Security architect jobs in Hamilton, OH

Reports to: Chief Information Officer (CIO) Company: Global Industrial Manufacturing ($3B Revenue) Team: 12 global employees (USA, Germany, India) Budget: $3M Opex The Vice President & Chief Information Security Officer (CISO) is the senior-most leader responsible for the global Information Security program. This role sets the strategy, establishes governance, oversees execution of technical and operational controls, and ensures the protection of the company's data, systems, and digital assets across a complex global manufacturing environment. The CISO leads a distributed team across the U.S., Germany, and India, and partners closely with IT, Legal, Compliance, and business leadership to manage cyber risk, secure new technologies, and meet regulatory and customer expectations. This role presents quarterly to the Audit Committee and Executive Management Team on cybersecurity posture, risks, and key initiatives. Key Responsibilities Strategic Leadership & Governance Develop and execute the global information security strategy aligned to business objectives and risk appetite. Provide quarterly cybersecurity updates to the Audit Committee and Executive Management Team. Establish security governance, policies, and standards consistent with leading frameworks (NIST CSF, ISO 27001, CIS). Oversee enterprise risk assessments and maintain a risk-based roadmap for continuous improvement. Security Operations & Technical Controls Lead the design, implementation, and management of all security technologies and controls including endpoint protection, identity & access management, SIEM/SOC operations, cloud security, vulnerability management, and network security. Ensure proactive monitoring, rapid detection, and response to security incidents across global operations. Oversee business continuity and disaster recovery security components in partnership with Infrastructure and Applications teams. Security Architecture & New Technology Reviews Embed security-by-design into IT and business projects, including cloud, ERP, operational technology (OT), and Industry 4.0 initiatives. Conduct architectural reviews and threat modeling for new technologies and digital transformation efforts. Compliance, Privacy & Legal Collaboration Partner closely with Legal to ensure compliance with global data privacy laws, including GDPR, CCPA, and emerging regulations. Oversee data protection practices, records retention security considerations, and reporting obligations related to data privacy incidents. Third-Party & Customer Security Lead the global third-party risk management program, including supplier assessments and ongoing monitoring. Respond to and manage customer security inquiries, audits, and contractual security requirements. Drive vendor governance for security tools, MSSP partnerships, and other outsourced services. Team Leadership & Budget Management Lead a global Information Security team of 12 across the U.S., Germany, and India. Manage a $3M annual operating budget, ensuring cost-effective investments in technology, services, and capabilities. Mentor, develop, and scale the team to support global manufacturing operations and business growth. Qualifications Required 10+ years of progressive experience in Information Security leadership roles. Minimum 3 years as a CISO or a deputy/second-in-command security leader in a larger enterprise. Deep expertise in security operations, architecture, governance, risk, compliance, and incident response. Strong working knowledge of NIST CSF, ISO 27001, CIS Controls, and modern cybersecurity technologies. Experience in global environments and working with distributed teams. Demonstrated ability to present complex cybersecurity topics to Audit Committees and senior executives. Experience managing multimillion-dollar security budgets. Strong understanding of GDPR, CCPA, and global privacy regulations. Preferred Experience in industrial manufacturing or OT/ICS security environments. Certifications such as CISSP, CISM, CISA, CCSP, or similar. Familiarity with ERP environments, cloud security (Azure/AWS), and M&A cybersecurity integration. Experience working with India-based operations or offshore security teams. Personal Attributes Executive presence and strong communication skills. Business-oriented mindset with the ability to translate technical issues into business risk. Proven ability to drive process discipline, build governance, and mature a security program. Collaborative leadership style with strong partnership skills across IT, Legal, and business units. #LI-SC1 Who we are: Hillenbrand (NYSE: HI) is a global industrial company that provides highly-engineered, mission-critical processing equipment and solutions to customers in over 100 countries around the world. Our portfolio is composed of leading industrial brands that serve large, attractive end markets, including durable plastics, food, and recycling. Guided by our Purpose - Shape What Matters For Tomorrow™ - we pursue excellence, collaboration, and innovation to consistently shape solutions that best serve our associates, customers, communities, and other stakeholders. To learn more, visit: ******************** EEO: The policy of Hillenbrand Inc. is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, Hillenbrand Inc. and our operating companies are committed to being an Equal Employment Opportunity (EEO) Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us @recruitingaccommodations@hillenbrand.com . In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying. At Hillenbrand, everyone is welcome to apply and "Shape What Matters for Tomorrow".

Information Technology at Procter & Gamble is where business, innovation and technology integrate to build a competitive advantage for P&G. Our mission is clear -- we deliver IT to help P&G win with the over 5 billion consumers we serve worldwide. Our IT professionals are diverse business leaders who apply IT expertise to deliver innovative, tech-focused business models and capabilities for our 65 iconic, trusted brands. From Day 1, you'll be trusted to dive right in, take the lead, use your initiative, and build billion-dollar brands that help make everyday activities easier and make the world a better place! Our company offers purposeful work that will take your career places you never envisioned, in creative workspaces where innovation thrives and where your technical expertise is recognized and rewarded. The Opportunity Are you a person who is passionate about breaking applications, devices, services and/or processes to help protect them against the world's most advanced cyber security adversaries? The Information Security Protect organization at P&G is responsible for providing a realistic depiction of threat actor behaviors and scenarios during simulated exercises. We drive improvements to applications and systems, as well as detection and response capabilities through regular testing of security controls across the enterprise. Responsibilities: + Lead end-to-end red team operations aligned to priority threat actors: scenario design, ROE, pre-briefs, execution, and hot-wash/AAR. + Support purple-team engagements with DFIR/SOC and Detection Engineering to convert TTPs into durable detections, runbooks, and response improvements with measurable outcomes. + Orchestrate assumed-breach campaigns emphasizing evasion and control bypass (EDR/AV, email/web security, identity/conditional access, network segmentation, cloud guardrails). + Perform campaign/TTP research, develop internal PoCs/tooling (e.g., tradecraft to exercise specific controls, lightweight payloads), and steward OPSEC. + Produce executive-ready risk narratives and technical reporting (ATT&CK mapping, artifacts, evidence handling) and brief senior leadership. + Mentor junior engineers; set standards for craft quality, methodology, and safety. + Coordinate multi-party/third-party exercises; manage risk, deconflict with production, and ensure stakeholder alignment. + Contribute to operational expansion by researching, prototyping, and developing novel capabilities for offensive use. + Contribute to program maturity: metrics/KPIs, roadmap, methodology standardization, control validation cadence, and integration with vulnerability management. Job Qualifications Required: + BA or BS degree in Information Security, Cyber Security, Computer Science, or related field (OR 7+ years of relevant experience required in lieu of a degree). + 5+ years running offensive or emulation operations in large/complex environments, with demonstrated impact on detections/response. + Expertise across 2+ domains: enterprise/web/mobile apps; identity; cloud (AWS/GCP/Azure); network/endpoint; IoT/OT; or directory services. + Proven ability to bypass preventative/detective controls and reach mission objectives while maintaining safety and ROE. + Strong engineering skills (Python, PowerShell, GO, C++, Web Frameworks); comfort with low-level concepts a plus) and familiarity with C2 tradecraft. + Deep command of MITRE ATT&CK and threat-informed defense; history partnering with DFIR/SOC and Detection Engineering. + Excellent executive and technical communication. + Ability to work in Cincinnati, Ohio based office 3 days per week. Preferred: + Leadership of purple-team campaigns and incident-driven emulations; closed-loop improvements with measurable KPI movement. + Building program metrics/KPIs, standardizing reporting, and integrating with risk governance. + Threat-intel integration: actor/campaign analysis, hypothesis generation, and prioritization tied to business impact. + Identity and cloud attack paths (SSO, MFA, OAuth, PAM; AWS/GCP/Azure control planes) with hardening collaboration across platform/IDAM teams. + Coordinating large third-party exercises and setting complex ROE. Pay Range: $110,000 - $165,000 Compensation for roles at P&G varies depending on a wide array of equal opportunity factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process. Our company is committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ's, please click HERE (******************************************************* . P&G participates in e-verify as required by law. Qualified individuals will not be disadvantaged based on being unemployed. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Job Schedule Full time Job Number R000138781 Job Segmentation Experienced Professionals Starting Pay / Salary Range $110,000.00 - $165,000.00 / year

NLB Services offers a wide-range and best-in-class suite of value-based business solutions comprising of IT services, HR solutions, On-site & Off-site Outsourcing and Consulting services that are built on its robust process domain and people management expertise. At NLB Services, we believe in a work culture that is open and energetic. Our operational methodology is clear and object oriented, blended with flexibility and a proactive attitude to help us focus on developing the right expertise that is required to deliver an unmatched set of services and products. Our team of experts works 24/7 to add value to your existing business and help you grow exponentially. Hi, My Name is Ajay Singh and I'm a Resource Manager at Next Level Business Services, Inc. Please find the below and respond with an expected salary range, suitable time to call and contact details. Also, attach a copy of your updated resume. Position Title: SAP HANA and BOBJ Security Consultant Location: Cincinnati, OH Hire Type: Full Time Only Salary: As per Market Job Description: 1. Designing Overall Security for SAP HANA implementation 2. Create customized roles in HANA DB for Developers, Modelers, Technical Admins, End Users, Power Users. 3. Design, Restrict and Control authorizations for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges for various Schema Users 4. Define controls to restrict Create, Drop, Alter other DB Admin rights on HANA DB Schema and its objects 5. Transportation of Security Objects/Roles within HANA Landscape 6. Users creation and Role assignment 7. Setting up Password policy 8. Create Groups in BOBJ Server for different type of Users (Admins, Managers, Developers, End Users etc..) 9. Define and Control access to various Folders 10. Setup SSO with AD or LDAP for SAP, Enterprise and other types of Authentication 11. Define & Control access at Object level for different types of BOBJ Reports (Full control, View, Schedule, View on Demand) 12. Transportation of Security objects within BOBJ Landscape 13. Integration of BOBJ Security with HANA DB Security Roles Thanks, Ajay Singh Additional Information All your information will be kept confidential according to EEO guidelines.

Job Title: Cybersecurity Engineer Labor Category: Exempt Clearance Requirement: Secret - As required Salary: $130,000-$175,000 Travel Requirement: 25% At Tlingit Haida Tribal Business Corporation (THTBC), your work goes beyond the job description-it becomes part of a purpose-driven legacy. Our continuous commitment to growth directly contributes to the strength, resilience, and future of the communities we support. Our growth fuels programs, services, and lasting value for the Tribe, making every success a shared one. For over 35 years THTBC and its subsidiaries has delivered essential services to federal clients across the globe. Whether supporting logistics, information technology, cyber security, or facilities operations, we are united by a shared mission: to create meaningful economic opportunity and growth of the Tlingit & Haida Tribes of Alaska. Together We Grow - One Mission, One Team - With a Commitment to Serve Scope of Work: This position is in support of the sustainment and modification of the United States Air Force (USAF) Electronic Technical Information Management System (ETIMS) program. The primary purpose of this position is to support the ETIMS mission by ensuring all systems, applications, and processes comply with Department of Defense (DoD), Air Force (AF), and federal cybersecurity requirements. The role ensures cybersecurity requirements are integrated into information systems and components through deliberate security design, development, and configuration, in alignment with frameworks such as the Risk Management Framework (RMF) and NIST standards. Responsibilities: Serving as a subject matter expert in security architecture to include providing advice to Program Managers, Customer technical experts, and internal program teams. Ensure all products, deliverables, and activities align with Federal, CNSS, DoD, and AF cybersecurity policies, including: NIST SP 800-37, 800-53, 800-171 CNSSI 1253 DoD 8500-series and DoDI 8510.01 (RMF for DoD IT) AFI 17-series publications and DoD 8140 workforce requirements Integrate cybersecurity considerations into Continuous Integration/Continuous Deployment (CI/CD) methodologies and program management schedules. Identify, manage, verify, and trace security controls across the entire system lifecycle, ensuring alignment with Test & Evaluation (T&E) and overall risk management processes. Implement and document comprehensive cybersecurity assurance measures across all layers of the TCP/IP model (network, transport, application, data link, and physical). Develop and maintain RMF documentation and artifacts, including Security Plans, Vulnerability Assessments, and Test Results, to support system authorization. Ensure compliance with DoDI 8520.02 (PKI and PK Enabling) and DoDI 8520.03 (Identity Authentication), maintaining standardized encryption, digital signature, and authentication mechanisms. Deliver secure applications compliant with DISA STIGs and Cloud One cybersecurity requirements. Conduct static application security testing (SAST) using PMO-approved tools and maintain a Software Bill of Materials (SBOM) for each release (e.g., SPDX, CycloneDX, SWID). Apply secure coding standards (e.g., OWASP Top Ten, CERT) and ensure prompt remediation of vulnerabilities. Generate and provide cybersecurity testing reports, mapping findings to applicable STIG and Cloud One controls. Use automated tools and processes wherever practical, seeking PMO approval for any deviations. Perform other duties as assigned. Minimum Requirements: Seven (7) years of experience supporting DoD or Air Force cybersecurity programs. Compliant with DoDI 8140 Intermediate Level Certifications (Security+, CySA, CAP, CASP CE, CISM, CISSP or Associate) Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field. Strong knowledge of NIST RMF, DoD 8500-series, and DISA STIG compliance. Experience with SAST, SBOM tools, and secure software development practices. Experience supporting AF programs or Cloud One environments. Familiarity with CI/CD security integration and automated compliance tools. Advanced certification (e.g., CASP+, CCSP, or CISSP-ISSAP) preferred. Must be able to satisfactorily obtain and maintain a government security clearance as required by the contract. Must be able to maintain ability to access government worksite. Must possess and maintain a valid state driver's license and a safe driving record, in accordance with company policy, to operate vehicles or equipment as required for the position. Physical Demands / Work Environment: Ability to sit or stand for extended periods while working at a computer or desk. Frequent use of hands for typing, data entry, and handling paperwork. Must be able to work on-call, alternate, and extended shift schedules when necessary to meet the mission requirements, including weekends and holidays. All candidates must successfully complete pre-employment screening, which may include but is not limited to a criminal background check, motor vehicle record review, and a 5-panel drug test, in accordance with company policy and applicable laws. Benefits: We offer a flexible benefits package including medical, dental, and vision plans, TRICARE Supplemental, critical illness coverage, employee discounts, wellness seminars, company-paid life and short-term disability insurance, optional long-term disability, paid leave, a 401(k) plan, and identity theft protection to support your health and financial well-being. For represented positions, the benefits and leave offered will be as defined under the applicable Collective Bargaining Agreement. Equal Employment Opportunity: We are proud to be an equal opportunity employer and comply with all applicable federal, state, and local employment laws. All applicants will be considered for employment without regard to race, color, religion, creed, national origin, gender, gender identity, age, marital status, sexual orientation, veteran status, disability, pregnancy, parental status, or any other characteristic protected by law. Reasonable Accommodation: If you have a disability or medical condition and need reasonable accommodation, please inform the designated recruiter during the hiring process.

At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations. Join Accenture Federal Services, a technology company and part of global Accenture, to do work that matters in a collaborative and caring community, where you feel like you belong and are empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more. Join us to drive positive, lasting change that moves missions and the government forward! We are seeking an experienced Information Systems Security Officer to lead security oversight for our secure cloud platform implementations supporting government customers. This role ensures continuous compliance with federal security standards while enabling agile delivery of cloud infrastructure solutions in classified and sensitive environments. **What you'll do:** + Security Program Leadership + Serve as primary security authority for secure cloud platform implementations + Develop and maintain Information System Security Plans (ISSP) for government systems + Lead security control assessments and continuous monitoring programs + Coordinate with government security officers, SCAs, ISSMs, and AOs for system authorization + Risk Management & Compliance + Implement and maintain Risk Management Framework (RMF) processes + Conduct security control assessments using NIST 800-53 and DoD requirements + Manage Plan of Action & Milestones (POA&M) and security remediation efforts + Ensure continuous compliance with FedRAMP, FISMA, and DoD security standards and applicable overlays + Cloud Security Architecture + Design security controls for multi-cloud and hybrid government environments + Implement cloud-native security solutions: encryption, IAM, network segmentation + Configure security monitoring and incident response capabilities + Validate security implementations against STIG and CIS benchmarks + Security Integration & DevSecOps + Integrate security controls into CI/CD pipelines and Infrastructure as Code + Implement security automation and continuous compliance monitoring + Collaborate with engineering teams to embed security throughout delivery lifecycle + Conduct security reviews for cloud architecture and deployment patterns + Documentation & Reporting + Maintain security documentation packages for government reviews and audits in defined systems including but not limited to eMass + Prepare security deliverables: SSP, SAR, security briefings, and compliance reports + Support security audits, assessments, and customer security reviews + Create security standards, procedures, and training materials + Tools + Work in AWS GovCloud, Azure Government, or Oracle Cloud + Work with vulnerability scanners, SIEM, monitoring platforms + Handle Infrastructure as Code security: Terraform, CloudFormation security + Review container security: Kubernetes security, container scanning, runtime protection + Review network security: VPC design, firewalls, intrusion detection **What you'll need:** + 5 years cybersecurity experience with government systems and cloud environments + 3 years direct ISSO experience supporting federal programs or systems + 3 years' experience with risk management frameworks (RMF) and security control implementation + 6 months of eMASS experience + Demonstrated experience with FedRAMP, FISMA, and DoD security compliance requirements + Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field or 4 years of comparable work or military experience + CompTIA Security+ (current) or equivalent DoD 8570 IAT Level II certification required **Bonus points if you have:** + CISSP, CISM, or GIAC certification + AWS certification - Solutions Architect - Associate **Security Clearance:** An active Secret level clearance is required; TS/SCI preferred As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of **California, Colorado, Hawaii, Illinois, Maryland,** **Massachusetts,** **Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland** . The base pay range for this position in these locations is shown below. Compensation for roles at Accenture Federal Services varies depending on a wide array of factors, including but not limited to office location, role, skill set, and level of experience. Accenture Federal Services offers a wide variety of benefits. You can find more information on benefits here. (********************************************************************* We accept applications on an on-going basis and there is no fixed deadline to apply. The pay range for the states of California, Colorado, Hawaii, Illinois, Maryland, Massachusetts, Minnesota, New Jersey, New York, Washington, Vermont, the District of Columbia, and the city of Cleveland is: $98,500-$184,900 USD **_What We Believe_** _As a company wholly dedicated to serving the US federal government, we bring together the best talent to help reinvent how federal agencies operate and deliver greater value for their mission and the American people. We have an unwavering commitment to creating a culture in which all our people are respected, feel a sense of belonging, and have equal opportunity. As a business imperative, every person at Accenture Federal Services has the responsibility to create and sustain a culture where everyone feels welcomed and included. This is grounded in our core values and our experience that hiring and developing great people who reflect different perspectives, experiences, and backgrounds is key to driving innovation and delivering the results that our clients and the country count on._ **_Equal Employment Opportunity Statement_** _We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities. For details, view a copy of the Accenture Federal Services Equal Opportunity Policy Statement. (**************************************************************************** _Accenture Federal Services is an Equal Employment Opportunity employer. Additionally, as an Affirmative Action Employer for Veterans and Individuals with Disabilities, Accenture Federal Services is committed to providing veteran employment opportunities to our service men and women._ **_Requesting An Accommodation_** _Accenture Federal Services is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture Federal Services and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired._ _If you_ **_ _** _are being considered for employment opportunities with Accenture Federal Services and need an accommodation for a disability or religious observance during the interview process or for the job you are interviewing for, please speak with your recruiter._ **_Other Employment Statements_** _Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States._ _Candidates who are currently employed by a client of Accenture Federal Services or an affiliated Accenture business may not be eligible for consideration._ _Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process._ _The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information._ _California requires additional notifications for applicants and employees. If you are a California resident, live in or plan to work from Los Angeles County upon being hired for this position, please click here (********************************************************************************* for additional important information._

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information Security, Information Security Management, Information System Security Certifications: None Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) II is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include: Assist the ISSM in meeting their duties and responsibilities. Prepare, review, and update authorization packages. Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Notify ISSM when changes occur that might affect the authorization determination of the information system(s). Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure all IS security-related documentation is current and accessible to properly authorized individuals. Ensure audit records are collected, reviewed, and documented (to include any anomalies) Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. Prepare reports on the status of security safeguards applied to computer systems. Perform ISSO duties in support of in-house and external customers. Conduct continuous monitoring activities for authorization boundaries under your preview. Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: 5+ years related experience. 2+ years SAP experience required. Prior performance in roles such as System, Network Administrator or ISSO. Education: Bachelor's degree OR Associate's degree in a related area + 2 years' experience OR equivalent experience (4 years) Certifications: IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II - within 6 months of hire Clearance Required to Start: TS/SCI required Must be able to Attain - TS/SCI with CI Polygraph #AirforceSAPOpportunities The likely salary range for this position is $92,735 - $125,465. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA OH Dayton Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Job Title: Senior Security Engineer TOP SKILLS: Top 3 Required Skills: Experience managing data protection and security controls in MS O365 (SharePoint, OneDrive, Teams) Hands-on experience configuring Data Classification Labels, Retention Policies, and DLP rules Strong technical communication and collaboration skills, with the ability to gather business context and explain security solutions clearly What You'll Do We are seeking a highly technical, hands-on Security Engineer to support our enterprise data protection initiatives within MS O365. This mid- to senior-level contractor will play a key role in building and managing security controls across SharePoint, OneDrive, and Teams environments. The role focuses on implementing and tuning Data Loss Prevention (DLP), Retention Policies, and Data Classification Labels. This is an ideal opportunity for someone with an administrative background in MS O365 who is transitioning into or expanding their career in security engineering. The ideal candidate will be a proactive “doer” who thrives in a collaborative environment and is comfortable engaging directly with end users to understand business needs and secure data accordingly. Top 3 Required Skills: Experience managing data protection and security controls in MS O365 (SharePoint, OneDrive, Teams) Hands-on experience configuring Data Classification Labels, Retention Policies, and DLP rules Strong technical communication and collaboration skills, with the ability to gather business context and explain security solutions clearly Additional Requirements: Background in Microsoft 365 administration with a desire to focus on security Familiarity with secure handling of large file volumes and resolving oversharing risks Experience implementing or tuning custom security controls within Microsoft 365 environments Ability to validate data use cases and work with end users to align controls with business needs Responsibilities: Build, configure, and maintain MS O365 security controls, including DLP policies, Retention Labels, and Data Classification Labels Evaluate and tune existing configurations to improve protection of enterprise data Help reduce risk from overshared files, stale data, or inappropriate access across large MS O365 environments Engage directly with end users and business teams to gather context and guide the implementation of appropriate security controls Take ownership of solutions-this role is for someone who will recommend, implement, and follow through on actions Contribute to the security posture of the OneDrive, SharePoint, and Teams environment across the organization What You'll Get Competitive base salary Medical, dental, and vision insurance coverage Optional life and disability insurance provided 401(k) with a company match and optional profit sharing Paid vacation time Paid Bench time Training allowance offering You'll be eligible to earn referral bonuses! All done! Your application has been successfully submitted! Other jobs

Job Description *This is a contingent opportunity Information Systems Security Manager (ISSM) K2 Group is searching for an ISSM to support the Air Force Research Laboratory Sensors Directorate (AFRL/RY) at Wright-Patterson Air Force Base, OH. Duties: Be the Directorate's Certification & Accreditation (C&A) process expert. Perform C&A duties in compliance with the Risk Management Framework (RMF) structure at the SCI and below level in accordance with all applicable regulations. Follow AFRL procedures to use the Enterprise Mission Assurance Support Service (eMASS), AFRL Enterprise Business System (EBS), Xacta or other workflow tools to obtain an Interim Approval to Operate IATO/ Approval to Operate (ATO). Prepare, submit, and track all Directorate C&A packages of all Research, Development, Test, & Evaluation (RDT&E) computer information systems for base-level and higher headquarters approval, and ensure that all systems are following DoD Information Technology (IT) C&A guidance. Submit a quarterly Plan of Action and Milestones (POA&Ms) to HQ AFRL and maintain 100% accountability for all accredited systems and RDT&E systems requiring POA&Ms. Ensure the Directorate C&A community remains updated on eMASS; review eMASS registration workbooks, recommend changes/clarification and submit updated workbooks to HQ AFRL for registration of Point-to-Point, Standalone, Standalone Enclave systems having a Federal Information Security Management Act (FISMA) requirement. Coordinate any changes or modifications to hardware, software, or firmware of a system directly with the Authorizing Official (AO)/ Delegated Authorizing Official (DAO) prior to the change. Conduct routine maintenance, perform backups, and install upgrades and patches to the systems and networks. Produce artifacts that include but not limited to answers, implementation, documentation, and testing of applicable Information Assurance (IA) controls, topology diagrams, hardware lists, software lists, ports and protocols lists, and plan of action and milestones. Complete or assist in the completion of vulnerability scans and DISA STIG reviews. Research and propose solutions for identified risks to eliminate or mitigate adverse impact to an acceptable level. Interact and coordinate with system program managers to create, update, and maintain system documentation and supporting artifacts related to the RMF process. Requirements: Five (5) years of relevant experience Certifications: SPēD Security Fundamentals Professional Certification (SFPC) - required at start Microsoft SQL Server Management Studio (or Security+) - required at start SPēD Security Asset Protection Professional Certification (SAPPC) - required within 6 months of entry on duty Must hold a DoD 8140.03-compliant certification (at start): Information Assurance Technical (IAT) Level II (required) Information Assurance Technical (IAT) Level III (preferred) Clearance: Active Top Secret/SCI Benefits: K2 Group's benefit offerings include: Medical/ Dental/ Vision Insurance; FSA Medical & FSA Dependent Care; Pre-tax 401(k) & ROTH 401(k) plans; Profit Sharing Plan; Life & Accidental Death Insurance; Short Term/ Long Term Disability; Voluntary Group Life Insurance option; Tuition Reimbursement; Job-related Course Reimbursement; Holiday Pay; and Paid Time-Off Powered by JazzHR Ijvr8jzcNQ

ARS is looking for an Information System Security Officer (ISSO). Our desire is to build a team of highly qualified professionals that will provide expertise in Cybersecurity, Cloud, and Systems Engineering, who will support the development and sustainment of unique secure enclaves at the edge, that provide enterprise services and cyber network defense capabilities to customers across the DoD. This team will provide engineering expertise using technologies such as ePO, Splunk, ACAS, Azure Automation, STIG/SCAP, and other enterprise capabilities. The ISSO will have an active role in monitoring a system and its environment of operation to include developing and updating a System Security Plan, managing and controlling changes to the system, and assessing the security impact. Why Work with us?  ​Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.   Responsibilities: Maintain the operational security posture of systems. Monitor systems and environments for security compliance. Develop and update System Security Plans (SSPs). Manage and control system changes and assess their security impact. Handle physical, personnel, and environmental security. Conduct incident response and security awareness training. Assist the ISSM and assume ISSM duties when necessary. Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM; Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package; Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard; Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS; Report all security-related incidents to the ISSM Conduct periodic reviews of information systems to ensure compliance with the security authorization package; Serve as member of the CCB, if designated by the ISSM; Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change; Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization; Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly; Ensure all IS security-related documentation is current and accessible to properly authorized individuals; and Ensure audit records are collected, reviewed, and documented (to include any anomalies). Participate in joint agile backlog planning and provide feedback to the software development team and infrastructure teams around high to medium risk items that require information system owner approval. Responsibilities: Advanced technical competency and experience in one or more of the following areas: Active Directory Domain Services, Active Directory Federated Services, Active Directory Certificate Services, Windows Server Update Services, ePO, Splunk, STIG/SCAP, YUM, ACAS Automation, and Azure Monitor / Log Analytics. Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard 5+ years related experience in SCI/SAP environments. Bachelor's degree in computer science, Engineering, Finance, Business, or related field 5-8 years demonstrated performance in related technology Top Secret w/ SCI eligibility Other duties as assigned All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: R&D Product Development Job Sub Function: R&D Software/Systems Engineering Job Category: Scientific/Technology All Job Posting Locations: Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America : About Surgery Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech. We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH. Job Description: The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment You will be responsible for: Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. Advise embedded system security software to ensure system hardening and secure coding practices. Support all stakeholders on patch management, vulnerability handling, and SBOM scanning Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) Qualifications / Requirements: Education: Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree Experience and Skills 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment Proven experience with threat modeling and risk assessments for connected products or medical devices Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. Proven experience with electrical and embedded software design Experience developing software for embedded Real-Time Operating Systems (RTOS) Experience developing embedded software systems using Modern C++ (preferably standards 17+) A results and performance driven demeanor with strong sense of accountability Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles Preferred Skills & Experience: Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) Work experience with Systems Engineering activities: requirements management and development, risk management, and verification Strong collaboration, proven technical leadership capabilities, and conflict resolution skills A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX Other Requirements: Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: Vacation - up to 120 hours per calendar year Sick time - up to 40 hours per calendar year Holiday pay, including Floating Holidays - up to 13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via *******************/contact-us/careers . internal employees contact AskGS to be directed to your accommodation resource. #RADSW #Li-Hybrid Required Skills: Preferred Skills:

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: R&D Product Development Job Sub Function: R&D Software/Systems Engineering Job Category: Scientific/Technology All Job Posting Locations: Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America : About Surgery Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech. We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH. Job Description: The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment You will be responsible for: Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. Advise embedded system security software to ensure system hardening and secure coding practices. Support all stakeholders on patch management, vulnerability handling, and SBOM scanning Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) Qualifications / Requirements: Education: Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree Experience and Skills 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment Proven experience with threat modeling and risk assessments for connected products or medical devices Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. Proven experience with electrical and embedded software design Experience developing software for embedded Real-Time Operating Systems (RTOS) Experience developing embedded software systems using Modern C++ (preferably standards 17+) A results and performance driven demeanor with strong sense of accountability Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles Preferred Skills & Experience: Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) Work experience with Systems Engineering activities: requirements management and development, risk management, and verification Strong collaboration, proven technical leadership capabilities, and conflict resolution skills A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX Other Requirements: Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: Vacation - up to 120 hours per calendar year Sick time - up to 40 hours per calendar year Holiday pay, including Floating Holidays - up to 13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via *******************/contact-us/careers . internal employees contact AskGS to be directed to your accommodation resource. #RADSW #Li-Hybrid Required Skills: Preferred Skills:

The Manager, Information Security is responsible for implementing and executing WPCU's Information Security program and strategies under the leadership of the VP, Information Security. This role will collaborate with all lines of business through projects, risk assessments, controls, and control effectiveness reviews. The manager will oversee tools utilized by the Information Security team to provide feedback on vendors and applications. Position will be responsible for collaboration with various business units during a data incident to ensure incidents are properly documented and evidence is captured. This role will be expected to provide thought leadership to ensure the efficiency and effectiveness of the Information Security team. The major activities for this position include: 1) Information Security Operations (40%) a) Develop and oversee control effectiveness reviews to ensure all activities align in scope and frequency with information security policies and approved information security frameworks. b) Develop and oversee information security's involvement with vendor due diligence processes. c) Develop and oversee Identity Access Governance processes to ensure alignment with the principle of least privilege access. d) Develop and oversee information security related risk assessments. Develop and oversee processes to rate criticality of applications and controls to ensure risk assessments are aligned. e) Ensure all assessments are completed in a timely manner including developing appropriate cross training plans to schedule impacts. f) Develop and oversee reporting related to all assessments to ensure risk levels are appropriately assigned and management responses are captured. g) Ensure identified gaps from information security assessments are appropriately tracked. Coordinate with various business units to collect timely updates. 2) Personnel Management & Procedures (20%) a) Mentor assigned partners by administering individual development plans, making recommendations for promotions, or implementing coaching plans. This includes performing regular 1-on-1s with partners and completing annual reviews. b) Ensure departmental procedures are effective, up-to-date, and follow company standards. 3) Project Management (20%) a) Participate in project planning events to provide estimated work effort for projects including pro-active escalation of resources constraints to the VP of Information Security. b) Assist in fostering an enterprise-wide security first culture by participating in project requirement gathering session. Inform project owners of applicable controls, audit findings, or control effectiveness gaps that are appropriate for the project. c) Attend on-going project meetings to advise and ensure information security controls are addressed. 4) Incident Management (10%) a) Role will be responsible for ensuring data incidents are tracked, properly documented, and evidence has been collected. b) Provide regular status updates to the VP of Information Security on open data incidents. 5) Audit and Regulatory Exam Support (10%) a) Assist the Vice President of Information Security with internal and external audits to ensure document collections are completed in a timely manner and properly vetted. b) Serve as subject matter expert during internal and external audits related to activities completed by Information Security. c) Ensure assigned business units are operating efficiently and reliably, are in compliance with applicable laws, regulations, and rules, have appropriate operating controls to mitigate risk, and are performing at a high level. Required Skills This leader in information security must be skilled at developing and leading strategic Information Security programs across the enterprise in a complex, multi-system and multi-vendor environment. Strong, practical knowledge of Information Security concepts and technical architecture are essential. Expert knowledge of risk and information security frameworks are essential. 1) A bachelor's degree is required, preferably in Information Technology, Information Security, or a related field. A master's degree in a related discipline is preferred. 2) At least 7+ years of experience in Information Technology or Information Security is required, with at least 3+ years of experience in a leadership role. Demonstrated experience with developing mapping controls to business processes, building control effectiveness reviews, or building risk ratings to allow business units to identify priorities is preferred. 3) A Certified Information System Security Professional (CISSP), Certified Information Security manager (CISM), or similar certification is required. 4) Demonstrate experience in evaluating vendor due diligence and vendor risk assessment processes. 5) Demonstrate experience in Identity Access Management including how to perform user access and rights reviews to align with least privilege access. 6) Demonstrate experience with developing and implementing a risk assessment process that is collaborative with business units and documents risk in accordance with board approved risk appetite. 7) Demonstrate strong leadership skills including the ability to work collaboratively and manage a remote workforce. 8) Demonstrate ability to drive and manage initiatives that increase operational efficiency, enhances quality, and improves/maintains service levels.

Bowhead seeks a Cybersecurity Network Defense Analyst to join our team in Dayton, OH. The Cybersecurity Network Defense Analyst uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. They provide on-site 24x7x365 operational support in the form of event/incident handling and analysis capability to cybersecurity service subscribers. These highly skilled individuals will work in various capacities alongside Warning Intelligence Analysts and Engineers. The Cybersecurity Network Defense Analyst will work in the Attack Sensing and Warning (AS&W) division which senses changes in subscriber networks through comparison to established baselines and the fusion/integration of closed and open source intelligence to enhance sensing capability. They will perform the analysis of disparate data sources to form a cohesive view of the current cyber security state. They will characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. **Responsibilities** - Receive and distribute AS&W information - Conduct AS&W activities to develop appropriate response (receives and archive task orders, directives, and other required actions, and maintain internal and external source location information) - Coordinate AS&W information from other sources to aid in analysis of alerts - Analyze the Intrusion Detection System alerts to identify unauthorized or anomalous activity - Identify, documents, and reports unauthorized activity/attacks (including IP addresses and ports, attack vector, and attack timeframe) in all incidents and reports per HPCMP CSSP sops - Take action, if appropriate, to prevent or mitigate potential impact to the DODIN based on cyber threats, and develop and distribute countermeasures and interim guidance to prevent or mitigate threats and/or attacks on DODIN - Monitor a platform capable of performing information security continuous monitoring (ISCM) for the purposes of detecting cyber intrusions, attacks, anomalous behavior, and possible insider threats - Collect intrusion artifacts (e.g., source code, malware, and trojans) - Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation - Report incidents and events within proper channels and within timelines identified in the CJCSM 6510.01B - Provide a 24/7x365 event/incident handling and analysis capability - Provide operations log accessible to personnel documenting all mandated reportable cyber events/incidents - Analyze detected cyber events to identify incidents - Categorize and characterize cyber incidents - Notify affected Subscribers of cyber incidents and collect assessments of mission impact for the loss of the system during the incident response process - Analyze cyber incidents to develop specific responses - Distribute tailored countermeasures or interim guidance to Subscribers to eradicate and prevent cyber incidents across all subscribers - Perform forensic analysis of systems and malware in cases where subscribers lack the capability and ensure relevant IOCs are shared with Warning Intelligence - Mitigate operational and/or technical impact due to cyber incidents - Contain the spread of malware to prevent further damage to IT systems through detection, analysis, and execution of containment measures **Qualifications** - Must possess Bachelor's degree or equivalent experience - Must have at least 2 years intrusion detection experience - Must have at least 2 years relevant IT and/or System administrator experience and 2 years relevant Information Security experience - Must have the certifications for DOD 8570 IAT Level II minimally - Must have the certifications for DOD 8570 CSSP-Analyst or CSSP-Incident Responder - Must have the ability to earn DoD 8570 computing environment certification within 6 months - Understanding of network hardware devices and experience configuring Access Control Lists or other Firewall or Router configuration experience - Ability to demonstrate strong knowledge of computer security concepts - Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience - Advanced knowledge of network technologies and protocols - Advanced understanding of current threats and trends present in the Information Security and Technology field - Must complete the specified Joint Qualification Requirement training within 180 days of date of hire, unless otherwise specified SECURITY CLEARANCE REQUIRED: Must currently hold a security clearance at the Secret level or be able to obtain and maintain a clearance at the Secret level. US Citizenship is a requirement for Secret clearance at this location. Physical Demands: - Must be able to lift up to 25 pounds - Must be able to stand and walk for prolonged amounts of time - Must be able to twist, bend and squat periodically \#LI-MN1 Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC's Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant's resume/application may be subject to verification. Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes. UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. Please view Equal Employment Opportunity Posters provided by OFCCPhere (******************************************* . All candidates must apply online at ***************** , and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance *****************/careers/recruitment/ . The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c) UIC Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar company recognized as a top Alaska Native Corporation providing services across the Department of Defense and many federal agencies. Bowhead offers competitive benefits including medical, dental, vision, life insurance, accidental death and dismemberment, short/long-term disability, and 401(k) retirement plans as well as a paid time off programs for eligible full-time employees. Eligible part-time employees are able to participate in the 401(k) retirement plans and state or contract required paid time off programs. **Join our Talent Community!** Join our Talent Community (************************************************************************ to receive updates on new opportunities and future events. **ID** _2025-24272_ **Category** _Information Technology_ **Location : Location** _US-OH-Wright-Patterson AFB_ **Clearance Level Must Be Able to Obtain** _Secret_ **Minimum Clearance Required** _N/A_ **Travel Requirement** _N/A_

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* **Job Function:** R&D Product Development **Job Sub** **Function:** R&D Software/Systems Engineering **Job Category:** Scientific/Technology **All Job Posting Locations:** Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America **:** **About Surgery** Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech . **We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH.** **Job Description:** The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment **You will be responsible for:** + Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. + Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. + Advise embedded system security software to ensure system hardening and secure coding practices. + Support all stakeholders on patch management, vulnerability handling, and SBOM scanning + Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) **Qualifications / Requirements:** **Education:** + Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree **Experience and Skills** + 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices + 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment + Proven experience with threat modeling and risk assessments for connected products or medical devices + Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams + Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. + Proven experience with electrical and embedded software design + Experience developing software for embedded Real-Time Operating Systems (RTOS) + Experience developing embedded software systems using Modern C++ (preferably standards 17+) + A results and performance driven demeanor with strong sense of accountability + Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles **Preferred Skills & Experience:** + Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) + Work experience with Systems Engineering activities: requirements management and development, risk management, and verification + Strong collaboration, proven technical leadership capabilities, and conflict resolution skills + A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience + Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX **Other Requirements:** + Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: + Vacation - up to 120 hours per calendar year + Sick time - up to 40 hours per calendar year + Holiday pay, including Floating Holidays - up to 13 days per calendar year + Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. _Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation,_ **_external applicants please contact us via_** **_*******************/contact-us/careers_** **_. internal employees contact AskGS to be directed to your accommodation resource._** + \#RADSW + \#Li-Hybrid **Required Skills:** **Preferred Skills:**

Advent Global Solutions (AGS) is a leading global IT services company, specialized in delivering enterprise software solutions, IT consulting & outsourcing services, and product engineering solutions. Advent Global's commitment to deliver IT services is backed by 1,000+ employees and preferred partnerships with companies like SAP, Oracle, Sybase, and IBM Job Description Role: IT Security Engineer Location: Cincinnati, OH Duration: 12 months Need 10+ years consultant Key Responsibilities: Minimum 10+ years of IT security experience that includes proven IT Security risk assessments and audits, information risk management and assessment development Minimum 10+ years of on-site working experience in the US Minimum of 2 years of experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security. Intermediate knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security. 3+ years of experience in Web development and web technologies like HTTP, HTML, CSS, and JSPs. 3+ years of experience in microservice development, Node.js preferred or java springboard 2+ years of experience in continuous integration, continuous delivery and deployment automation 2+ years of experience in secure software development and deployment Intermediate knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security. Contributes to the design, engineering and implementation of systems infrastructure. Ability to execute in an agile driven environment Applies proven communication, analytical and problem-solving skills to identify, communicate and resolve issues. Application security reviews * Application Penetration testing * Projects and research work as needed * Security training and outreach to internal development teams * Security guidance documentation * Security tool development * Security metrics delivery and improvements Conduct deep code reviews and find design flaws, and think long-term about driving down operational cost Solve problems at their root, stepping back to understand the broader context, and implementing fixes to ensure that discovered issues are not repeated Stay abreast of new techniques, tools and methodologies used to solve cloud security problems Experience understanding Common Vulnerabilities and Exposures (CVE) and Web Application Security - OWASP Top 10 Requirements analysis, definition, and refinement Secure and assured systems engineering Hands on software engineering and development Mobile computing platform application development Application of Information Security Principals Must have experience in the Assessment of security risk, Big data and analytics, Reverse engineering and Malware analysis Software innovation and technology insertion Use of database technologies such as Oracle, MySQL, or SQL-based equivalents, as well as NoSQL-based databases such as Mongo DB Use Software Configuration Management tools Understanding of Software Development Life Cycle (SDLC) processes Support Test Engineering during formal testing phase of the project Represents the organization in providing solutions to difficult technical issues associated with specific projects Supports project developing solutions for Modernization and Sustainment tasks Must have Agile and DevOps Experience Bachelor's Degree or equivalent education and experience required. Security and/or risk-related certifications preferred but not required (CISSP, CSSLP, GEWB, CASS, CISA, CRISC, C-WAST) Proven analytical skills to identify and analyze security requirements and relate them to appropriate security policies, standards and/or controls in order to determine associated risk. Ensure that technical solutions effectively meet and support business needs. Proven ability to handle and prioritize multiple assignments, often within limited time constraints. The ability to interact with internal and external personnel at all organizational levels. Therefore, the candidate must have the ability to influence others across a matrix organizational structure Proven strong written and verbal communication skills are a requirement; both within the organization and with external partners and vendors. The ability to work independently and as a self-starter. Please share resumes to hemanth[dot]n[at]adventglobal[dot]com Additional Information All your information will be kept confidential according to EEO guidelines.

Cybersecurity and Network Protection SME Clearance Required: TS/SCI (active) Inc. At JMark Services Inc., we are committed to securing the mission. As a trusted partner to the Department of Defense and Intelligence Community, we specialize in cybersecurity, information assurance, and technical operations that protect critical systems and national interests. Our teams thrive at the intersection of innovation and accountability-where every decision matters. Position Title: Cybersecurity and Network Protection SME JMark is seeking a highly skilled Cybersecurity and Network Protection SME to support advanced cybersecurity assessment and compliance operations at Wright-Patterson AFB. In this role, you will lead risk evaluations, validate system security requirements, and play a critical part in maintaining secure, mission-ready environments across classified networks and platforms. Working under minimal supervision, you'll bring deep technical experience and policy fluency to a dynamic, mission-driven team. Key Responsibilities: Plan and conduct compliance audits and vulnerability assessments of systems and networks. Identify deviations from security standards and recommend corrective actions. Support risk mitigation strategies and ensure compliance with certification and accreditation processes. Assist in implementation of government policies such as NISPOM and DCID 6/3; recommend tailored improvements. Provide process, analysis, coordination, and documentation support for secure system operations. Conduct security certification test planning, participation, and reporting (ST&E). Perform hardware/software security research and support secure tech integration and release. Review system audits and track corrective actions through closure. Collaborate with stakeholders across technical, policy, and leadership levels. Required Qualifications: Bachelor's degree in Engineering, Computer Science, Information Technology, or a related field. Minimum of 10 years of relevant cybersecurity or information assurance experience. Strong understanding of vulnerability assessments, ST&E, and certification/accreditation frameworks. Experience applying federal security guidelines (NIST, STIGs, NISPOM, DCID 6/3, RMF). Exceptional problem-solving, organizational, and technical writing skills. Active TS/SCI clearance is required. Why Join JMark? Tackle real-world cybersecurity challenges that protect national defense systems Collaborate with high-caliber experts in a mission-critical environment Enjoy growth opportunities and technical leadership roles Competitive compensation, full benefits, and a values-driven culture Secure infrastructure. Reduce risk. Lead with integrity. Apply now to become a Cybersecurity and Network Protection SME at JMark Services Inc. - Wright-Patterson AFB.

Secure Your Future with the University of Dayton Research Institute! The University of Dayton's Research Institute (UDRI) is seeking a highly motivated and experienced Information System Security Officer to join our dynamic Sensor & Software Systems division in Warner Robins, GA. This is an exceptional opportunity to be part of a renowned research institution committed to excellence, innovation, and community engagement. The Information System Security Officer (ISSO) position is supporting the Air Force Rapid Sustainment Office (RSO). The RSO increases mission readiness by rapidly identifying, applying and scaling technology essential to the operation and sustainment of the U.S. Air Force. Success comes from our teamwork and mutual respect for each other's talents and unique perspectives. This role supports the government cyber lead and provides cybersecurity support for advanced software-intensive technologies to include agile manufacturing, conditioned-based maintenance, augmented reality/virtual reality, cloud-based infrastructure and services, and robotics. Responsibilities: • Serve as cybersecurity technical advisor, consultant, and primary point of contact to the Program Manager, Information System Owner, and other stakeholders for the Information systems • Assessing systems for vulnerabilities and providing corrective recommendations. • Supporting government Cyber lead in performing RMF activities leading to system RMF acceptance IAW DoDI 8510.01, NIST 800-series special publications, USAF policy and instructions, and guidance as applicable on RSO IT systems in networked, standalone, and cloud configurations. • Support, coordinate, and continuously monitor system security posture and ensure adverse events are formally handled and reported • Developing, reviewing, and updating necessary documentation associated with achieving RMF accreditation of each system. • Applying currently accepted methods for documenting the RMF status of each RSO system within the DoD environment. • Security Technical Implementation Guides (STIGs) for all systems • Managing projects in compliance with DoD and AF RMF policies including but not limited to the following: o DoDI 8500.01 - Cybersecurity Risk Management Framework for DoD Information Technology. o DoD 8570.01 M - Information Assurance Training, Certification, and Workforce Management. o CNSSI 1253 - Security Categorization and Control Selection for National Security Systems. o NIST 800-series Special Publications (SP). o Computer Security, including SP 800-53 - Security Controls and Assessment Procedures for Federal Information Systems and Organizations and Air Force Instruction Series 17. Cyberspace: Accomplishing system categorization, security control selection, security control implementation, security control assessment, and security control monitoring, including, but not limited to, accomplishing the RMF steps as outlined in DoDI 8510.01 on a system-by-system basis • Providing system performance reporting. • Support System Administrator for multiple cloud projects and implementations. • Supporting Interim Authority to Test (IATT)/ Authority to Operate (ATO) planning and execution. Minimum Qualifications: • Associates Degree in Cybersecurity, Computer Science, or related field • 3+ years relevant cybersecurity experience • Experience with the NIST RMF process • Security Technical Implementation Guides (STIGs) application experience • The applicant must meet DoD 8570.01-M IAT Level II or higher certification requirements on hire date (Security+ CE) • Familiarity with the DOD Information Assurance Vulnerability Management program • Effective verbal and written communication skills • Ability to obtain a Secret level security clearance • Due to the requirements of our research contracts with the U.S. federal government, candidates for this position must be a U.S. citizen Preferred Qualifications: While not everyone may possess all of the preferred qualifications, the ideal candidate will bring many of the following: • 5+ years' DoD cybersecurity experience • IAT Level III or IAM Level I Certification • Bachelor's Degree in Cybersecurity, Computer Science, or related field • Additive Manufacturing experience • Systems Administration experience • Experience with Secure Development Operations Systems, as either a user, developer, or system administrator • Experience with submission of system security package to DoD for ATO, IATO, etc • Active Secret level security clearance. • Familiarity with Enterprise Mission Assurance Support Service (eMASS). • Experience with approved government cloud services such as Microsoft Azure, Amazon Web Services, Google Cloud. • Relevant cloud infrastructure and security certifications (i.e. Office365, SharePoint, Amazon AWS) • Cloud Application experience • Experience managing various project activities ensuring accurate task completion Special Instructions to Applicants: To apply please submit a cover letter addressing each minimum qualification and any applicable preferred qualifications that you meet. Closing Statement: Informed by its Catholic and Marianist mission, the University is committed to the principles of diversity, equity, and inclusion. Informed by this commitment, we seek to increase diversity, achieve equitable outcomes, and model inclusion across our campus community. As an Affirmative Action and Equal Opportunity Employer, we will not discriminate against minorities, women, protected veterans, individuals with disabilities, or on the basis of age, race, color, national origin, religion, sex, sexual orientation or gender identity.

Subsidiary: KIRA Information Solutions Job Title: Information System Security Engineer (ISSE) working with Wright-Patterson Air Force Base, Dayton, OH Labor Category: Exempt Clearance Requirement: Secret Clearance, if required In-person Requirement: As needed, meet in Dayton OH w/ key personnel or Customer Travel Requirement: Minimal, as needed Salary: $615,000 to $210,000 Tlingit Haida Tribal Business Corporation (THTBC) is a family of 8(a), HUBZone, SDB, and other companies wholly- owned by the largest tribe in Alaska. Each of its wholly- owned 30+ subsidiaries are uniquely qualified to deliver value to its customers and teaming partners. For over 30 years, THTBC has operated as a trusted US Federal contractor throughout the US and worldwide. As a Native Alaskan, Tribally- Owned business, THTBC has a competitive edge unique in the US Federal Government contracting space, including access to US Government directed sole source contracts. THTBC delivers outstanding service with innovative, low-cost contract solutions to all its public and private sector customers worldwide. THTBC is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran's status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Scope of Work: This position is working with the government and may require secret clearance and/or security plus certification. The government program office is Wright Patterson AFB, Dayton, Ohio. The development and support team are geographically dispersed, and teleworking is our daily working protocol, however, on-site support for meetings may be required. The program requires highly qualified, self-motivated, proactive people who work well with others with limited supervision. Essential duties The Information Systems Security Engineer (ISSE) will be responsible for the day-to-day security operations of all of the ETIMS systems. The ISSE will be responsible for ensuring the full compliance and appropriate operational security posture set to current Federal, CNSS, DoD, USAF, and NIST standard including but not limited to standards included in the programs Performance Work Statement. CyberSecurity for all information systems will be maintained and documented by the ISSE. The ISSE will run vulnerability scans, as required in systems such as Checkmarx and CAST, etc. In addition to implementing and maintaining the aforementioned policies, they shall support the creation and maintenance of Plans of Action and Milestones (POA&M) in response to vulnerabilities identified during scans, risk assessments, audits, and inspections. This responsibility includes physical and environmental protection, access control, incident handling, security training, vulnerability and compliance management, configuration management, and the assistance in the development of security policies and procedures. The ISSE assures successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals. The ISSE shall ensure that all application deliverables comply with the hosting environment's Application Security & Development Security Technical Implementation Guide (STIG), which includes the need for source code scanning, the Database STIG, and a Web Penetration Test to mitigate vulnerabilities associated with (Structured Query Language) SQL injections, cross-site scripting, and buffer overflows. The appointed ISSE will work for and in close collaboration with the Government appointed ISSM/E. Our ISSE will perform duties in accordance with DoD Instruction 8510.01 and 8520.02, DoD Directive 8140.01, AFI 33-210, NIST Special Publication 800-37, and AR 25-2. Required qualifications: Bachelor's degree in engineering, science, mathematics, or a related field. Five years' experience within the past 10 years, in planning simulation exercise architectures, supervising implementation of communication systems, and integration of distributed exercises. Five years' experience in information technology management. Knowledge base with DoD Instruction 8510.01 and 8520.02, DoD Directive 8140.01, AFI 33-210, NIST Special Publication 800-37, and AR 25-2. Meet DoD 8570.01-M, 8140.01 Baseline Computing Environment (CE) Certification Requirements at Information Assurance Management Level II (IAM II). U.S. citizenship. Preferred qualifications: Bachelor's degree in Computer Science or Information Management. Possess an expert understanding of NIST, DoD, Air Force (AF) Cybersecurity Risk Management Framework policies, directives, instructions, manuals, and best business practices. Knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures utilizing standards-based concepts and capabilities (e.g., ACAS, MECM, ESS,etc.). Knowledge of disaster recovery continuity of operations plans. Knowledge of enterprise incident response program, roles, and responsibilities. Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth). Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins. Knowledge of measures or indicators of system performance and availability.

TOP SKILLS: Must Have Brinq Excellent communication and presentation skills, and a proven background of presenting to senior leaders, large groups, etc. on relevant matters pertaining to large projects and impacting key functionality. Lead and Implementation Experience Performing referral to principle proven consistent experience in vulnerability management, security engineering, security consulting etc Proven experience with proactive threat management, research, escalation, discovery etc. Security Solid understanding of popular security tooling and understanding of security architecture/interconnectedness of processes and tooling. Nice To Have CISSP, CISA, CISM, AWS Solutions Architect certifications GRC/audit management experience Scripting/automation experience - python preferred Solid proven experience with tooling such as Qualys, Brinqa, Archer, ServiceNOW, Checkmarx, Prisma (and any AWS experience is great as well) What You'll Do Responsible for performing all functions required to support day-to-day data security operations and accountable for security and networking infrastructure component availability and integrity, monitoring compliance with IT security policy, and coordinating investigation and reporting of security incidents. Primary Responsibilities: Define, deliver, and support enterprise security tools and architecture in collaboration with other teams. Enhance the Bank's network vulnerability management program for in-scope subsidiaries and affiliates. Define security environments and lead the implementation and onboarding of new applications, programs, processes, projects, and initiatives into the Enterprise Vulnerability Management Program. Communicate, escalate, support, and guide the resolution of open vulnerabilities, including infrastructure, application security, and configuration management vulnerabilities. Conduct security research on threats and remediation techniques/technology, make recommendations to IS/IT teams, and oversee their implementation. Proactively monitor and investigate security alerts from managed security service providers and in-house security tools. Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications, and systems. Support ad hoc requests for reporting and control evidence, as needed. Perform threat analysis and incident response by interpreting events. Support the Bank's operational information security responsibilities, including developing and maintaining standards, procedures, and guidelines for the Enterprise Vulnerability Management Program. Share knowledge and industry best practices with team members. Serve as a security engineer/consultant on projects. What You'll Get Competitive base salary Medical, dental, and vision insurance coverage Optional life and disability insurance provided 401(k) with a company match and optional profit sharing Paid vacation time Paid Bench time Training allowance offering You'll be eligible to earn referral bonuses! All done! Your application has been successfully submitted! Other jobs