Cyber Security Architect - Consultant
Security Architect Job 13 miles from Durham
Title: Cybersecurity Solutions Architect - Principal / Senior
Duration: Long term contract
Key Responsibilities:
' Duties include:
- Architecting effective and efficient fit for purpose solutions that meet the Bank's needs and requirements - includes creation of Cybersecurity Blueprints that will present detailed views of application interaction/integrations between both on prem and cloud-based applications.
- Applies in-depth and specialized expertise in Identity and Access Management and significant breadth of experience across cyber / information security.
- May be called upon to contributed to scope and business cases
- Participates in the gathering and development of requirements by coaching stakeholders and decomposing business requirements into technical and system requirements
- Intepret requirements to determine the best solutions and approaches
- Creates architectures and operational documentation with support of engineering and operations staff
- Advise, consult, lead, guide and mentor project teams, engineers, analysts, and support staff in the delivery of solutions
- Participate in the agile planning processes and delivery methodologies
- Build relationships with internal clients
- Conducts threat modeling and security gap assessment exercises in concert with other teams
- Create reusable patterns for reoccurring cyber challenges
- Contributes to the creation of policy, standards, Minimum Security Baselines (MSBs), procedures and guidelines
- Bring visibility to and escalates security risks, as well as, technical, execution, deployment or other risks as applicable
- Lead Proof of Concept/Value Exit Read outs by communicating results and recommendations to stakeholders
- Conducts post-mortem reviews of projects / products to measure design versus implementation differentials
- Contribute to the Cyber Architecture Practice by supporting Cyber Enterprise Architecture objectives
Must Have Skills:
'The candidate must be a highly experienced subject matter expert with either deep specialization or comprehensive knowledge within a discipline which crosses multiple areas of specialization relative to Cloud architectures and scrutiy principles, Data Protection, IT Risk, Network Security, Application Security, Security Operations, and Identity and Access Management. We need someone with deep knowledge/experience with securing complex AWS and Azure architectures.
- Understanding of Security foundations and Standards such as hardening, least privilege, attack surface reduction, NIST SP800-series, NIST Cybersecurity Framework, FIPS 140-2, Common Criteria, FFIEC, FISMA/FedRAMP, ISO 27000, PCI-DSS, CIS Benchmarks, and similar.
- Applies in-depth and specialized expertise and/or a significant breadth of expertise in own professional discipline and other related disciplines.
- Interprets internal/external business challenges and recommends best practices to improve products, processes, or services.
- Mentors less experienced teammates to build their own technical expertise. Impacts the achievement of client, operational, project, service, and risk management objectives.
- Works independently, with guidance in only the most complex and unusual situations.
- Experience with Agile Scrum (Daily Standup, Sprint Planning and Sprint Retrospective meetings)
Specific solution expertise is desired in the following areas:
- Digital Commerce, Digital Banking and Financial Systems architecture
- Large data management architecture and integrations
- Attack protection and mitigation technologies - DDoS, WAF, Bot, etc.
- AWS / Azure Cloud - application migration, fit for purpose, etc.
- Multifactor authentication, Risk Based Authentication
- Application authentication models
- Application Security - OWASP control and evaluation criteria
- Cryptographic technology - Transit encryption, storage encryption, Hash, KMS, Digital Signature, etc.
- Federated Identity Management / Identity Providers / Single Sign On (SSO)
- Client authentication approaches for "anti-bot" technologies, signaling, and fraud prevention
Plus, to have skills:
'*Certification: CISSP-ISSAP, AWS, AZURE, SANS or TOGAF certifications
Experience with Agile Scrum (Daily Standup, Sprint Planning and Sprint Retrospective meetings)
Consulting or professional services backgrounds are a plus.
Financial services industry experience is a major plus.
Masters degree in: Computer Science, Information Systems, Security, or other closely related field.
Ideal candidate will also have experience in the following areas -
- Developing patterns, building blocks, target architectures, policies, standards, and guidance for all applicable platforms
- Containerization, Micro-services, API, CI/CD
- Content Delivery technologies
- Fintech integration
Desired Skills and Experience
Title: Cybersecurity Solutions Architect - Principal / Senior
Duration: Long term contract
Locations: Remote
Key Responsibilities:
' Duties include:
- Architecting effective and efficient fit for purpose solutions that meet the Bank's needs and requirements - includes creation of Cybersecurity Blueprints that will present detailed views of application interaction/integrations between both on prem and cloud-based applications.
- Applies in-depth and specialized expertise in Identity and Access Management and significant breadth of experience across cyber / information security.
- May be called upon to contributed to scope and business cases
- Participates in the gathering and development of requirements by coaching stakeholders and decomposing business requirements into technical and system requirements
- Intepret requirements to determine the best solutions and approaches
- Creates architectures and operational documentation with support of engineering and operations staff
- Advise, consult, lead, guide and mentor project teams, engineers, analysts, and support staff in the delivery of solutions
- Participate in the agile planning processes and delivery methodologies
- Build relationships with internal clients
- Conducts threat modeling and security gap assessment exercises in concert with other teams
- Create reusable patterns for reoccurring cyber challenges
- Contributes to the creation of policy, standards, Minimum Security Baselines (MSBs), procedures and guidelines
- Bring visibility to and escalates security risks, as well as, technical, execution, deployment or other risks as applicable
- Lead Proof of Concept/Value Exit Read outs by communicating results and recommendations to stakeholders
- Conducts post-mortem reviews of projects / products to measure design versus implementation differentials
- Contribute to the Cyber Architecture Practice by supporting Cyber Enterprise Architecture objectives
Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian's platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.
Dexian's brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit ******************* to learn more.
Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.
Information System Security Officer (ISSO) - Top Secret Clearance with a Full Scope Polygraph
Security Architect Job 21 miles from Durham
Piper Companies is seeking an experienced Information Systems Security Officerwho can work onsite in Raleigh, NC. The ISSO will ensure the completion of all Assessment and Authorization activities as it relates to ICD 503, NIST, CNSSI, and any other DoD or Intelligence Community policies.
Responsibilities of the Information Systems Security Officer - Top Secret Clearance with a Full Scope Poly:Provide all needed support to ensure the completion of assessment and authorization activities per Intelligence Community Directive 503.
Ensure continued compliance with all applicable requirements Complete weekly audits, scans, briefings, and reviews of the established System Security PlanRequirements for the Information Systems Security Officer - Top Secret Clearance with a Full Scope Poly:At least 2 years experience as an Information Systems Security Officer (ISSO) or in a similar capacity Strong knowledge of the Intelligence Community Directive 503 (ICD-503) and Risk Management Framework (RMF) Understanding of Windows, Linux, Unix, and AWS environments Prior experience implementing DISA STIGsProfessional Certifications preferred (CISSP, Security+, CASP, CCNA) Must have an active Top Secret Clearance with a Full Scope Polygraph to be considered Compensation for the Information System Security Office - Top Secret Clearance with a Full Scope Poly:Salary Range: $140,000 - $170,000, Depending on ExperienceComprehensive Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave if required by law, and HolidaysLocation: Raleigh, NC - Onsite 5 days per week Keywords: Information System Security Officer, Senior Information System Security Officer, CI poly, Counterintelligence poly, Poly, Intelligence Community Directive 503, ICD 503, Risk Management Framework Process, DISA STIGs, Nessus, HBSS, Splunk, NISTs, CNSSI, CISSP, Security+, CASP, CCNA, Windows, Linux, Unix, AWS#LI-JQ1#ONSITEThis job opens for applications on 01/14/2025.
Applications for this job will be accepted for at least 30 days from the posting date
Cyber Security Analyst
Security Architect Job 21 miles from Durham
Ready to grow your career? We should talk.
We seek a Cyber Security Analyst for a full time job opportunity with one of our top-tier clients. This is a hybrid role. To be successful in this role, you should have experience with Data loss prevention, Incident response, In point detection.
Job Description
Our client is looking for a Cybersecurity Analyst to join their team! The Cybersecurity Analyst is responsible for ensuring the security and integrity information systems and data within the organization. This role will analyze and evaluate network security, identify potential threats, and develop and implement security measures to protect against cyberattacks. In addition, this role will also provide recommendations for improving security policies and procedures and ensure compliance with industry and regulatory standards.
Responsibilities:
Provide technical guidance and support to clients during the implementation and deployment of Azure B2C solutions. Monitor Azure B2C services and proactively identify and address any performance or security issues.
Manage Single Sign On (SSO) applications. Create application integrations, roles, groups and security policies.
Conducting regular security audits and risk assessments on physical and cloud environment to identify vulnerabilities and threats to an organization's systems and networks. Responsible for remediation plans, communication and execution.
Develop and maintain ongoing Phishing campaigns, security awareness training, employee education, and company email campaigns.
Implement the MDR provider's security recommendations in the organization's infrastructure. This includes configuring security tools, patching vulnerabilities, and addressing any security gaps identified by the MDR provider.
Maintain up to date SSL certificates for cloud infrastructure.
Manage vendor NDA's, security questionnaires, contracts, etc.
Define and implement the organization's IAM policies, standards, and procedures.
Work with other team members to develop and implement security policies and procedures to protect the organization's data and systems through web filtering.
Maintain and improve the Security Information and Event Management (SIEM) system, ensuring that all alerts are properly investigated and addressed in a timely manner.
Meet with auditors and regulatory compliance committees for completion and compliance.
Review/audit BMIC security checklist comprising of daily/weekly/monthly/quarterly/semi-annual/annual tasks.
Review change log and security incident report with on monthly basis.
Lead and coordinate incident response activities including investigating security incidents, identifying the root cause, and developing remediation plans.
Stay current with the latest security threats and trends and make recommendations to the organization on how to mitigate risks and strengthen the security posture.
Assist peer teams in securing applications, business software and services, and infrastructure.
Respond to Security Incidents of varying severities and complexity.
Develop and implement security strategies for cloud-based applications, services, and infrastructure.
Participate in the design, implementation, and maintenance of security policies, standards, and procedures to ensure compliance with regulatory requirements.
Top skills you need to have:
Associate degree in an IT-related discipline and minimum of 3-5 years' experience (or equivalent combination of education and experience) in information security and information technology roles demonstrating a progressive growth in responsibility.
Demonstrated experience with implementing information security frameworks such as NIST, CIS, PCI, HIPPA
Experience in Cloud Security Architecture, with a focus on public cloud environments (AWS, Azure, or Google Cloud)
Knowledge of IT technologies including Access Control, Firewalls, SSO, Microsoft Technologies (M365, Active Directory, DNS), Anti-virus software and malware scanning tools
Experience with security assessment and testing tools, such as vulnerability scanners, penetration testing tools, SIEM systems, Log Management, DLP, IPS/IDS, VPN, MFA
Strong analytic and problem-solving skills
Excellent written, verbal communication and presentation skills.
Proven experience with current IT security technologies
Professional information security certifications such as CompTIA Security+, CCNA Security, GIAC, AZ-500, MS-500, CCNP Security, CEH, CISSP, CCSP are preferred
About Golden Technology:
Welcome to Golden Technology, an IT staffing company based in Cincinnati, OH. We are a faith-based organization dedicated to developing people and driving innovation. At Golden Technology, we believe in the power of community, the importance of integrity, and the potential within each individual. Our mission is to connect top talent with exciting opportunities, fostering growth and success for both our clients and candidates. Join us and be part of a team that values excellence, supports personal development, and is committed to making a positive impact in the world of technology.
Information Systems Security Officer (ISSO)
Security Architect Job 21 miles from Durham
Zachary Piper Group is seeking a Information Systems Security Officer (ISSO) to join an innovative, connected, secure, and transformative company located in Raleigh, NC through a Remote M-F work schedule. The Information Systems Security Officer (ISSO) will oversee security and compliance efforts, manage diverse technical systems, lead and communicate effectively, and develop detailed project plans to ensure the highest standards of information security.
Responsibilities of the Information Systems Security Officer (ISSO) include: Ensure adherence to ICD 503 and NIST SP800-53 requirements, implement DISA STIGs, and maintain XACTA records.
Manage and troubleshoot various systems including Windows, UNIX, Linux, AWS, and utilize compliance tools like NESSUS, HBSS, and Splunk.
Provide supervisory oversight, develop and present briefings, and demonstrate strong oral and written communication skills.
Develop and execute detailed project implementation plans, and create and submit Plan of Action & Milestones (POA&M).
Maintain industry certifications (.
, CISSP, Security+, CASP, CCNA), and travel periodically to other locations as required.
Qualifications for the Information Systems Security Officer (ISSO) include:Minimum of 3 years of experience as an Information Systems Security Officer (ISSO).
Proficient in implementing and adhering to Security Technical Implementation Guides (STIGs) to ensure systems are configured securely and compliant with industry standards.
Comprehensive understanding of the Intelligence Community Directive (ICD) 503 and the Risk Management Framework (RMF).
Must have an active Top Secret/SCI security clearance with Counterintelligence Polygraph.
Must be eligible to work in the United States.
Compensation for the Information Systems Security Officer (ISSO) include: $115,000 - 135,000 Comprehensive benefit package: Medical, Dental, Vision, 401K, Holiday, PTO, and Sick Leave if required by law.
This job opens for applications on February 7th, 2025.
Applications for this job will be accepted for at least 30 days from the posting date.
Keywords: Information Systems Security Officer, ISSO, cybersecurity, information security, network security, ICD 503, NIST SP800-53, DISA STIGs, compliance, risk management, security clearance, Top Secret/SCI, CI Polygraph, Windows, UNIX, Linux, AWS, NESSUS, HBSS, Splunk, XACTA, POA&M, project management, supervisory experience, leadership, communication skills, CISSP, Security+, CASP, CCNA, CISA, GSEC, CAP, SCNA, SCNP, SSCP, GSLC, GSE, CISM, DoD 8570, system patching, vulnerability remediation, cloud computing, technical proficiency, customer service, independent work, teamwork, problem-solving, resourcefulness, professional certifications, Computer Information Systems, Computer Science#LI-JB1 #LI-REMOTE
Architect
Security Architect Job In Durham, NC
Job Title Veeva CRM Architect
Relevant Experience
(in Yrs) 6+
Must Have Technical/Functional Skills
Veeva CRM, Veeva Align, Salesforce, DFDC deployment Tools (like Copado , Flosum etc.)
Experience Required
Experience with upstream and downstream applications and help troubleshoot all the Veeva's multichannel products including CLM, Approved emails, Myinsights, MC cycle plans, Alignments. Experience in below modules is required -
Veeva CRM
• Approved email administration
• CLM administration
• Coaching reports
• Calls
• Sampling
• DCR's
• Suggestions
• MCCP
• Surveys
• Lead card submission
• My Insights
• My Insights Studio
• Engage
• Medical Insights
• Medical Inquiry
• Time off territory
• Consent capture
• OWAS
• Monitored phrase.
• Dynamic Attributes
• Account plans and objectives
• Campaigns
• Network integration
• DW Integration
• Product Metrics
• Tiem off territory
• iPad configurations
• Key messages
Veeva Align:
• Territory modeling
• Vault Loader
• Field force
• Functional Profile
• Geographies
• Footprints
• Account rules
• MCCP
Salesforce
• Reports and Dashboards
• Apex classes and triggers
• Flows
• Validation rules
• SFDC TECHNICAL topics
• Deployment
Roles & Responsibilities
Experience implementing Global rollout of Veeva CRM both in Development and Support phases.
Closely work with all the business and IT stakeholders and different applications.
Closely work with development and testing teams to diagnose, troubleshoot and resolves complex issues
Should be able to handle inquiries regarding technical issues, information requests on application capabilities
Provide coordinated support for new releases and configuration changes into production
Generic Managerial Skills
Monthly Status Reporting, Escalation management, Ticket review , SLA checks , Team management.
Information Security Analyst
Security Architect Job 39 miles from Durham
Type of Requisition:
Regular
Clearance Level Must Currently Possess:
Top Secret/SCI
Clearance Level Must Be Able to Obtain:
Top Secret/SCI
Public Trust/Other Required:
None
Job Family:
Information Security
Job Qualifications:
Skills:
Cybersecurity, Information Security, Security Tools, System Security
Certifications:
None
Experience:
3 + years of related experience
US Citizenship Required:
Yes
:
YOUR IMPACT
Own your opportunity to serve as a critical component of our nation's safety and security. Make an impact by using your expertise to protect our country from threats.
JOB DESCRIPTION
Transform technology into opportunity as an Information Security Analyst with GDIT. A career in enterprise IT means connecting and enhancing the systems that matter most. At GDIT you'll be at the forefront of innovation and play a meaningful part in improving how agencies operate.
At GDIT, people are our differentiator. As an Information Security Analyst, you will help ensure today is safe and tomorrow is smarter. Our work depends on TS/SCI cleared Information Security Analysts joining our team to support our intelligence customer at Fort Liberty, NC.
HOW AN INFORMATION SECURITY ANALYST WILL MAKE AN IMPACT
The Information Assurance Analyst is primarily responsible for incident handling, incident response, intrusion analysis, threat hunting, digital forensic analysis, vulnerability scanning, Data Loss Prevention (DLP).
Tracks and handles cyber security incidents/events from initial detection to final resolution; coordinates with appropriate parties to investigate and maintain communications.
Collaborates with specialty teams to investigate and resolve complex problems.
Troubleshoots security tools on the network to ensure successful operation, compatibility with other applications, and minimal impact to the users.
Ensures ACAS vulnerability scanning mechanisms are operational and providing relevant results to the vulnerability management and admin teams.
Performs Information Systems Security Officer (ISSO) duties, and acts as the POC between parent organization and cyber security teams.
Conducts change requests, software authorizations, static code analysis, account reviews, and other Assessment & Authorization (A&A) tasks as required.
Acts as a central point of contact for all inquiries potentially regarding cyber security, and if necessary, redirects to the appropriate entities.
WHAT YOU'LL NEED TO SUCCEED
EDUCATION
Associate Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
8570 Certification
REQUIRED EXPERIENCE:
3+ years of related experience in data security administration.
REQUIRED TECHNICAL SKILLS:
Minimum IAT II: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP
Within 6 months of hire - CSSP Incident Responder (IR): CEH, CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+, GCFA, GCIH, SCYBER
Preferred certifications: GCIH, GCFA, GCIA, GNFA, Linux+, CCNA R&S, Splunk Power User
SECURITY CLEARANCE: TS/SCI (Required)
REQUIRED SKILLS AND ABILITIES:
Proficient at navigating Windows 10/Server 2012/Server 2016 operating systems to perform intrusion analysis and systems maintenance
Proficient at navigating Linux: Ubuntu/RHEL 6/7/8 to facilitate cyber security engineering and systems maintenance
Basic scripting skills using Windows command-line, PowerShell, or BASH
Understanding of network ports, protocols, and services
Intrusion analysis via HBSS, Splunk or other SIEM tools, Windows Event Logging, Open Source Intelligence (OSINT) sources
Incident investigations via McAfee HBSS suite, SolarWinds, Cisco ISE, Cylance, Splunk, Phantom, StealthWatch, WireShark, ForeScout, ACAS, PowerShell, command-line tools
Build and maintain ACAS infrastructure; analyze vulnerability scan results and provide recommendations for remediation
PREFERRED SKILLS:
Strong desire to learn new skills, techniques, tactics, and procedures to improve knowledge and existing processes
Must be able to multi-task and adapt to changing priorities in highly stressful situations
Highly resilient and motivated to investigate unfamiliar and anomalous problems in a robust OPTEMPO environment, including follow-through to complete resolution
Critical thinking skills required to apply and correlate data from multiple sources to solve complex problems
Strong ability to quickly and clearly articulate operational impacts of cyber security incidents/events to leadership
Ability to communicate efficiently and precisely to target audience, as well as build strong rapport with other teams
Location: On Company Site
US Citizenship Required
GDIT IS YOUR PLACE:
● 401K with company match
● Comprehensive health and wellness packages
● Internal mobility team dedicated to helping you own your career
● Professional growth opportunities including paid education and certifications
● Cutting-edge technology you can learn from
● Rest and recharge with paid vacation and holidays
The likely salary range for this position is $76,500 - $103,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.
Scheduled Weekly Hours:
40
Travel Required:
25-50%
Telecommuting Options:
Onsite
Work Location:
USA NC Fort Liberty
Additional Work Locations:
Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation's most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Enterprise Cloud Security Architect
Security Architect Job In Durham, NC
Clorox is the place that's committed to growth - for our people and our brands. Guided by our purpose and values, and with people at the center of everything we do, we believe every one of us can make a positive impact on consumers, communities, and teammates. Join our team. #CloroxIsThePlace
Your role at Clorox:
Are you passionate about safeguarding cloud environments and ensuring data security? Join our team as a Cloud Security Architect! In this pivotal role, you'll design, implement, and maintain cutting-edge security systems for our cloud-based infrastructure. From assessing current security measures and creating robust firewalls to enhancing network security and encrypting data, you'll be at the forefront of our security strategy. Plus, you'll ensure we stay compliant with all regulations by continuously updating our security protocols. If you're ready to take on the challenge of protecting our cloud, we want to hear from you!
In this role, you will:
Designing cloud security architecture: Designing and implementing a comprehensive security strategy and plans for the cloud environment, considering data protection, network security, identity and access management (IAM), and threat mitigation strategies that meet Clorox's specific needs.
Reference Architecture Management: Develop and maintain cloud security architecture artifacts (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
IAM implementation and management: Designing and managing user access controls, including multi-factor authentication, role-based access, and least privilege principles to protect sensitive data.
Security assessment and vulnerability management: Regularly evaluating cloud systems for vulnerabilities, coordinating penetration testing, and identifying potential security risks to implement necessary remediation measures.
Data encryption: Designing and managing robust encryption mechanisms for data at rest and in transit to protect sensitive information across the cloud environment.
Network security configuration: Designing and managing cloud network security settings, including firewalls, security groups, and network segmentation to control traffic and prevent unauthorized access.
Compliance management: Ensuring adherence to relevant industry regulations and compliance standards like SOX, GDPR, HIPAA, and PCI DSS by implementing appropriate security controls.
Security incident response: Developing and maintaining incident response plans to effectively detect, contain, and remediate security breaches in the cloud.
Security automation and monitoring: Utilizing cloud-based security tools to automate security tasks like vulnerability scanning, log management, and threat detection, enabling proactive monitoring of the cloud environment.
Define and report on Metrics and Key Performance Indicators: Regularly monitor effectiveness and return on investment on security practices and make recommendations for improvements.
Security awareness training: Educating cloud users on best practices for data protection, password management, and identifying potential security threats.
Collaboration with other teams: Working closely with other IT professionals, including cloud architects, network engineers, developers, and system administrators to integrate security considerations into cloud applications and infrastructure. Engage with the Security Operations team to ensure appropriate policies and standards are kept up to date with security requirements and approach.
Staying up to date on the latest cloud security technologies, trends, and best practices.
What we look for:
5 plus years of cloud security experience, focusing on designing and implementing secure cloud computing solutions.
A strong understanding of cloud computing technologies, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
Knowledge of security frameworks such as ISO 27001, NIST Cybersecurity Frameworks, and CIS Controls.
Familiarity with cloud security platforms like Microsoft Azure, Amazon Web Services, and Google Cloud Platform.
Certifications such as Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle (CSSLP) or Certified Cloud Architect (CCA) are preferred.
Strong analytical and problem-solving skills, with an ability to think strategically and tactically about complex cloud security issues.
Excellent communication skills, including communicating complex technical concepts to non-technical stakeholders.
The ability to work well in a team environment and collaborate effectively with other IT professionals.
#LI-HYBRID
Workplace type:
We seek out and celebrate diverse backgrounds and experiences. We're looking for fresh perspectives, a desire to bring your best, and a non-stop drive to keep growing and learning.
At Clorox, we have a Culture of Inclusion. We believe our values-based culture connects to our purpose and helps our people be the best versions of themselves, professionally and personally. This means building a workplace where every person can feel respected, valued, and fully able to participate in our Clorox community. Learn more about our I&D program & initiatives here.
[U.S.]Additional Information:
At Clorox, we champion people to be well and thrive, starting with our own people. To help make this possible, we offer comprehensive, competitive benefits that prioritize all aspects of wellbeing and provide flexibility for our teammates' unique needs. This includes robust health plans, a market-leading 401(k) program with a company match, flexible time off benefits (including half-day summer Fridays depending on location), inclusive fertility/adoption benefits, and more.
We are committed to fair and equitable pay and are transparent with current and future teammates about our full salary ranges. We use broad salary ranges that reflect the competitive market for similar jobs, provide sufficient opportunity for growth as you gain experience and expand responsibilities, while also allowing for differentiation based on performance. Based on the breadth of our ranges, most new hires will start at Clorox in the first half of the applicable range. Your starting pay will depend on job-related factors, including relevant skills, knowledge, experience and location. The applicable salary range for every role in the U.S. is based on your work location and is aligned to one of three zones according to the cost of labor in your area.
-Zone A: $121,900 - $240,100-Zone B: $111,700 - $220,100-Zone C: $101,600 - $200,100All ranges are subject to change in the future. Your recruiter can share more about the specific salary range for your location during the hiring process.
This job is also eligible for participation in Clorox's incentive plans, subject to the terms of the applicable plan documents and policies.
Please apply directly to our job postings and do not submit your resume to any person via text message. Clorox does not conduct text-based interviews and encourages you to be cautious of anyone posing as a Clorox recruiter via unsolicited texts during these uncertain times.
To all recruitment agencies: Clorox (and its brand families) does not accept agency resumes. Please do not forward resumes to Clorox employees, including any members of our leadership team. Clorox is not responsible for any fees related to unsolicited resumes.
Application Security Architect
Security Architect Job 21 miles from Durham
vTech can help you avoid the daunting task of writing and posting job offers, shifting through resumes and laboring through the lengthy interview process. Our Staffing solutions will allow you to elude those tasks and place topnotch, high-caliber professionals in the position you need to fill.
We use our expertise, knowledge, and global resources to deliver top-quality candidates and tailor our IT and Non-IT recruitment services to your needs. This allows us to deliver the required results in a timely manner that meets your schedule at a substantially reduced cost.
We pride ourselves for having one of the fastest growth rate and also the lowest turnover rates in the industry just 2.5 percent annually. We focus on the training and retaining qualified professionals with high personal and work ethics. With the help of our extensive database of internal candidates and CATS applicants tracking system, we can provide quality resources within the limited time frame.
We have also successfully placed hundreds of candidates in the areas related to Information Technology, Engineering, professional, Scientific & Clinical, etc. for both our commercial and government clients.
Source: A recruiter sources candidates from various sources; the search starts from our proprietary database. Using advanced sourcing methods like social media, professional networking media, internal, and 3rd party job boards, we identify qualified candidates.
Validate: A recruiter validates the candidates' experience and skill sets against our client's position.
Initial Screening: Based on the position and the client's work culture, the recruiter uses initial screening questions to determine the most suitable candidates.
Submit: the recruiter will submit to the technical team qualified candidates who have passed the initial screening.
Technical Screening: The technical team then prepares a matrix of the particular requirements and required experience for the position and using a list of questions and the results, re-validates the candidates' technical skills.
Background Check: Administrative personnel will provide a detailed background check, as required, per client agreement.
On board: On successfully completing the above steps, the candidates are welcomed on board and assisted to ensure a smooth integration at the client's location.
Job Description
Client needs contractor well versed with design and development with IDM product. DES has procured Optimal IDM(OIDM) for authorization security. DES has over 30 existing applications. SCUBI (Southeast Consortium Unemployment Benefits Integration).
Business Need/Justification:
Client needs contractor well versed with design and development with IDM product. DES has procured Optimal IDM(OIDM) for authorization security. Client has over 30 existing applications that need to be integrated with OlDM. SCUBI is a 3 state consortium undertaking to replace Client legacy mainframe benefit payment system, that an external vendor is developing. The new SCUBI system needs to communicate with security services for authentication. Client staff single sign on (550) needs to be developed. In order to avoid falling behind with the SCUBI Project schedule dictated by the Consortium.
Required Skills, and Abilities:
Over 7 years of lead .NET application design and development experience: Including well experienced with Microsoft .Net Framework 4 .5+, VS 2013, C#, ASP.Net, AJAX, MVC, NuGet, Web API, Web Services, JavaS script and LINQ.
Over 3 years of experience with ORMs like Entity Framework or similar.
Over 3 years of experience architecting application security solutions and the design and development of security layer for enterprise level .NET systems.
Experienced in developing SAML based authentication with Optimal's IDM system (OlDM).
Experienced in implementing Single Sign On solution with OlDM system.
Experienced in developing application security to integrate with OlDM system.
Over 2yrs experience in developing Oracle database schemas and programming.
Experienced in participating in load testing of enterprise applications.
Responsibilities include:
Design detailed plan to upgrade security for existing online .NET applications and DES web portal to integrate with OlDM.
Design and develop DES Active Directory services for .NET applications to consume.
Develop web services and middleware modules that the .NET applications will communicate with. for authentication with OlDM.
Develop web services for SCUBI.
Design and develop restful web services for communication between DES web portal applications. OlDM and SCUBI.
Develop schema and programming for DES Oracle data stores.
Develop administration web console for DES staff for security related customer service functions.
Provide direction and support to SCUBI developer s for OlDM integration.
Design and develop other DES . NET systems as needed.
Skills Required:
Lead .NET application design/development, including MS .Net Framework 4.5+, VS 2013, C#, ASP.Net, AJAX, MVC, NuGet, Web API, Web Svcs, JavaScrip, LINQ
Experience with ORMs like Entity Framework or similar.
Experience architecting application security solutions and the design and development of security layer for enterprise level .NET systems.
Experienced in developing SAML based authentication with Optimal's IDM system (01 DM).
Experienced in implementing Single Sign On solution with OlDM system.
Experienced in developing application security to integrate with OlDM system..
Experience in developing Oracle database schemas and programming.
Experienced in participating in load testing of enterprise applications.
Additional Information
All your information will be kept confidential according to EEO guidelines.
Cyber Security Architect
Security Architect Job 21 miles from Durham
The cyber security architect provides expert guidance for addressing current security issues but has the foresight to see where the industry is headed and proactively deliver optimal secure solutions. The architect is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes. A senior-level role, the architect possesses strong communication and organizational skills, and the ability to guide less experienced coworkers. The architect provides technical leadership to delivery and solution design team members.
The cyber security architect role is responsible for architecting, implementing, and advising a secure infrastructure supporting business needs. The position will architect secure infrastructure and applications that align with business and cybersecurity strategy to support a fast-paced environment. Architects in this role will support the progressive needs of the business and provide timely, secure and cost-efficient solutions that elevate the company's cyber security posture. An advanced role, the cyber architect will deliver resilient applications at scale to support business initiatives. Cyber security architects possess advanced administration and troubleshooting skills, along with knowledge to support architecture, engineering, and design principles. Architects shall be proficient with disparate applications and data systems to maintain a high level of security rigor.
The role requires deep technical knowledge of cloud computing architecture, security principles and cybersecurity best practices. A cyber security architect is highly technical and proficient in cybersecurity and systems administration across a wide variety of infrastructure types (SaaS, IaaS, PaaS). Additionally, demonstrated experience with AWS, Microsoft Azure, Oracle, Google Cloud and other cyber solutions is a requirement. The ability to automate, provision and manage cyber resources across multiple environments with infrastructure as code (IaC) principles is required. Architects are expected to be analytical and possess a strong work ethic and the critical thinking skills needed to manage complex systems and applications. Successful candidates in this role are adept at working with business units and have good listening and communication skills. In tandem with security leadership, cyber architects will consistently assess the threat landscape and adapt quickly to protect the business from risk. The architect will report to cyber security leadership and have strong working relationships with IT and application development leadership.
Essential Functions:
Architect, design and implement scalable, resilient solutions in public, private and hybrid clouds.
Support cloud security architecture for SaaS, PaaS and IaaS.
Recommend and advise on strategies and best practices for cybersecurity and a flexible architecture.
Design security for monitoring, logging, IAM, encryption, data protection, detection and preventive controls.
Work in tandem with team leads and subject matter experts to validate configurations are aligned, adopted and implemented.
Liaison with cybersecurity teammates to investigate security incidents and breaches.
Orchestrate scalable, resilient, and efficient containerized microservices.
Integrate and automate secure continuous integration/continuous delivery build configurations for development pipelines.
Proactively analyze, identify and resolve performance bottlenecks.
Assist with strategy, implementation and recovery point/time objective for business continuity and disaster recovery.
Recommend and implement cloud security tools and controls.
Use cloud security tools for asset discovery, cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM).
Stay up to date with cybersecurity threats, risks and vulnerabilities with potential impact to services.
Form relationships with colleagues in operations, software development and risk management.
Collaborate with IT and cybersecurity leadership to develop practices to reduce attack surface, as well as countermeasures to impede internal threats and external attackers.
Define key performance indicators, objectives and key results, and metrics to illustrate efficacy with cloud infrastructure and applications.
Attend project and implementation meetings and advise secure application and infrastructure configurations.
Develop, maintain and enforce cloud security policies and procedures, as well as best practices for following standards such as FedRAMP, Cloud Security Alliance, SOC 1/2/3, CIS and NIST SP 800 series.
Communicate the state of cloud security posture to cybersecurity leaders, stakeholders, IT and developers.
Participate in cloud security groups and consortiums for knowledge and building relationships.
Be willing to work nonstandard business hours for projects, business impact issues and incident response.
Perform other duties as assigned.
Required Qualifications:
Education:
Bachelor's degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
Experience:
5-10 years' experience in IT and security operations, with a focus on cyber security.
Licenses:
Preferable, but not required: CISSP, CISM, CRISC, CISA, GCIH, GCFA, GCFE
Other:
Demonstrated experience as a team lead
Functional use with cloud tools (CWPP, CSPM, cloud-native application protection platform) and automation (Chef, Puppet, Salt, Ansible).
Proficient in one or more: Terraform, Kafka, Kubernetes, scripting (Python, JavaScript, Bash).
Proven use with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security, IaC.
Ability to influence technical team and business units and collaborate to reduce attack surface.
Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001).
Capacity to comprehend complex technical infrastructure, managed services and third-party dependencies.
Applicable knowledgeable as needed about FISMA, GDPR, PCI, CCPA, HIPAA, GLBA, Regulation P, NYDFS, etc.
Strong written and oral communication skills across varying levels of the organization.
Licenses:
Preferable, but not required: CISSP, CISM, CRISC, CISA, GCIH, GCFA, GCFE
Benefit Information:
ABM offers a comprehensive benefits package. For information about ABM's benefits, visit:
ABM Employee Benefits | Staff & Management
Cyber Security Architect
Security Architect Job 21 miles from Durham
The cyber security architect provides expert guidance for addressing current security issues but has the foresight to see where the industry is headed and proactively deliver optimal secure solutions. The architect is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes. A senior-level role, the architect possesses strong communication and organizational skills, and the ability to guide less experienced coworkers. The architect provides technical leadership to delivery and solution design team members.
The cyber security architect role is responsible for architecting, implementing, and advising a secure infrastructure supporting business needs. The position will architect secure infrastructure and applications that align with business and cybersecurity strategy to support a fast-paced environment. Architects in this role will support the progressive needs of the business and provide timely, secure and cost-efficient solutions that elevate the company's cyber security posture. An advanced role, the cyber architect will deliver resilient applications at scale to support business initiatives. Cyber security architects possess advanced administration and troubleshooting skills, along with knowledge to support architecture, engineering, and design principles. Architects shall be proficient with disparate applications and data systems to maintain a high level of security rigor.
The role requires deep technical knowledge of cloud computing architecture, security principles and cybersecurity best practices. A cyber security architect is highly technical and proficient in cybersecurity and systems administration across a wide variety of infrastructure types (SaaS, IaaS, PaaS). Additionally, demonstrated experience with AWS, Microsoft Azure, Oracle, Google Cloud and other cyber solutions is a requirement. The ability to automate, provision and manage cyber resources across multiple environments with infrastructure as code (IaC) principles is required. Architects are expected to be analytical and possess a strong work ethic and the critical thinking skills needed to manage complex systems and applications. Successful candidates in this role are adept at working with business units and have good listening and communication skills. In tandem with security leadership, cyber architects will consistently assess the threat landscape and adapt quickly to protect the business from risk. The architect will report to cyber security leadership and have strong working relationships with IT and application development leadership.
Essential Functions:
Architect, design and implement scalable, resilient solutions in public, private and hybrid clouds.
Support cloud security architecture for SaaS, PaaS and IaaS.
Recommend and advise on strategies and best practices for cybersecurity and a flexible architecture.
Design security for monitoring, logging, IAM, encryption, data protection, detection and preventive controls.
Work in tandem with team leads and subject matter experts to validate configurations are aligned, adopted and implemented.
Liaison with cybersecurity teammates to investigate security incidents and breaches.
Orchestrate scalable, resilient, and efficient containerized microservices.
Integrate and automate secure continuous integration/continuous delivery build configurations for development pipelines.
Proactively analyze, identify and resolve performance bottlenecks.
Assist with strategy, implementation and recovery point/time objective for business continuity and disaster recovery.
Recommend and implement cloud security tools and controls.
Use cloud security tools for asset discovery, cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM).
Stay up to date with cybersecurity threats, risks and vulnerabilities with potential impact to services.
Form relationships with colleagues in operations, software development and risk management.
Collaborate with IT and cybersecurity leadership to develop practices to reduce attack surface, as well as countermeasures to impede internal threats and external attackers.
Define key performance indicators, objectives and key results, and metrics to illustrate efficacy with cloud infrastructure and applications.
Attend project and implementation meetings and advise secure application and infrastructure configurations.
Develop, maintain and enforce cloud security policies and procedures, as well as best practices for following standards such as FedRAMP, Cloud Security Alliance, SOC 1/2/3, CIS and NIST SP 800 series.
Communicate the state of cloud security posture to cybersecurity leaders, stakeholders, IT and developers.
Participate in cloud security groups and consortiums for knowledge and building relationships.
Be willing to work nonstandard business hours for projects, business impact issues and incident response.
Perform other duties as assigned.
Required Qualifications:
Education:
Bachelor's degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
Experience:
5-10 years' experience in IT and security operations, with a focus on cyber security.
Licenses:
Preferable, but not required: CISSP, CISM, CRISC, CISA, GCIH, GCFA, GCFE
Other:
Demonstrated experience as a team lead
Functional use with cloud tools (CWPP, CSPM, cloud-native application protection platform) and automation (Chef, Puppet, Salt, Ansible).
Proficient in one or more: Terraform, Kafka, Kubernetes, scripting (Python, JavaScript, Bash).
Proven use with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security, IaC.
Ability to influence technical team and business units and collaborate to reduce attack surface.
Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001).
Capacity to comprehend complex technical infrastructure, managed services and third-party dependencies.
Applicable knowledgeable as needed about FISMA, GDPR, PCI, CCPA, HIPAA, GLBA, Regulation P, NYDFS, etc.
Strong written and oral communication skills across varying levels of the organization.
Licenses:
Preferable, but not required: CISSP, CISM, CRISC, CISA, GCIH, GCFA, GCFE
Benefit Information:
ABM offers a comprehensive benefits package. For information about ABM's benefits, visit:
ABM Employee Benefits | Staff & Management
Security Architect ( Cloud )
Security Architect Job 21 miles from Durham
We provide creative and technology services and solutions in the areas of web design, customized web applications, IT Staffing and e-commerce solutions, Mobile App development and much more services to organizations in the All over the world.
With well defined and documented processes and practices, we ensure successful implementation of all our projects. Our teams are highly trained in best practices of web and application developments and are managed by certified project managers who ensure highest levels of process control and management
Job Description
Security Architect
Locations: Raleigh, NC
Full Time
Travel Required:
Up to 10% or 1 day a week
Work with IBM Cloud PaaS Offering Management on defining security roadmap
Engage with clients as sponsor users to implement new security capabilities
Architect technical security requirements for external compliance certifications
Participate and enforce IBM PSIRT, IBM CSIRT, and IBM Secure Engineering processes
Provide security technical guidance to Bluemix services and SaaS offerings that run on top of Bluemix PaaS
Create external facing collateral for use by client facing teams and clients
Participate in IBM Cloud Security interlocks
Present in client facing/external conferences e.g., Interconnect etc.
Support Bluemix sales by presenting to clients (on the phone, F2F)
Mentor security team members
You will work with the best of the teams in Cloud Dev, Cloud Security, Cloud Offering Management, Cloud Sales. You will be outgoing, team player, willing to mentor and lead team members, must have great sense of humor. You will have demonstrated communication skills, experience with working with customers and be able to bring customer requirements back to the team. Your extensive experience in security and compliance audit is of great advantage.
This is a high performing, leading edge team that offers exciting opportunities in Cloud security. If you have it in you, then you are at the right place. Apply below immediately.
Required Technical and Professional Expertise:
At least 8 years of experience in technical security architecture and design skills
At least 5 years of experience in External customer facing experience and skills
At least 3 years experience in Compliance Standards
Preferred Technical and Professional Experience:
At least 3 years of experience in Cloud Security and compliance standards.
Certified Information Systems Security Professional (CISSP) certification is preferred
Additional Information
All your inform
ation will be kept confidential according to EEO guidelines.
Senior Cloud Security Architect (26185)
Security Architect Job In Durham, NC
NetApp is the data authority for hybrid cloud. We provide a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with our partners, we empower global organizations to unleash the full potential of their data to expand customer touchpoints, foster greater innovation and optimize their operations.
NetApp Data Fabric simplifies and integrates data management across cloud and on-premises to accelerate digital transformation. It delivers consistent and integrated data management services and applications for data visibility and insights, data access and control, and data protection and security. And unleashes the power of data to achieve a new competitive advantage.
If you ask anyone at NetApp why they work here, the answer is inevitably the same: it's the people. At NetApp, we place trust, integrity, teamwork, and caring at the heart of what we do. As such, we've created a culture where people feel empowered to make a difference; where we're passionate about innovation and collaboration; and where we take care of each other, our customers, our partners, and our communities simply because it's the right thing to do.
We provide comprehensive medical, dental, wellness and vision plans for you and your family. We also offer financial savings programs to help you plan for your future. We work hard but also recognize the importance of work-life balance for our employees. We offer educational assistance, legal services, access to discounts and fitness centers. Our volunteer time off program is best in class because what's important to our employees is important to us! Join us, and we'll help you do your best work.
Interested in working at NetApp? Search our open jobs - **************************
Job Description
Are you data-driven? We at NetApp believe in the transformative power of data - to expand customer touchpoints, to foster greater innovation, and to optimize operations. We are designed for simplicity, optimized to protect, created to embrace future opportunity, and open to enrich choice. We are the data authority for hybrid cloud, and we are helping our customers realize the full potential of their data.
We've built a Data Fabric for a data-driven world - to simplify and integrate data management across the resources that are best for the business. With the Data Fabric, our customers can harness the power of cloud data services, build cloud infrastructures, and modernize storage through data management.
By harnessing the power of hybrid cloud data services, customers gain the freedom of choice to securely manage and move data - anywhere, on any cloud. Only NetApp can help organizations deliver data-rich customer experiences when they rapidly test and deploy new applications that easily use data and services regardless of where they reside or in what form.
Qualifications
The Senior Security Architect is responsible for determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. He/she also is responsible for designing, building, testing and implementing security systems across NetApp's networks, infrastructure, and cloud based architecture. The Senior Security Architect is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products.
Job Requirements
Interpret compliance and security requirements to design implementable and repeatable controls
Identify gaps in existing and proposed architectures and security controls and provide recommendations for resolution
Contribute to creation and maintenance of Enterprise Information Security policies, standards, and process documentation
Coordinate with Enterprise Information Security leadership to create and maintain overall short- and long-term roadmaps
Conduct reviews for projects related to infrastructure and general information security to ensure they meet requirements and target-state architectures
Participate in risk assessment activities as subject matter expert for infrastructure and general information security concerns
Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates
Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards
Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation
Verifies security systems by developing and implementing test scripts
Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs
Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements
Prepares system security reports by collecting, analyzing, and summarizing data and trends
Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments
Skills and Education
Skills:
Experience developing enterprise class security architectures in both traditional data center and public / private cloud environments
Working knowledge of industry best practices for information security
2+ years working with one or more cloud service models (Infrastructure as a Service, Platform as a Service, and Software as a Service) and deployment models (public, private, hybrid)
2+ years direct experience designing and implementing security solutions for one or more leading cloud providers (AWS, Azure, Google Cloud Platform)
2+ years direct experience with leading firewall, VPN, IDS/IPS, endpoint security, and DLP solutions
Working knowledge of DevOps Security concepts for Continuous Integration/Continuous Delivery environments
Working knowledge of risk assessments, configuration management, change control, and security baselines and frameworks (NIST CSF, NIST SP 800-171, CIS)
Vulnerability management experience with Common Vulnerability Scoring System (CVSS), Common Vulnerabilities and Exposures (CVE), and Open Web Application Secure Project (OWASP)
Expert knowledge of federated identity management, role and access management, and privileged administrative access best practices
Ability to communicate verbally and in writing with audience appropriate content
Education:
Desired: a minimum of 12 years of related experience with a Bachelor's degree; or 8 years and a Master's degree; or a PhD with 5 years experience; or equivalent experience. Certifications such as CISSP, CCSP, CISM, CCIE Security, and AWS Certified Solutions Architect are a plus
So get ready to tap into the data visionary within, and join us as we accelerate digital transformation and empower our customers to change the world with data!
If you ask a NetApp employee why they work here, the answer is inevitably the same: the people. At NetApp, our culture is at the heart of what we do. We place importance in trust, integrity, teamwork, and caring above all else. NetApp is a place where people are empowered to make a difference. Empowered to innovate. Empowered to collaborate. Empowered to help ourselves and others be data-driven and change the world. We take care of each other, our customers, our partners, and our communities simply because it's the right thing to do.
We work hard but also recognize the importance of work-life balance for our employees because what's important to them is important to us! Recently we implemented Family First, which encourages employees to take paid time off to bond with a new child (through birth or adoption) or to care for a family member with a serious health condition. Our volunteer time off program is best in class, offering employees 40 hours of paid time off per year to donate their time with their favorite organizations. We provide comprehensive medical, dental, wellness and vision plans for you and your family. We offer educational assistance, legal services, and access to discounts and fitness centers. We also offer financial savings programs to help you plan for your future.
Join us and see what empowerment can do.
Additional Information
All your information will be kept confidential according to EEO guidelines.
Security Architect
Security Architect Job In Durham, NC
360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement.
Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective-C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and Jquery mobile.
Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us.
We make sure that we deliver performance-driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change.
Job Description
Below is the skillset details. Pls provide profiles ASAP. You may also consider the ones you shared with me on the other thread for PPD to see if there is a match.
IT Security professional with at least 10 years of professional experience. Must be at least engineer level with desire to move to or currently at architect skill level. Technical experience and fluency should be in the below areas:
• Firewall/UTM/IDPS - Fortigate
• client server communication and flow in protocols like FTP, e-mail, web, DNS, etc.
• Endpoint Protection - Symantec/TrendMicro
• Identity and Access Management and Monitoring - Okta/Azure SSO
• Security of data at rest and in motion
• Knowledge of implications to security in SaaS, IaaS
• Vulnerably and Threat Management - Qualysguard
• Security Information and Event Management (SIEM) - HP Arcsight
• Mobile device security
Good communication skills, collaborative spirit, solid analytical skills, adaptability and flexibility to step into other areas outside of core skill set. Candidate should be passionate about security.
Additional Information
Thanks and Regards,
Ankur Bhatia
Senior Security Engineer, Operational Technology, Cloud CISO
Security Architect Job In Durham, NC
XNote: By applying to this position you will have an opportunity to share your preferred working location from the following: Kirkland, WA, USA; Raleigh, NC, USA; Durham, NC, USA; Sunnyvale, CA, USA; New York, NY, USA; Reston, VA, USA. Minimum qualifications:
* Bachelor's degree or equivalent practical experience.
* 5 years of experience with security assessments or security design reviews or threat modeling.
* 5 years of experience with security engineering, computer and network security and security protocols.
* 5 years of coding experience in one or more general purpose languages.
* 3 years of experience in industrial control systems (ICS) and operational technology (OT) security.
* 1 year of experience leading teams in a technical capacity or leading technical risk analysis in an enterprise environment.
Preferred qualifications:
* OT Security Certifications.
* Experience with security assessments and pen testing for ICS/OT environments.
* Familiarity with regulatory and industry standards (e.g., NIST Cybersecurity Framework, ISA/IEC 62443, NERC CIP).
* Understanding of ICS/OT protocols, architectures, and devices (e.g., Modbus, DNP3, OPC, PLCs, SCADA, RTUs).
About the job
Our Security team works to create and maintain the safest operating environment for Google's users and developers. Security Engineers work with network equipment and actively monitor our systems for attacks and intrusions. In this role, you will also work with software engineers to proactively identify and fix security flaws and vulnerabilities.
We help Google Data Centers Product Design teams and Operation teams to securely design, deploy and maintain operational technology (OT) products and architectures. We do this by recommending secure engineering practices in the operational OT and industrial control systems (ICS) space to avoid the introduction of vulnerabilities and security design flaws, and by increasing the security of devices.
Google Cloud accelerates every organization's ability to digitally transform its business and industry. We deliver enterprise-grade solutions that leverage Google's cutting-edge technology, and tools that help developers build more sustainably. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.
The US base salary range for this full-time position is $161,000-$239,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits. Learn more about benefits at Google.
Responsibilities
* Conduct comprehensive security assessments of existing ICS/OT environments to identify vulnerabilities, risks, and non-compliance with Google standards.
* Harden ICS/OT devices, networks, and applications to mitigate potential threats and vulnerabilities.
* Design and implement security architectures, controls, and processes to enhance the overall security posture of ICS/OT systems.
* Monitor and evaluate the effectiveness of security controls and processes.
* Research and recommend new security technologies and solutions to enhance the ICS/OT security program.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google's Applicant and Candidate Privacy Policy.
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.
If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form.
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.
Network Security Analyst
Security Architect Job In Durham, NC
Established in 1991, Collabera is one of the fastest growing end-to-end information technology services and solutions companies globally. As a half a billion dollar IT company, Collabera's client-centric business model, commitment to service excellence and Global Delivery Model enables its global 2000 and leading mid-market clients to deliver successfully in an increasingly competitive marketplace.
With over 8200 IT professionals globally, Collabera provides value-added onsite, offsite and offshore technology services and solutions to premier corporations. Over the past few years, Collabera has been awarded numerous accolades and Industry recognitions including.
Collabera awarded Best Staffing Company to work for in 2012 by SIA. (hyperlink here)
Collabera listed in GS 100 - recognized for excellence and maturity
Collabera named among the Top 500 Diversity Owned Businesses
Collabera listed in GS 100 & ranked among top 10 service providers
Collabera was ranked:
32 in the Top 100 Large Businesses in the U.S
18 in Top 500 Diversity Owned Businesses in the U.S
3 in the Top 100 Diversity Owned Businesses in New Jersey
3 in the Top 100 Privately-held Businesses in New Jersey
66th on FinTech 100
35th among top private companies in New Jersey
***********************************************
Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance.
Job Description
Work Location: Durham NC 27703
Job Title: Network Security Analyst
Duration: 24 Months
Roles & Responsibilities:
• Primary job responsibility will be to perform Intrusion Detection Sensor Threat Analysis.
• Support for any one of McAfee IDS, Sourcefire IDS, Cisco IDS, Tipping Point IDS, Enterasys IDS, Juniper IDP and Fortinet IDS strongly desired.
• The Operations team supports 24x7 and an off shift work schedule may be required.
Qualifications
IDS/IPS
"Network analyst jobs" ; "Network security" ; "firewall analyst"; "network security position"; "network engineer"; "security engineer"
Additional Information
Should you have any questions, please feel free to call:
************
Aditika Sithta
Security Engineer, Level III
Security Architect Job In Durham, NC
This individual will be responsible for providing tier III support for a Managed Service Security Provider (MSSP). The successful candidate will be an integral member of the security engineering team and will need to be fully cognizant of state-of-the-art network, firewall, and other security technologies, products and solutions as well as industry best practice with regard to the design, implementation and deployment of next generations security devices.
This individual should have hands-on experience configuring, installing and managing Fortigate, Cisco ASA, Checkpoint, SonicWall or Blue Coat security devices. This person must be able to communicate, and document instructions effectively with Tier 1 and 2 support teams. Excellent customer service skills and written communication are required.
This position is located in Durham, NC.
Qualifications:
A Bachelors or Master’s degree preferably in Computer Engineering/Networking, international equivalent, or equivalent experience
Minimum of 5 years of experience designing, implementing and deploying next generation firewalls based on Information Security Best Practices
Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
Minimum of 7 years experience in networking, troubleshooting, and analysis tools
Expert understanding and working knowledge of TCP/IP, access-control lists, VLANs, VPNs, firewalls, and dynamic routing protocols such as BGP, OSPF and EIGRP
Evaluates and recommends solutions for highly complex security systems according to industry best practices to safeguard internal information systems and databases
Excellent communication skills and experience working collaboratively in cross-functional teams.
On-call Duties
Ability to travel as needed, approximately 1-3 times a quarter. Can be both domestic and global travel.
Desired:
Vender Certification, preferably Fortinet/Cisco/Blue Coat
Security Certifications: CCNA, CCNP-Security
The ability to define security requirements and subsequently reviews complex systems to determine if they have been designed to comply with established standards
The ability to conduct research and inform management of appropriate developments in firewall, IDPS, WCF, DLP, Application Control and VPN and secure networking technologies and products
Compensation:
A competitive package consisting of a base salary, and full company benefits
Company information
We help nations, governments and businesses around the world defend themselves against cybercrime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes - often collecting and analyzing huge volumes of data. We employ over 4,000 people across 18 countries in the Americas, APAC, UK and EMEA
Lead Information Security Architect / Engineer
Security Architect Job In Durham, NC
EmTacq specializes in EMployer Talent ACQuisitions, matching the most qualified candidates with the most competitive positions available. We pride ourselves on not just putting bodies in seats, rather matching professionals to their careers. We are headquartered in the Raleigh / Durham, NC area. However, as a recruiting agency we service companies and candidates across the United States. We are your best source for professional, value driven low cost recruitment services.
Job Description
The Lead Information Security Engineer will be responsible for designing and implementing a process to analyze the design of technology solutions for threats, attacks, and vulnerabilities that could affect the control environment. Must be a subject matter expert (SME) with strong collaboration skills to work with cross functional teams to ensure the design of technology solutions complies with information security policies, and regulatory obligations.
The Lead Information Security Engineer must have the ability to identify, document, and recommend security safeguards and configurations in a highly complex environment with a demonstrated ability to recognize, and appropriately incorporate layered security safeguards within the network, application, and data layers from a defender's perspective. In this role you must be a positive professional, adaptable, pragmatic, and who is comfortable in delivering clear and concise information at both a technical and managerial level.
Responsibilities:
Design and implement a process to analyze the design of technology solutions for threats, attacks, and vulnerabilities that could affect the client's control environment. Review and approve security configuration checklists (e.g., hardening or lockdown guides) for technology platforms and solutions (e.g., operating systems, databases, firewalls, etc.) Provide security consulting services internally to the engineering organization by giving guidance and functioning as an information security SME. Must have the ability to identify, document, and recommend security safeguards and configurations in a highly complex environment with a demonstrated ability to recognize, and appropriately incorporate layered security safeguards within the network, application, and data layers from a defender's perspective.
Qualifications
Required Experience
*5+ years of experience in one or more of the following information security domains: access management, cryptography, data loss prevention (DLP), emerging technologies (i.e., cloud, mobile, etc.), endpoint security, incident response, malware analysis and protection, network and perimeter security, or web and mobile application security.
*5+ years of experience analyzing the design of technology solutions using common industry frameworks such as DREAD, SSE-CMM (ISO/IEC 21827), STRIDE, or other risk assessment models.
*5+ years of working knowledge of various industry security standards and frameworks including: ISO 27001, ISF Standard of Good Practice (SoGP), NIST Special Publications, etc.
*5+ years of working knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses.
*Teamwork and communication skills, both written and verbal.
Preferred Experience
*Bachelor's degree in Computer Science, Information Systems, or related field. 8+ years of equivalent work experience required in lieu of degree is acceptable.
*Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, CEH, or other relevant industry certification strongly preferred.
Additional Information
Equal Employment Opportunity
Our client is proud to be an equal opportunity/affirmative action employer. We are committed to attracting, retaining and maximizing the performance of a diverse and inclusive workforce. It is their policy to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, creed, religion, national origin, alienage or citizenship status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information or any other basis protected by law.
Security Engineer
Security Architect Job In Durham, NC
Procom is a leading provider of professional IT services and staffing to businesses and governments in Canada. With revenues over $500 million, the Branham Group has recognized Procom as the 3rd largest professional services firm in Canada and is now the largest “Canadian-Owned” IT staffing/consulting company.
Procom's areas of staffing expertise include:
• Application Development
• Project Management
• Quality Assurance
• Business/Systems Analysis
• Datawarehouse & Business Intelligence
• Infrastructure & Network Services
• Risk Management & Compliance
• Business Continuity & Disaster Recovery
• Security & Privacy
Specialties• Contract Staffing (Staff Augmentation)
• Permanent Placement (Staff Augmentation)
• ICAP (Contractor Payroll)
• Flextrack (Vendor Management System)
Job Description
Security Engineer
On behalf of our client, Procom Services is searching for a Security Engineer for a contract opportunity in Durham, NC.
Security Engineer Job Details
We are looking for a talented Senior Security Engineer for our MIS Group in our Durham, NC location. Focus and experience in risk mitigation with possess at least 8 years of directly related practical experience within the last two years, and demonstrated ability to carry out the functions of the job. We are looking for candidates who can provide a well-rounded knowledge and experience base in incident response and security event analytics. An overall flexibility and willingness to work under unpredictable time and project variables is essential.
The Security Engineer will be responsible for the following:
• Experience analyzing malware such as viruses, worms, trojans, etc.
• Experience in information security threat and vulnerability analysis
• Understanding of networking and core Internet protocols (TCP/IP, HTTP, etc.)
• Experience using network security assessment tools
• Experience developing tools for automation and/or other tasks
• Be a team player
• Excellent verbal and written communication skills
• BS or BSE in computer science/engineering, or equivalent experience
Additional responsibilities will include but are not limited to:
• Provide detection and response to security events and incidents within the customer network as well as various supported customer networks
• PCI and Web application vulnerability scanning
• Security log management and monitoring
• Intrusion detections and prevention systems operations
• Vulnerability detection, assessment, and mitigation
• Develop and maintaining information security metrics.
• Provide assistance to core security and incident response teams
• Enterprise encryption standards development and support
• Development and distribution of various security advisories and awareness messages
• Maintain growing knowledge of industry trends relating to security management and services.
Security Engineer Mandatory Skills
• Thirst for knowledge and inquisitive nature
• Experience and strong knowledge of vulnerability management and configuration compliance processes and tools
• Experience and knowledge in Security Information Event Management tools
• Experience in Intrusion Detection and Prevention Systems
• Knowledge of: TCP/IP, computer networking, routing and switching
• Experience in Linux/UNIX and Windows based devices at the System Administrator level
• Strong troubleshooting, reasoning and problem solving skills
• Team player, excellent communication skills, good time management
• Organizational skills and the ability to work autonomously with attention to processes
• Ability to speak and communicate effectively with peers, management and clients
• Ability and willingness to think outside of the box to find creative and innovative solutions to reduce costs with a minimal impact on reliability.
• Ability and experience in writing clear and concise technical documentation
• Ability to speak and write fluently
Education or Experience:
• Graduation with a degree from a recognized university with specialization in Computer Sciences or a related discipline,
• 8+ years of directly related practical experience.
Required Skills:
• Candidate should possess a knowledge in the following technical skills: Incident Response, Log Analysis, TCP/IP, Network Traffic Analysis, Antivirus/Malware, Intrusion Detection/Prevention, Security Incident and Event Management Systems (SIEM), Packet Analysis Techniques, Event Correlation, and Incident Triage.
• Experience in security penetration testing
• Experience using ticketing systems such as Remedy
• Security certifications: SANS/GIAC (GCIH, GCIA or GCUX), CCNA, CISSP, or CISM certifications would be assets
• Knowledge of application security including web applications, web services, XML, SOA, AJAX, JSON, and web scanning tools
• Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions
• Knowledge of NIST, PCI, HIPAA
Security Engineer Start Date
ASAP
Security Engineer Assignment Length
6+ months to perm
Additional Information
All your information will be kept confidential according to EEO guidelines. Please send your resume in Word format only.
Platform Engineering - Cloud Security Architect
Security Architect Job 21 miles from Durham
About the Job The Red Hat Hybrid Cloud Management organization is looking for a highly skilled Architect to join our team. In this role, you will act as a cloud security architect defining and driving our cloud security management strategy, in collaboration with a globally distributed team of cloud security engineers, security SREs, cloud automation developers and DevSecOps engineers. Together, we focus on ensuring our managed services meet the growing demand for security and accountability in the market.
You will contribute to high-profile security and compliance initiatives and work closely with other engineers to deliver innovative, automated solutions that enhance Red Hat's ability to proactively and reactively address industry vulnerabilities. This role requires deep expertise in cloud security principles, threat management, and security best practices across public, private, and hybrid cloud environments.
If you are passionate about cloud security, automation, and open-source software, and thrive in a fast-paced, dynamic environment, this is the perfect team for you.
The Red Hat office in Raleigh, NC is the preferred work location, but well-qualified North America remote candidates will also be considered.
What you will do
* Serve as a security thought leader for our managed services portfolio, driving collaboration on architecture and interdependencies with other teams.
* Define, communicate, and contribute to the long-term security vision and strategy for the open hybrid cloud portfolio.
* Establish and promote best practices, standards, and processes for security and compliance engineering, including architecture, design, development, testing, deployment, and monitoring.
* Design and oversee the implementation of security architectures for large, multi-cloud, and complex environments, ensuring alignment with industry best practices and Red Hat's strategic security goals.
* Develop and enforce consistent secure architecture and deployment strategies across Commercial and Government environments, including FedRAMP compliance.
* Provide regular updates to senior management on security posture, incidents, and compliance status.
* Collaborate closely with Product Security, Information Security, and Product Management teams to meet security and compliance requirements, particularly FedRAMP, for Red Hat managed services.
* Stay informed on emerging trends, threats, and technologies in cloud security, driving continuous improvement in security practices and tools.
* Create and maintain technical and architectural documentation to clearly explain and share platform design decisions and policies and aid in managed services compliance activities.
What you will bring
* Bachelor's degree in computer science, cybersecurity, or a related field. Advanced degrees or certifications (e.g., CISSP, CCSP, AWS Certified Security Specialty) are a plus
* 10+ years of software engineering experience with object-oriented languages, preferably Golang or Python
* 8+ years of experience in enterprise cloud security, secure platform management, and Kubernetes security architecture, including container security practices
* 8+ years of experience delivering hosted cloud services
* 5+ years of experience with enterprise systems monitoring; familiarity with Prometheus is preferred
* 5+ years of experience managing Linux-based systems in public cloud environments such as AWS, GCP, or Azure
* Advanced knowledge of security frameworks (e.g., NIST, ISO 27001, CIS) and compliance standards (e.g., FedRAMP, SOC-2, PCI)
* Advanced knowledge of cloud platforms (AWS, Azure, Google Cloud) and their security features
* Experience in Zero Trust architecture, threat management, Extended Detection and Response (XDR), Security Information and Event Management (SIEM), identity and access management (IAM), key management, and data protection strategies
* Proven experience in establishing DevSecOps practices and automating security pipelines
* Demonstrated ability to build and operate reliable, high-scale, cost-efficient cloud services in government-compliant (e.g., FedRAMP) environments
* Experience with platform engineering tools and methodologies, including DevOps, CI/CD, automation, orchestration, monitoring, and testing
* Previous involvement with security organizations and working groups (e.g., CSA, NIST, CNCF) is a plus
* Advanced problem solving, critical thinking, and analytical skills
* Excellent written and verbal communication skills in English; ability to articulate security concepts to both technical and non-technical stakeholders
* Ability to work in a fast-paced, dynamic environment with cross-functional teams
#LI-HM1
The salary range for this position is $157,750.00 - $260,200.00. Actual offer will be based on your qualifications.
Pay Transparency
Red Hat determines compensation based on several factors including but not limited to job location, experience, applicable skills and training, external market value, and internal pay equity. Annual salary is one component of Red Hat's compensation package. This position may also be eligible for bonus, commission, and/or equity. For positions with Remote-US locations, the actual salary range for the position may differ based on location but will be commensurate with job duties and relevant work experience.
About Red Hat
Red Hat is the world's leading provider of enterprise open source software solutions, using a community-powered approach to deliver high-performing Linux, cloud, container, and Kubernetes technologies. Spread across 40+ countries, our associates work flexibly across work environments, from in-office, to office-flex, to fully remote, depending on the requirements of their role. Red Hatters are encouraged to bring their best ideas, no matter their title or tenure. We're a leader in open source because of our open and inclusive environment. We hire creative, passionate people ready to contribute their ideas, help solve complex problems, and make an impact.
Benefits
● Comprehensive medical, dental, and vision coverage
● Flexible Spending Account - healthcare and dependent care
● Health Savings Account - high deductible medical plan
● Retirement 401(k) with employer match
● Paid time off and holidays
● Paid parental leave plans for all new parents
● Leave benefits including disability, paid family medical leave, and paid military leave
● Additional benefits including employee stock purchase plan, family planning reimbursement, tuition reimbursement, transportation expense account, employee assistance program, and more!
Note: These benefits are only applicable to full time, permanent associates at Red Hat located in the United States.
Diversity, Equity & Inclusion at Red Hat
Red Hat's culture is built on the open source principles of transparency, collaboration, and inclusion, where the best ideas can come from anywhere and anyone. When this is realized, it empowers people from diverse backgrounds, perspectives, and experiences to come together to share ideas, challenge the status quo, and drive innovation. Our aspiration is that everyone experiences this culture with equal opportunity and access, and that all voices are not only heard but also celebrated. We hope you will join our celebration, and we welcome and encourage applicants from all the beautiful dimensions of diversity that compose our global village.
Equal Opportunity Policy (EEO)
Red Hat is proud to be an equal opportunity workplace and an affirmative action employer. We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, veteran status, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.
Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies. We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.
Red Hat supports individuals with disabilities and provides reasonable accommodations to job applicants. If you need assistance completing our online job application, email application-assistance@redhat.com. General inquiries, such as those regarding the status of a job application, will not receive a reply.
Security Engineer
Security Architect Job In Durham, NC
Procom is a leading provider of professional IT services and staffing to businesses and governments in Canada. With revenues over $500 million, the Branham Group has recognized Procom as the 3rd largest professional services firm in Canada and is now the largest “Canadian-Owned” IT staffing/consulting company.
Procom's areas of staffing expertise include:
• Application Development
• Project Management
• Quality Assurance
• Business/Systems Analysis
• Datawarehouse & Business Intelligence
• Infrastructure & Network Services
• Risk Management & Compliance
• Business Continuity & Disaster Recovery
• Security & Privacy
Specialties• Contract Staffing (Staff Augmentation)
• Permanent Placement (Staff Augmentation)
• ICAP (Contractor Payroll)
• Flextrack (Vendor Management System)
Job Description
Security Engineer
On behalf of our client, Procom Services is searching for a Security Engineer for a contract opportunity in Durham, NC.
Security Engineer
Job Details
Responsible for maintaining a program that will provide sufficient evidence on the effectiveness of the IT risk and security activities and processes to ensure client specific contractual requirements. The Manager will help ensure key risks are managed appropriately and the systems of internal controls are in place and are operating effectively to achieve client contractual requirements and provide confidence in their operation to senior management and service delivery.
Lead the scoping and execution of control testing, reporting, and remediation planning for IT operations and related processes.
Execute assurance program and provide accurate and timely reporting to management
Develop metrics, reporting and analysis to demonstrate control adherence and effectiveness for regulatory standards and controls and contractual compliance.
Drive compliance to IT processes and regulatory compliance framework by identifying new control requirements of client specific policies, regulatory requirements and contractual obligations and providing guidance for implementation and testing.
Develop training and awareness for service delivery teams based on results of assurance testing to enhance IT risk and security processes.
Coordinate with key stakeholders to ensure synchronization of key risk areas and planning
Security Engineer Mandatory Skills
Bachelor's Degree in Engineer/Computer Science or similar course of study
Minimum 10+ years of IT experience
8+ years of Security Assessment, IT Risk Compliance, IT audit or similar experience
5+ years internal control risk management, IT controls and related standards
CISM and/or CISSP preferred
Familiar with GRC (Governance, Risk & Compliance) tools
Service delivery and/or contractual compliance experience a positive
Security Engineer
Start Date
ASAP
Security Engineer
Assignment Length
6+ months
Additional Information
All your information will be kept confidential according to EEO guidelines. Please send your resume in
Word
format only.