DFIR/SOC and Detection Engineering to convert TTPs into durable detections, runbooks, and response improvements with measurable outcomes. + Orchestrate assumed-breach campaigns emphasizing evasion and control bypass (EDR/AV, email/web security, identity/conditional access, network segmentation, cloud guardrails). + Perform campaign/TTP research, develop internal PoCs/tooling (e.g., tradecraft to exercise specific controls, lightweight payloads), and steward OPSEC. + Produce executive-ready risk narratives and technical reporting (ATT&CK mapping, artifacts, evidence handling) and brief senior leadership. + Mentor junior engineers; set standards for craft quality, methodology, and safety. + Coordinate multi-party/third-party exercises; manage risk, deconflict with production, and ensure stakeholder alignment. + Contribute to operational expansion by researching, prototyping, and developing novel capabilities for offensive use. + Contribute to program maturity: metrics/KPIs, roadmap, methodology standardization, control validation cadence, and integration with vulnerability management. Job Qualifications Required: + BA or BS degree in Information Security, Cyber Security, Computer Science, or related field (OR 7+ years of relevant experience required in lieu of a degree). + 5+ years running offensive or emulation operations in large/complex environments, with demonstrated impact on detections/response. + Expertise across 2+ domains: enterprise/web/mobile apps; identity; cloud (AWS/GCP/Azure); network/endpoint; IoT/OT; or directory services. + Proven ability to bypass preventative/detective controls and reach mission objectives while maintaining safety and ROE. + Strong engineering skills (Python, PowerShell, GO, C++, Web Frameworks); comfort with low-level concepts a plus) and familiarity with C2 tradecraft. + Deep command of MITRE ATT&CK and threat-informed defense; history partnering with DFIR/SOC and Detection Engineering. + Excellent executive and technical communication. + Ability to work in Cincinnati, Ohio based office 3 days per week. Preferred: + Leadership of purple-team campaigns and incident-driven emulations; closed-loop improvements with measurable KPI movement. + Building program metrics/KPIs, standardizing reporting, and integrating with risk governance. + Threat-intel integration: actor/campaign analysis, hypothesis generation, and prioritization tied to business impact. + Identity and cloud attack paths (SSO, MFA, OAuth, PAM; AWS/GCP/Azure control planes) with hardening collaboration across platform/IDAM teams. + Coordinating large third-party exercises and setting complex ROE. Pay Range: $110,000 - $165,000 Compensation for roles at P&G varies depending on a wide array of equal opportunity factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process. Our company is committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ's, please click HERE (******************************************************* . P&G participates in e-verify as required by law. Qualified individuals will not be disadvantaged based on being unemployed. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Job Schedule Full time Job Number R000138781 Job Segmentation Experienced Professionals Starting Pay / Salary Range $110,000.00 - $165,000.00 / year

NLB Services offers a wide-range and best-in-class suite of value-based business solutions comprising of IT services, HR solutions, On-site & Off-site Outsourcing and Consulting services that are built on its robust process domain and people management expertise. At NLB Services, we believe in a work culture that is open and energetic. Our operational methodology is clear and object oriented, blended with flexibility and a proactive attitude to help us focus on developing the right expertise that is required to deliver an unmatched set of services and products. Our team of experts works 24/7 to add value to your existing business and help you grow exponentially. Hi, My Name is Ajay Singh and I'm a Resource Manager at Next Level Business Services, Inc. Please find the below and respond with an expected salary range, suitable time to call and contact details. Also, attach a copy of your updated resume. Position Title: SAP HANA and BOBJ Security Consultant Location: Cincinnati, OH Hire Type: Full Time Only Salary: As per Market Job Description: 1. Designing Overall Security for SAP HANA implementation 2. Create customized roles in HANA DB for Developers, Modelers, Technical Admins, End Users, Power Users. 3. Design, Restrict and Control authorizations for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges for various Schema Users 4. Define controls to restrict Create, Drop, Alter other DB Admin rights on HANA DB Schema and its objects 5. Transportation of Security Objects/Roles within HANA Landscape 6. Users creation and Role assignment 7. Setting up Password policy 8. Create Groups in BOBJ Server for different type of Users (Admins, Managers, Developers, End Users etc..) 9. Define and Control access to various Folders 10. Setup SSO with AD or LDAP for SAP, Enterprise and other types of Authentication 11. Define & Control access at Object level for different types of BOBJ Reports (Full control, View, Schedule, View on Demand) 12. Transportation of Security objects within BOBJ Landscape 13. Integration of BOBJ Security with HANA DB Security Roles Thanks, Ajay Singh Additional Information All your information will be kept confidential according to EEO guidelines.

Cintas is currently looking for an IT Security Engineer-Level 2 for the IT Security Team within IT. This role researches, recommends and implements changes to enhance information systems security and monitoring capabilities. The Information Security Engineer-Level 2 is responsible for: engineering solutions (processes, technologies) to mitigate control gaps; presenting proposed solutions to IT management; coordinating with vendors for proof-of-concept, proof-of-value, and pilot exercises; reviewing information systems to identify potential security weaknesses, recommending improvements to reduce vulnerabilities; taking part of on-call rotation to triage any potential security incidents; participating in network and systems design to ensure implementation of appropriate systems security policies; maintaining and growing knowledge and understanding of information security, risk management and regulatory compliance topics, providing occasional after hours and weekend support for project efforts; acting as mentor for junior engineers; and working collaboratively with various Cintas partners to design, build, and deploy security frameworks. **Skills/Qualifications** REQUIRED: + High school diploma/GED required; Bachelor's degree in Computer Science or related IT area, preferred + Minimum 7 years of experience in Information Technology + Minimum 4 years of experience in Information Security + Strong knowledge of cyber security practices and procedures + Strong knowledge of networking and infrastructure best practices + Ability to act as the primary SME for Cloud Security + Strong working knowledge of the CSF Framework + Strong working knowledge of GCP, GCVE required; Azure preferred Preferred: + Industry certifications (e.g., GCP, ACE) Benefits Cintas offers comprehensive and competitive medical, dental and vision benefits, with premiums below the national average. We offer flexibility with four different medical plan options; one plan is offered at zero cost. Additionally, our employee-partners enjoy: - Competitive Pay - 401(k) with Company Match/Profit Sharing/Employee Stock Ownership Plan (ESOP) - Disability, Life and AD&D Insurance, 100% Company Paid - Paid Time Off and Holidays - Skills Development, Training and Career Advancement Opportunities Company Information Cintas Corporation helps more than one million businesses of all types and sizes get Ready to open their doors with confidence every day by providing products and services that help keep their customers' facilities and employees clean, safe, and looking their best. With offerings including uniforms, mats, mops, towels, restroom supplies, workplace water services, first aid and safety products, eye-wash stations, safety training, fire extinguishers, sprinkler systems and alarm service, Cintas helps customers get Ready for the Workday . Headquartered in the U.S., Cincinnati, OH, Cintas is a publicly held Fortune 500 company traded over the Nasdaq Global Select Market under the symbol CTAS and is a component of both the Standard & Poor's 500 Index and Nasdaq-100 Index. Cintas Corporation is proud to be an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, age, genetic information, disability, protected veteran status, or any other characteristic or category protected by local, state, or federal law. This job posting will remain open for at least five (5) days. **Job Category:** Information Technology **Organization:** **Employee Status:** Regular **Schedule:** Full Time **Shift:** 1st Shift

Job Title: Cybersecurity Engineer Labor Category: Exempt Clearance Requirement: Secret - As required Salary: $130,000-$175,000 Travel Requirement: 25% At Tlingit Haida Tribal Business Corporation (THTBC), your work goes beyond the job description-it becomes part of a purpose-driven legacy. Our continuous commitment to growth directly contributes to the strength, resilience, and future of the communities we support. Our growth fuels programs, services, and lasting value for the Tribe, making every success a shared one. For over 35 years THTBC and its subsidiaries has delivered essential services to federal clients across the globe. Whether supporting logistics, information technology, cyber security, or facilities operations, we are united by a shared mission: to create meaningful economic opportunity and growth of the Tlingit & Haida Tribes of Alaska. Together We Grow - One Mission, One Team - With a Commitment to Serve Scope of Work: This position is in support of the sustainment and modification of the United States Air Force (USAF) Electronic Technical Information Management System (ETIMS) program. The primary purpose of this position is to support the ETIMS mission by ensuring all systems, applications, and processes comply with Department of Defense (DoD), Air Force (AF), and federal cybersecurity requirements. The role ensures cybersecurity requirements are integrated into information systems and components through deliberate security design, development, and configuration, in alignment with frameworks such as the Risk Management Framework (RMF) and NIST standards. Responsibilities: Serving as a subject matter expert in security architecture to include providing advice to Program Managers, Customer technical experts, and internal program teams. Ensure all products, deliverables, and activities align with Federal, CNSS, DoD, and AF cybersecurity policies, including: NIST SP 800-37, 800-53, 800-171 CNSSI 1253 DoD 8500-series and DoDI 8510.01 (RMF for DoD IT) AFI 17-series publications and DoD 8140 workforce requirements Integrate cybersecurity considerations into Continuous Integration/Continuous Deployment (CI/CD) methodologies and program management schedules. Identify, manage, verify, and trace security controls across the entire system lifecycle, ensuring alignment with Test & Evaluation (T&E) and overall risk management processes. Implement and document comprehensive cybersecurity assurance measures across all layers of the TCP/IP model (network, transport, application, data link, and physical). Develop and maintain RMF documentation and artifacts, including Security Plans, Vulnerability Assessments, and Test Results, to support system authorization. Ensure compliance with DoDI 8520.02 (PKI and PK Enabling) and DoDI 8520.03 (Identity Authentication), maintaining standardized encryption, digital signature, and authentication mechanisms. Deliver secure applications compliant with DISA STIGs and Cloud One cybersecurity requirements. Conduct static application security testing (SAST) using PMO-approved tools and maintain a Software Bill of Materials (SBOM) for each release (e.g., SPDX, CycloneDX, SWID). Apply secure coding standards (e.g., OWASP Top Ten, CERT) and ensure prompt remediation of vulnerabilities. Generate and provide cybersecurity testing reports, mapping findings to applicable STIG and Cloud One controls. Use automated tools and processes wherever practical, seeking PMO approval for any deviations. Perform other duties as assigned. Minimum Requirements: Seven (7) years of experience supporting DoD or Air Force cybersecurity programs. Compliant with DoDI 8140 Intermediate Level Certifications (Security+, CySA, CAP, CASP CE, CISM, CISSP or Associate) Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field. Strong knowledge of NIST RMF, DoD 8500-series, and DISA STIG compliance. Experience with SAST, SBOM tools, and secure software development practices. Experience supporting AF programs or Cloud One environments. Familiarity with CI/CD security integration and automated compliance tools. Advanced certification (e.g., CASP+, CCSP, or CISSP-ISSAP) preferred. Must be able to satisfactorily obtain and maintain a government security clearance as required by the contract. Must be able to maintain ability to access government worksite. Must possess and maintain a valid state driver's license and a safe driving record, in accordance with company policy, to operate vehicles or equipment as required for the position. Physical Demands / Work Environment: Ability to sit or stand for extended periods while working at a computer or desk. Frequent use of hands for typing, data entry, and handling paperwork. Must be able to work on-call, alternate, and extended shift schedules when necessary to meet the mission requirements, including weekends and holidays. All candidates must successfully complete pre-employment screening, which may include but is not limited to a criminal background check, motor vehicle record review, and a 5-panel drug test, in accordance with company policy and applicable laws. Benefits: We offer a flexible benefits package including medical, dental, and vision plans, TRICARE Supplemental, critical illness coverage, employee discounts, wellness seminars, company-paid life and short-term disability insurance, optional long-term disability, paid leave, a 401(k) plan, and identity theft protection to support your health and financial well-being. For represented positions, the benefits and leave offered will be as defined under the applicable Collective Bargaining Agreement. Equal Employment Opportunity: We are proud to be an equal opportunity employer and comply with all applicable federal, state, and local employment laws. All applicants will be considered for employment without regard to race, color, religion, creed, national origin, gender, gender identity, age, marital status, sexual orientation, veteran status, disability, pregnancy, parental status, or any other characteristic protected by law. Reasonable Accommodation: If you have a disability or medical condition and need reasonable accommodation, please inform the designated recruiter during the hiring process.

At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations. Join Accenture Federal Services, a technology company and part of global Accenture, to do work that matters in a collaborative and caring community, where you feel like you belong and are empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more. Join us to drive positive, lasting change that moves missions and the government forward! We are seeking an experienced Information Systems Security Officer to lead security oversight for our secure cloud platform implementations supporting government customers. This role ensures continuous compliance with federal security standards while enabling agile delivery of cloud infrastructure solutions in classified and sensitive environments. **What you'll do:** + Security Program Leadership + Serve as primary security authority for secure cloud platform implementations + Develop and maintain Information System Security Plans (ISSP) for government systems + Lead security control assessments and continuous monitoring programs + Coordinate with government security officers, SCAs, ISSMs, and AOs for system authorization + Risk Management & Compliance + Implement and maintain Risk Management Framework (RMF) processes + Conduct security control assessments using NIST 800-53 and DoD requirements + Manage Plan of Action & Milestones (POA&M) and security remediation efforts + Ensure continuous compliance with FedRAMP, FISMA, and DoD security standards and applicable overlays + Cloud Security Architecture + Design security controls for multi-cloud and hybrid government environments + Implement cloud-native security solutions: encryption, IAM, network segmentation + Configure security monitoring and incident response capabilities + Validate security implementations against STIG and CIS benchmarks + Security Integration & DevSecOps + Integrate security controls into CI/CD pipelines and Infrastructure as Code + Implement security automation and continuous compliance monitoring + Collaborate with engineering teams to embed security throughout delivery lifecycle + Conduct security reviews for cloud architecture and deployment patterns + Documentation & Reporting + Maintain security documentation packages for government reviews and audits in defined systems including but not limited to eMass + Prepare security deliverables: SSP, SAR, security briefings, and compliance reports + Support security audits, assessments, and customer security reviews + Create security standards, procedures, and training materials + Tools + Work in AWS GovCloud, Azure Government, or Oracle Cloud + Work with vulnerability scanners, SIEM, monitoring platforms + Handle Infrastructure as Code security: Terraform, CloudFormation security + Review container security: Kubernetes security, container scanning, runtime protection + Review network security: VPC design, firewalls, intrusion detection **What you'll need:** + 5 years cybersecurity experience with government systems and cloud environments + 3 years direct ISSO experience supporting federal programs or systems + 3 years' experience with risk management frameworks (RMF) and security control implementation + 6 months of eMASS experience + Demonstrated experience with FedRAMP, FISMA, and DoD security compliance requirements + Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field or 4 years of comparable work or military experience + CompTIA Security+ (current) or equivalent DoD 8570 IAT Level II certification required **Bonus points if you have:** + CISSP, CISM, or GIAC certification + AWS certification - Solutions Architect - Associate **Security Clearance:** An active Secret level clearance is required; TS/SCI preferred As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of **California, Colorado, Hawaii, Illinois, Maryland,** **Massachusetts,** **Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland** . The base pay range for this position in these locations is shown below. Compensation for roles at Accenture Federal Services varies depending on a wide array of factors, including but not limited to office location, role, skill set, and level of experience. Accenture Federal Services offers a wide variety of benefits. You can find more information on benefits here. (********************************************************************* We accept applications on an on-going basis and there is no fixed deadline to apply. The pay range for the states of California, Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland is: $98,500-$184,900 USD **_What We Believe_** _As a company wholly dedicated to serving the US federal government, we bring together the best talent to help reinvent how federal agencies operate and deliver greater value for their mission and the American people. We have an unwavering commitment to creating a culture in which all our people are respected, feel a sense of belonging, and have equal opportunity. As a business imperative, every person at Accenture Federal Services has the responsibility to create and sustain a culture where everyone feels welcomed and included. This is grounded in our core values and our experience that hiring and developing great people who reflect different perspectives, experiences, and backgrounds is key to driving innovation and delivering the results that our clients and the country count on._ **_Equal Employment Opportunity Statement_** _We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities. For details, view a copy of the Accenture Federal Services Equal Opportunity Policy Statement. (**************************************************************************** _Accenture Federal Services is an Equal Employment Opportunity employer. Additionally, as an Affirmative Action Employer for Veterans and Individuals with Disabilities, Accenture Federal Services is committed to providing veteran employment opportunities to our service men and women._ **_Requesting An Accommodation_** _Accenture Federal Services is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture Federal Services and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired._ _If you_ **_ _** _are being considered for employment opportunities with Accenture Federal Services and need an accommodation for a disability or religious observance during the interview process or for the job you are interviewing for, please speak with your recruiter._ **_Other Employment Statements_** _Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States._ _Candidates who are currently employed by a client of Accenture Federal Services or an affiliated Accenture business may not be eligible for consideration._ _Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process._ _The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information._ _California requires additional notifications for applicants and employees. If you are a California resident, live in or plan to work from Los Angeles County upon being hired for this position, please click here (********************************************************************************* for additional important information._

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: R&D Product Development Job Sub Function: R&D Software/Systems Engineering Job Category: Scientific/Technology All Job Posting Locations: Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America : About Surgery Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech. We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH. Job Description: The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment You will be responsible for: Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. Advise embedded system security software to ensure system hardening and secure coding practices. Support all stakeholders on patch management, vulnerability handling, and SBOM scanning Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) Qualifications / Requirements: Education: Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree Experience and Skills 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment Proven experience with threat modeling and risk assessments for connected products or medical devices Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. Proven experience with electrical and embedded software design Experience developing software for embedded Real-Time Operating Systems (RTOS) Experience developing embedded software systems using Modern C++ (preferably standards 17+) A results and performance driven demeanor with strong sense of accountability Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles Preferred Skills & Experience: Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) Work experience with Systems Engineering activities: requirements management and development, risk management, and verification Strong collaboration, proven technical leadership capabilities, and conflict resolution skills A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX Other Requirements: Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: Vacation - up to 120 hours per calendar year Sick time - up to 40 hours per calendar year Holiday pay, including Floating Holidays - up to 13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via *******************/contact-us/careers . internal employees contact AskGS to be directed to your accommodation resource. #RADSW #Li-Hybrid Required Skills: Preferred Skills:

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: R&D Product Development Job Sub Function: R&D Software/Systems Engineering Job Category: Scientific/Technology All Job Posting Locations: Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America : About Surgery Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech. We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH. Job Description: The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment You will be responsible for: Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. Advise embedded system security software to ensure system hardening and secure coding practices. Support all stakeholders on patch management, vulnerability handling, and SBOM scanning Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) Qualifications / Requirements: Education: Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree Experience and Skills 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment Proven experience with threat modeling and risk assessments for connected products or medical devices Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. Proven experience with electrical and embedded software design Experience developing software for embedded Real-Time Operating Systems (RTOS) Experience developing embedded software systems using Modern C++ (preferably standards 17+) A results and performance driven demeanor with strong sense of accountability Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles Preferred Skills & Experience: Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) Work experience with Systems Engineering activities: requirements management and development, risk management, and verification Strong collaboration, proven technical leadership capabilities, and conflict resolution skills A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX Other Requirements: Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: Vacation - up to 120 hours per calendar year Sick time - up to 40 hours per calendar year Holiday pay, including Floating Holidays - up to 13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via *******************/contact-us/careers . internal employees contact AskGS to be directed to your accommodation resource. #RADSW #Li-Hybrid Required Skills: Preferred Skills:

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information Security, Information Security Management, Information System Security Certifications: None Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) II is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include: Assist the ISSM in meeting their duties and responsibilities. Prepare, review, and update authorization packages. Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Notify ISSM when changes occur that might affect the authorization determination of the information system(s). Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure all IS security-related documentation is current and accessible to properly authorized individuals. Ensure audit records are collected, reviewed, and documented (to include any anomalies) Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. Prepare reports on the status of security safeguards applied to computer systems. Perform ISSO duties in support of in-house and external customers. Conduct continuous monitoring activities for authorization boundaries under your preview. Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: 5+ years related experience. 2+ years SAP experience required. Prior performance in roles such as System, Network Administrator or ISSO. Education: Bachelor's degree OR Associate's degree in a related area + 2 years' experience OR equivalent experience (4 years) Certifications: IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II - within 6 months of hire Clearance Required to Start: TS/SCI required Must be able to Attain - TS/SCI with CI Polygraph #AirforceSAPOpportunities The likely salary range for this position is $92,735 - $125,465. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA OH Dayton Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Job Title: Senior Security Engineer TOP SKILLS: Top 3 Required Skills: Experience managing data protection and security controls in MS O365 (SharePoint, OneDrive, Teams) Hands-on experience configuring Data Classification Labels, Retention Policies, and DLP rules Strong technical communication and collaboration skills, with the ability to gather business context and explain security solutions clearly What You'll Do We are seeking a highly technical, hands-on Security Engineer to support our enterprise data protection initiatives within MS O365. This mid- to senior-level contractor will play a key role in building and managing security controls across SharePoint, OneDrive, and Teams environments. The role focuses on implementing and tuning Data Loss Prevention (DLP), Retention Policies, and Data Classification Labels. This is an ideal opportunity for someone with an administrative background in MS O365 who is transitioning into or expanding their career in security engineering. The ideal candidate will be a proactive “doer” who thrives in a collaborative environment and is comfortable engaging directly with end users to understand business needs and secure data accordingly. Top 3 Required Skills: Experience managing data protection and security controls in MS O365 (SharePoint, OneDrive, Teams) Hands-on experience configuring Data Classification Labels, Retention Policies, and DLP rules Strong technical communication and collaboration skills, with the ability to gather business context and explain security solutions clearly Additional Requirements: Background in Microsoft 365 administration with a desire to focus on security Familiarity with secure handling of large file volumes and resolving oversharing risks Experience implementing or tuning custom security controls within Microsoft 365 environments Ability to validate data use cases and work with end users to align controls with business needs Responsibilities: Build, configure, and maintain MS O365 security controls, including DLP policies, Retention Labels, and Data Classification Labels Evaluate and tune existing configurations to improve protection of enterprise data Help reduce risk from overshared files, stale data, or inappropriate access across large MS O365 environments Engage directly with end users and business teams to gather context and guide the implementation of appropriate security controls Take ownership of solutions-this role is for someone who will recommend, implement, and follow through on actions Contribute to the security posture of the OneDrive, SharePoint, and Teams environment across the organization What You'll Get Competitive base salary Medical, dental, and vision insurance coverage Optional life and disability insurance provided 401(k) with a company match and optional profit sharing Paid vacation time Paid Bench time Training allowance offering You'll be eligible to earn referral bonuses! All done! Your application has been successfully submitted! Other jobs

ARS is looking for an Information System Security Officer (ISSO). Our desire is to build a team of highly qualified professionals that will provide expertise in Cybersecurity, Cloud, and Systems Engineering, who will support the development and sustainment of unique secure enclaves at the edge, that provide enterprise services and cyber network defense capabilities to customers across the DoD. This team will provide engineering expertise using technologies such as ePO, Splunk, ACAS, Azure Automation, STIG/SCAP, and other enterprise capabilities. The ISSO will have an active role in monitoring a system and its environment of operation to include developing and updating a System Security Plan, managing and controlling changes to the system, and assessing the security impact. Why Work with us?  ​Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.   Responsibilities: Maintain the operational security posture of systems. Monitor systems and environments for security compliance. Develop and update System Security Plans (SSPs). Manage and control system changes and assess their security impact. Handle physical, personnel, and environmental security. Conduct incident response and security awareness training. Assist the ISSM and assume ISSM duties when necessary. Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM; Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package; Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard; Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS; Report all security-related incidents to the ISSM Conduct periodic reviews of information systems to ensure compliance with the security authorization package; Serve as member of the CCB, if designated by the ISSM; Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change; Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization; Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly; Ensure all IS security-related documentation is current and accessible to properly authorized individuals; and Ensure audit records are collected, reviewed, and documented (to include any anomalies). Participate in joint agile backlog planning and provide feedback to the software development team and infrastructure teams around high to medium risk items that require information system owner approval. Responsibilities: Advanced technical competency and experience in one or more of the following areas: Active Directory Domain Services, Active Directory Federated Services, Active Directory Certificate Services, Windows Server Update Services, ePO, Splunk, STIG/SCAP, YUM, ACAS Automation, and Azure Monitor / Log Analytics. Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard 5+ years related experience in SCI/SAP environments. Bachelor's degree in computer science, Engineering, Finance, Business, or related field 5-8 years demonstrated performance in related technology Top Secret w/ SCI eligibility Other duties as assigned All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

The Manager, Information Security is responsible for implementing and executing WPCU's Information Security program and strategies under the leadership of the VP, Information Security. This role will collaborate with all lines of business through projects, risk assessments, controls, and control effectiveness reviews. The manager will oversee tools utilized by the Information Security team to provide feedback on vendors and applications. Position will be responsible for collaboration with various business units during a data incident to ensure incidents are properly documented and evidence is captured. This role will be expected to provide thought leadership to ensure the efficiency and effectiveness of the Information Security team. The major activities for this position include: 1) Information Security Operations (40%) a) Develop and oversee control effectiveness reviews to ensure all activities align in scope and frequency with information security policies and approved information security frameworks. b) Develop and oversee information security's involvement with vendor due diligence processes. c) Develop and oversee Identity Access Governance processes to ensure alignment with the principle of least privilege access. d) Develop and oversee information security related risk assessments. Develop and oversee processes to rate criticality of applications and controls to ensure risk assessments are aligned. e) Ensure all assessments are completed in a timely manner including developing appropriate cross training plans to schedule impacts. f) Develop and oversee reporting related to all assessments to ensure risk levels are appropriately assigned and management responses are captured. g) Ensure identified gaps from information security assessments are appropriately tracked. Coordinate with various business units to collect timely updates. 2) Personnel Management & Procedures (20%) a) Mentor assigned partners by administering individual development plans, making recommendations for promotions, or implementing coaching plans. This includes performing regular 1-on-1s with partners and completing annual reviews. b) Ensure departmental procedures are effective, up-to-date, and follow company standards. 3) Project Management (20%) a) Participate in project planning events to provide estimated work effort for projects including pro-active escalation of resources constraints to the VP of Information Security. b) Assist in fostering an enterprise-wide security first culture by participating in project requirement gathering session. Inform project owners of applicable controls, audit findings, or control effectiveness gaps that are appropriate for the project. c) Attend on-going project meetings to advise and ensure information security controls are addressed. 4) Incident Management (10%) a) Role will be responsible for ensuring data incidents are tracked, properly documented, and evidence has been collected. b) Provide regular status updates to the VP of Information Security on open data incidents. 5) Audit and Regulatory Exam Support (10%) a) Assist the Vice President of Information Security with internal and external audits to ensure document collections are completed in a timely manner and properly vetted. b) Serve as subject matter expert during internal and external audits related to activities completed by Information Security. c) Ensure assigned business units are operating efficiently and reliably, are in compliance with applicable laws, regulations, and rules, have appropriate operating controls to mitigate risk, and are performing at a high level. Required Skills This leader in information security must be skilled at developing and leading strategic Information Security programs across the enterprise in a complex, multi-system and multi-vendor environment. Strong, practical knowledge of Information Security concepts and technical architecture are essential. Expert knowledge of risk and information security frameworks are essential. 1) A bachelor's degree is required, preferably in Information Technology, Information Security, or a related field. A master's degree in a related discipline is preferred. 2) At least 7+ years of experience in Information Technology or Information Security is required, with at least 3+ years of experience in a leadership role. Demonstrated experience with developing mapping controls to business processes, building control effectiveness reviews, or building risk ratings to allow business units to identify priorities is preferred. 3) A Certified Information System Security Professional (CISSP), Certified Information Security manager (CISM), or similar certification is required. 4) Demonstrate experience in evaluating vendor due diligence and vendor risk assessment processes. 5) Demonstrate experience in Identity Access Management including how to perform user access and rights reviews to align with least privilege access. 6) Demonstrate experience with developing and implementing a risk assessment process that is collaborative with business units and documents risk in accordance with board approved risk appetite. 7) Demonstrate strong leadership skills including the ability to work collaboratively and manage a remote workforce. 8) Demonstrate ability to drive and manage initiatives that increase operational efficiency, enhances quality, and improves/maintains service levels.

Advent Global Solutions (AGS) is a leading global IT services company, specialized in delivering enterprise software solutions, IT consulting & outsourcing services, and product engineering solutions. Advent Global's commitment to deliver IT services is backed by 1,000+ employees and preferred partnerships with companies like SAP, Oracle, Sybase, and IBM Job Description Role: IT Security Engineer Location: Cincinnati, OH Duration: 12 months Need 10+ years consultant Key Responsibilities: Minimum 10+ years of IT security experience that includes proven IT Security risk assessments and audits, information risk management and assessment development Minimum 10+ years of on-site working experience in the US Minimum of 2 years of experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security. Intermediate knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security. 3+ years of experience in Web development and web technologies like HTTP, HTML, CSS, and JSPs. 3+ years of experience in microservice development, Node.js preferred or java springboard 2+ years of experience in continuous integration, continuous delivery and deployment automation 2+ years of experience in secure software development and deployment Intermediate knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security. Contributes to the design, engineering and implementation of systems infrastructure. Ability to execute in an agile driven environment Applies proven communication, analytical and problem-solving skills to identify, communicate and resolve issues. Application security reviews * Application Penetration testing * Projects and research work as needed * Security training and outreach to internal development teams * Security guidance documentation * Security tool development * Security metrics delivery and improvements Conduct deep code reviews and find design flaws, and think long-term about driving down operational cost Solve problems at their root, stepping back to understand the broader context, and implementing fixes to ensure that discovered issues are not repeated Stay abreast of new techniques, tools and methodologies used to solve cloud security problems Experience understanding Common Vulnerabilities and Exposures (CVE) and Web Application Security - OWASP Top 10 Requirements analysis, definition, and refinement Secure and assured systems engineering Hands on software engineering and development Mobile computing platform application development Application of Information Security Principals Must have experience in the Assessment of security risk, Big data and analytics, Reverse engineering and Malware analysis Software innovation and technology insertion Use of database technologies such as Oracle, MySQL, or SQL-based equivalents, as well as NoSQL-based databases such as Mongo DB Use Software Configuration Management tools Understanding of Software Development Life Cycle (SDLC) processes Support Test Engineering during formal testing phase of the project Represents the organization in providing solutions to difficult technical issues associated with specific projects Supports project developing solutions for Modernization and Sustainment tasks Must have Agile and DevOps Experience Bachelor's Degree or equivalent education and experience required. Security and/or risk-related certifications preferred but not required (CISSP, CSSLP, GEWB, CASS, CISA, CRISC, C-WAST) Proven analytical skills to identify and analyze security requirements and relate them to appropriate security policies, standards and/or controls in order to determine associated risk. Ensure that technical solutions effectively meet and support business needs. Proven ability to handle and prioritize multiple assignments, often within limited time constraints. The ability to interact with internal and external personnel at all organizational levels. Therefore, the candidate must have the ability to influence others across a matrix organizational structure Proven strong written and verbal communication skills are a requirement; both within the organization and with external partners and vendors. The ability to work independently and as a self-starter. Please share resumes to hemanth[dot]n[at]adventglobal[dot]com Additional Information All your information will be kept confidential according to EEO guidelines.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* **Job Function:** R&D Product Development **Job Sub** **Function:** R&D Software/Systems Engineering **Job Category:** Scientific/Technology **All Job Posting Locations:** Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America **:** **About Surgery** Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech . **We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH.** **Job Description:** The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment **You will be responsible for:** + Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. + Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. + Advise embedded system security software to ensure system hardening and secure coding practices. + Support all stakeholders on patch management, vulnerability handling, and SBOM scanning + Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) **Qualifications / Requirements:** **Education:** + Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree **Experience and Skills** + 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices + 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment + Proven experience with threat modeling and risk assessments for connected products or medical devices + Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams + Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. + Proven experience with electrical and embedded software design + Experience developing software for embedded Real-Time Operating Systems (RTOS) + Experience developing embedded software systems using Modern C++ (preferably standards 17+) + A results and performance driven demeanor with strong sense of accountability + Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles **Preferred Skills & Experience:** + Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) + Work experience with Systems Engineering activities: requirements management and development, risk management, and verification + Strong collaboration, proven technical leadership capabilities, and conflict resolution skills + A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience + Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX **Other Requirements:** + Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: + Vacation - up to 120 hours per calendar year + Sick time - up to 40 hours per calendar year + Holiday pay, including Floating Holidays - up to 13 days per calendar year + Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. _Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation,_ **_external applicants please contact us via_** **_*******************/contact-us/careers_** **_. internal employees contact AskGS to be directed to your accommodation resource._** + \#RADSW + \#Li-Hybrid **Required Skills:** **Preferred Skills:**

We are looking for a Security Systems Sales Engineer, who will join a strong sales team that values collaboration, communication and transparency. Sales Engineers will specialize in technologically and scientifically advanced products and services. They will use their technical skills to explain the benefits of our solutions to new and existing customers. This role reports to a Regional Sales Manager. WHAT YOU WILL BE DOING Prepare and deliver technical presentations explaining products or services to existing and prospective customers and contractors. Design, propose, and sell integrated security and life-safety systems (access control, video surveillance, intrusion, and integration with fire alarm systems) to commercial, industrial, and institutional customers. Serve as the technical sales lead, bridging between customer requirements, design teams, and operations, ensuring solution integrity, profitability, and customer satisfaction Collaborate with sales team to understand customer and contractor requirements and provide sales support. Help clients solve problems with installed equipment. Recommend improved materials or machinery to customers, showing how changes will lower costs and increase production. Understand how to interpret prints and drawings Follow the established sales strategy, processes and programs to shift prospects into new customers within the CertaSite Customer Relationship Management (CRM) platform Develop fire and life safety solutions that are a fit for each targeted prospect Demonstrate efficient time management by spending time on activities that increase the chance of quota realization with a concern for EBITDA expansion, while also being value and mission driven Maintain the pulse on competition, as well as understand how the buyers of CertaSite products and services make purchasing decisions Drive revenue to CertaSite through prospects by establishing and selling solutions through the CertaSite platform of products and services Establish scale and profitability by helping professionalize the Company s go-to-market strategy and sales function Facilitate optimization of gross margin throughout the organization Partner with marketing to ensure the CertaSite value proposition and selling story remains relevant Gather all information needed to make informed recommendations Persuasively sell ideas to gain support and buy-in Use various communication techniques to gain cooperation in a negotiation Demonstrate the ability to remain resolute and resilient under stress Leverage contacts to stay informed of new company developments Balance new requests with established priorities QUALIFICATIONS 4+ years experience in low-voltage security systems (access control, video surveillance, intrusion) Proven track record in technical sales or application engineering Experience with Lenel / OnGuard / OnBoard preferred Strong understanding of IP networking, PoE, switches, VLANs, and structured cabling Ability to perform site surveys and read construction drawings Technical degree or equivalent work experience; Bachelor s preferred Valid driver s license and ability to travel locally within the state IDEAL QUALITIES NICET, NFPA, or other fire and life-safety certifications, Lenel / OnGuard / OnBoard certification (or willingness to obtain) Manufacturer certifications (Bosch, Axis, Milestone, HID, etc.) Experience with AutoCAD, Visio, or similar tools Experience driving revenue and helping build strong GTM strategies Demonstrated track record of uncovering opportunities and advancing prospect opportunities to close by following a prescribed selling campaign process Strong orientation to delivering winning outcomes and possessing an emotional engine that is contagiously felt throughout the organization Proficiency in identifying high value prospects, running a disciplined sales campaign and converting prospects into CertaSite customers WORKING CONDITIONS & PHYSICAL REQUIREMENTS Controlled climate, office environment Local travel as needed; no overnight travel required Visit customer locations and may have meetings in field settings Required to sit for long periods of time, eight hours or more per day and being frequently required to use monitor, keyboard, and phone COMPANY PERKS Work at a mission-driven company, focused on people Comprehensive medical plan options, including dental and vision 401K plan with company match Generous paid time off, paid holidays, and paid parental leave Education reimbursement program Continued growth and expansion into new markets and products and services This is a unique opportunity to join a great team at a company that is rapidly expanding and evolving, which may also bring significant potential for career growth. Who are we? CertaSite is a fast-growing fire protection and life safety company. Fire and life safety is our passion. It s all we think about. We leverage our hard-earned expertise to give people peace of mind, confidence, and more time to pursue their core businesses. Since 2018, we have grown from four to 18 markets while serving more than 30,000 customers throughout the Midwest. As we grow and expand into new markets, we are building a team that loves what they do and has fun doing it. If you are looking to be challenged every day, for an opportunity to make a meaningful impact, and to grow with a mission- and people-driven company focused on the customer, we hope you will consider this amazing opportunity. Our Mission: To provide a meaningful impact to as many lives as possible. Our Vision: To be the most dependable and simplified life safety solution on the planet. Our Values: Passionate We are on a relentless pursuit to be great, not just good enough. And we have fun doing it. Impactful Our work makes a real difference in the world. We literally save lives, but that s just the beginning. Innovative We believe there is always a better way. We don t stop until we find it. Genuine We do what we say, and we mean it. We are authentic and dependable. WORKING CONDITIONS & PHYSICAL REQUIREMENTS: Overtime may be required, and the number of hours may vary based on work location. May be exposed to all kinds of work environments. Varying work environments from hot to cold temperatures and exposure to dust. Occasionally asked to travel overnight to a customer location. Must be able to successfully lift up to 50 pounds occasionally. Frequent lifting and carrying of toolboxes, equipment, parts, tools, equipment, cabling, and/or wiring. Frequent ladder climbing and checking, pulling wire, etc. Walking, stooping, bending, crouching, kneeling, and raising hands overhead. Driving is required and the amount of time driving may vary. Required to wear Personal Protective Equipment (PPE) for this position in accordance with safety standards Equal Employment Opportunity/M/F/disability/protected veteran status Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

Secure Your Future with the University of Dayton Research Institute! The University of Dayton's Research Institute (UDRI) is seeking a highly motivated and experienced Information System Security Officer to join our dynamic Sensor & Software Systems division in Warner Robins, GA. This is an exceptional opportunity to be part of a renowned research institution committed to excellence, innovation, and community engagement. The Information System Security Officer (ISSO) position is supporting the Air Force Rapid Sustainment Office (RSO). The RSO increases mission readiness by rapidly identifying, applying and scaling technology essential to the operation and sustainment of the U.S. Air Force. Success comes from our teamwork and mutual respect for each other's talents and unique perspectives. This role supports the government cyber lead and provides cybersecurity support for advanced software-intensive technologies to include agile manufacturing, conditioned-based maintenance, augmented reality/virtual reality, cloud-based infrastructure and services, and robotics. Responsibilities: • Serve as cybersecurity technical advisor, consultant, and primary point of contact to the Program Manager, Information System Owner, and other stakeholders for the Information systems • Assessing systems for vulnerabilities and providing corrective recommendations. • Supporting government Cyber lead in performing RMF activities leading to system RMF acceptance IAW DoDI 8510.01, NIST 800-series special publications, USAF policy and instructions, and guidance as applicable on RSO IT systems in networked, standalone, and cloud configurations. • Support, coordinate, and continuously monitor system security posture and ensure adverse events are formally handled and reported • Developing, reviewing, and updating necessary documentation associated with achieving RMF accreditation of each system. • Applying currently accepted methods for documenting the RMF status of each RSO system within the DoD environment. • Security Technical Implementation Guides (STIGs) for all systems • Managing projects in compliance with DoD and AF RMF policies including but not limited to the following: o DoDI 8500.01 - Cybersecurity Risk Management Framework for DoD Information Technology. o DoD 8570.01 M - Information Assurance Training, Certification, and Workforce Management. o CNSSI 1253 - Security Categorization and Control Selection for National Security Systems. o NIST 800-series Special Publications (SP). o Computer Security, including SP 800-53 - Security Controls and Assessment Procedures for Federal Information Systems and Organizations and Air Force Instruction Series 17. Cyberspace: Accomplishing system categorization, security control selection, security control implementation, security control assessment, and security control monitoring, including, but not limited to, accomplishing the RMF steps as outlined in DoDI 8510.01 on a system-by-system basis • Providing system performance reporting. • Support System Administrator for multiple cloud projects and implementations. • Supporting Interim Authority to Test (IATT)/ Authority to Operate (ATO) planning and execution. Minimum Qualifications: • Associates Degree in Cybersecurity, Computer Science, or related field • 3+ years relevant cybersecurity experience • Experience with the NIST RMF process • Security Technical Implementation Guides (STIGs) application experience • The applicant must meet DoD 8570.01-M IAT Level II or higher certification requirements on hire date (Security+ CE) • Familiarity with the DOD Information Assurance Vulnerability Management program • Effective verbal and written communication skills • Ability to obtain a Secret level security clearance • Due to the requirements of our research contracts with the U.S. federal government, candidates for this position must be a U.S. citizen Preferred Qualifications: While not everyone may possess all of the preferred qualifications, the ideal candidate will bring many of the following: • 5+ years' DoD cybersecurity experience • IAT Level III or IAM Level I Certification • Bachelor's Degree in Cybersecurity, Computer Science, or related field • Additive Manufacturing experience • Systems Administration experience • Experience with Secure Development Operations Systems, as either a user, developer, or system administrator • Experience with submission of system security package to DoD for ATO, IATO, etc • Active Secret level security clearance. • Familiarity with Enterprise Mission Assurance Support Service (eMASS). • Experience with approved government cloud services such as Microsoft Azure, Amazon Web Services, Google Cloud. • Relevant cloud infrastructure and security certifications (i.e. Office365, SharePoint, Amazon AWS) • Cloud Application experience • Experience managing various project activities ensuring accurate task completion Special Instructions to Applicants: To apply please submit a cover letter addressing each minimum qualification and any applicable preferred qualifications that you meet. Closing Statement: Informed by its Catholic and Marianist mission, the University is committed to the principles of diversity, equity, and inclusion. Informed by this commitment, we seek to increase diversity, achieve equitable outcomes, and model inclusion across our campus community. As an Affirmative Action and Equal Opportunity Employer, we will not discriminate against minorities, women, protected veterans, individuals with disabilities, or on the basis of age, race, color, national origin, religion, sex, sexual orientation or gender identity.

TOP SKILLS: Must Have Brinq Excellent communication and presentation skills, and a proven background of presenting to senior leaders, large groups, etc. on relevant matters pertaining to large projects and impacting key functionality. Lead and Implementation Experience Performing referral to principle proven consistent experience in vulnerability management, security engineering, security consulting etc Proven experience with proactive threat management, research, escalation, discovery etc. Security Solid understanding of popular security tooling and understanding of security architecture/interconnectedness of processes and tooling. Nice To Have CISSP, CISA, CISM, AWS Solutions Architect certifications GRC/audit management experience Scripting/automation experience - python preferred Solid proven experience with tooling such as Qualys, Brinqa, Archer, ServiceNOW, Checkmarx, Prisma (and any AWS experience is great as well) What You'll Do Responsible for performing all functions required to support day-to-day data security operations and accountable for security and networking infrastructure component availability and integrity, monitoring compliance with IT security policy, and coordinating investigation and reporting of security incidents. Primary Responsibilities: Define, deliver, and support enterprise security tools and architecture in collaboration with other teams. Enhance the Bank's network vulnerability management program for in-scope subsidiaries and affiliates. Define security environments and lead the implementation and onboarding of new applications, programs, processes, projects, and initiatives into the Enterprise Vulnerability Management Program. Communicate, escalate, support, and guide the resolution of open vulnerabilities, including infrastructure, application security, and configuration management vulnerabilities. Conduct security research on threats and remediation techniques/technology, make recommendations to IS/IT teams, and oversee their implementation. Proactively monitor and investigate security alerts from managed security service providers and in-house security tools. Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications, and systems. Support ad hoc requests for reporting and control evidence, as needed. Perform threat analysis and incident response by interpreting events. Support the Bank's operational information security responsibilities, including developing and maintaining standards, procedures, and guidelines for the Enterprise Vulnerability Management Program. Share knowledge and industry best practices with team members. Serve as a security engineer/consultant on projects. What You'll Get Competitive base salary Medical, dental, and vision insurance coverage Optional life and disability insurance provided 401(k) with a company match and optional profit sharing Paid vacation time Paid Bench time Training allowance offering You'll be eligible to earn referral bonuses! All done! Your application has been successfully submitted! Other jobs

ARS is looking for an Information System Security Officer (ISSO). Our desire is to build a team of highly qualified professionals that will provide expertise in Cybersecurity, Cloud, and Systems Engineering, who will support the development and sustainment of unique secure enclaves at the edge, that provide enterprise services and cyber network defense capabilities to customers across the DoD. This team will provide engineering expertise using technologies such as ePO, Splunk, ACAS, Azure Automation, STIG/SCAP, and other enterprise capabilities. The ISSO will have an active role in monitoring a system and its environment of operation to include developing and updating a System Security Plan, managing and controlling changes to the system, and assessing the security impact. **Why Work with us?** Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers. **Responsibilities:** + Maintain the operational security posture of systems. + Monitor systems and environments for security compliance. + Develop and update System Security Plans (SSPs). + Manage and control system changes and assess their security impact. + Handle physical, personnel, and environmental security. + Conduct incident response and security awareness training. + Assist the ISSM and assume ISSM duties when necessary. + Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM; + Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package; + Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard; + Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS; + Report all security-related incidents to the ISSM + Conduct periodic reviews of information systems to ensure compliance with the security authorization package; + Serve as member of the CCB, if designated by the ISSM; + Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change; + Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization; + Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly; + Ensure all IS security-related documentation is current and accessible to properly authorized individuals; and + Ensure audit records are collected, reviewed, and documented (to include any anomalies). + Participate in joint agile backlog planning and provide feedback to the software development team and infrastructure teams around high to medium risk items that require information system owner approval. + Other duties as assigned **Requirements:** + Must be a US citizen + Advanced technical competency and experience in one or more of the following areas: Active Directory Domain Services, Active Directory Federated Services, Active Directory Certificate Services, Windows Server Update Services, ePO, Splunk, STIG/SCAP, YUM, ACAS Automation, and Azure Monitor / Log Analytics. + Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard + 5+ years related experience in SCI/SAP environments. + Bachelor's degree in computer science, Engineering, Finance, Business, or relatedfield + 5-8 years demonstrated performance in related technology + Top Secret w/ SCI eligibility All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor.