Security architect jobs in Hendersonville, TN - 326 jobs

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations. Technical Implementation: Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points. Configure, administer, and secure Active Directory and Azure AD environments. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture. Security Operations: Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts. Lead technical response efforts during security incidents or breaches in coordination with the incident response team. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access. Conduct routine vulnerability assessments and threat analysis to support continual improvement. Perform digital forensics and incident response activities as needed. Compliance: Ensure adherence to HIPAA and all applicable regulatory and security standards. Design and implement technical safeguards that protect sensitive information and support organizational objectives. Collaboration: Partner with IT and business teams to embed security controls into systems, applications, and workflows. Educate and support staff on cybersecurity awareness, best practices, and evolving threats. Documentation: Create and maintain accurate documentation for security configurations, procedures, and incident activity. Remain informed on current cybersecurity trends and recommend enhancements to existing controls. Security Audits: Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards. Security Standards and Policies: Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements. Security Infrastructure Maintenance and Monitoring: Configure, troubleshoot, and maintain security-related hardware and software. Implement and manage monitoring tools to detect intrusions and potential security breaches. Security Strategy Development: Support the planning, execution, and ongoing refinement of the organization's information security strategy. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives. Perform additional duties as assigned. Minimum Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required. Minimum Experience: Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment. Certifications: Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.

Compass is looking for an Architect to join our team! Pay Range: $75,000-$100,000 per year Schedule: Full-time, Monday-Friday About Compass: At Compass, "Development with Direction" is our purpose and passion. We are dedicated to making a positive impact in the Smoky Mountain region through initiatives like solving the workforce housing crisis, creating premier lodging opportunities, and revitalizing Sevierville's Downtown Historic District. Our Values: Walk the Walk Living Fully Be Intentional Driven for Excellence Grit Who We're Looking For: Someone who embodies our values, has strong leadership skills, enjoys working with communities, and thrives in a dynamic and collaborative environment. Role Summary: We're seeking a creative and technically skilled Architect to design and guide the development of residential, hospitality, and mixed-use projects. This role involves working closely with stakeholders, engineers, and builders to deliver functional and visually compelling spaces aligned with our mission and vision. Key Responsibilities: Develop architectural plans, elevations, and construction documents Lead design meetings and collaborate with internal teams and consultants Conduct site visits and ensure construction aligns with approved designs Stay up to date on codes, zoning laws, and building regulations Incorporate sustainability and local character into designs Support permitting processes and municipal approvals Contribute to project timelines, budgets, and documentation Qualifications: Degree in Architecture and valid architect's license 2+ years of experience in architectural design or drafting Proficiency in AutoCAD, Revit, and rendering software Strong visualization and technical drawing skills Ability to manage multiple projects and deadlines Benefits: Health insurance Retirement plan Paid time off Collaborative team environment Opportunities for professional development Apply Today: Join our team and make a difference in the Smoky Mountain region. If you are passionate about making an impact and share our commitment to excellence, we would love to hear from you.

**Location:** This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. The **Cloud Security Architect** is responsible for enabling, maturing, and operationalizing cyber defense capabilities across Elevance Health's enterprise and subsidiary cloud environments. This role partners closely with Cloud Infrastructure, Application Engineering, Detection Engineering, and Security Operations to ensure cloud-native security telemetry, detection, and response capabilities are deployed, monitored, and continuously improved. **How You Will Make an Impact:** + Lead efforts to integrate cyber defense and security operations capabilities into enterprise and subsidiary cloud environments (AWS, Azure, GCP, and OCI), ensuring consistent visibility and detection coverage across platforms. + Partner with cloud infrastructure and application teams to ensure security controls, logging, and telemetry are properly enabled, validated, and operational for cloud services and workloads. + Work with app, platform and engineering teams to ensure the appropriate level of logging is enabled within their respective environments. + Define roadmap and strategy for the future of cloud cyber defense, including CSPM, threat detection, logging pipelines, and incident response integration. Develop an approach that is tailored to the organization and keeps us out in front of developing threats. + Propose and develop cloud threat monitoring use cases. Train SOC analysts on how to properly triage, investigate and remediate alerts based on those use cases. + Collaborate with security operations and incident response teams to investigate complex cloud security events (e.g. threat detection events, misconfigurations, exposed resources) and support remediation efforts. + Infuse automation and AI-driven capabilities into cloud threat management operations. + Work with vendors to evaluate, select, and onboard technologies. Partner with vendor contacts to ensure product roadmaps address evolving business and technical requirements. + Support pursuit of new business by designing new cloud architectures that are compliant with FedRAMP or other regulatory requirements. + Participate in and contribute to governance review for new cloud services, AI-enabled platforms, and SaaS offerings, ensuring security requirements, logging, and guardrails are defined before approval. + Act as Subject Matter Expert in all aspects of cloud cyber defense. Advise executive leadership on matters relating to cloud security. Train and mentor junior team members. + Draft business-level presentations that garner executive and stakeholder support for cloud cyber defense initiatives. + Develop policies, technical standards and other foundational documentation. + Support regulatory and audit initiatives by validating cloud security controls, evidence collection, and alignment with frameworks such as SOC2, PCI, HITRUST, and FedRAMP. **Minimum Requirements:** Requires BS/BA in Information Technology or related field of study and a minimum of 10 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background. **Preferred Skills, Capabilities & Experiences:** + Fluency with all 3 major cloud service providers: AWS, Azure & Google Cloud Platform. + Experience designing, implementing or operating cloud security programs in an enterprise environment. + Cloud security certifications such as CCSP or CSP-specific security certifications . + Experience with Oracle Cloud Infrastructure. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Role OverviewThe Principal Cloud Security Architect evaluates cloud architectures, identity models, permissions, and security controls across large-scale environments. This role focuses on identifying architectural risks, misconfigurations, and long-term security design gaps. What You'll Do- Assess cloud architectures (AWS, Azure, GCP) for security gaps - Review IAM configurations, network segmentation, and resource policies - Identify misconfigurations, privilege risks, and insecure patterns - Summarize architectural flaws and provide structured mitigation guidance - Validate alignment with security frameworks and best practices - Support recurring assessments of cloud environments and deployment patterns What You BringMust-Have:- Deep experience in cloud security architecture - Strong understanding of IAM, network design, and cloud service models - Ability to document complex architectures in clear, structured form Nice-to-Have:- Experience with multi-cloud, zero-trust, or high-compliance environments

Candidates can live within commutable distance to any Slalom office in the US. We have a hybrid and flexible environment. Who You'll Work With As a modern technology company, we've never met a technical challenge we didn't like. We enable our clients to learn from their data, create incredible digital experiences, and make the most of new technologies. We blend design, engineering, and analytics expertise to build the future. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are seeking an experienced AWS Security Architect with deep expertise in AWS cloud architecture, native & external security services, and regulatory compliance to provide advisory and delivery services aligned with the standards of a top-tier consulting firm. This role will partner with enterprise clients to design, assess, and implement secure AWS environments that meet business, compliance, and regulatory requirements. This role requires a strong blend of hands-on technical capabilities, architectural leadership, and client-facing advisory skills. As a trusted advisor, you will lead security strategy sessions, assess current cloud security postures, and deliver AWS-native and third-party solutions that align with best practices. You will work across multiple industry verticals, collaborating with engineering, security, risk, and compliance teams, and guiding clients through security transformation journeys and ensuring AWS adoption is secure, compliant, and resilient. This is a strategic technical consulting role suited for individuals who are passionate about cloud security, compliance, and helping clients adopt secure architectures in regulated environments. Key Responsibilities * Serve as a client-facing advisor, providing strategic guidance on cloud security transformation, governance, and operating models. * Lead cloud security assessments, maturity evaluations, and gap analyses, producing recommendations aligned with regulatory frameworks (e.g., NIST, ISO 27001, CIS, PCI DSS, HIPAA). * Design and implement AWS-native security architectures leveraging IAM, KMS, CloudTrail, Security Hub, GuardDuty, Macie, Detective, and Control Tower. * Establish governance, risk, and compliance (GRC) frameworks for AWS adoption, including policy-as-code and automated compliance monitoring. * Define and implement identity and access management (IAM) strategies, including federation, least privilege, and Zero Trust principles. * Guide clients in adopting secure application and data architectures, including encryption, data loss prevention, and secure API integrations. * Support incident response and forensics readiness through AWS-native logging, monitoring, and detection services. * Collaborate with DevOps and platform teams to integrate security into DevOps pipelines (DevSecOps) with automation for vulnerability management, code scanning, and compliance validation. * Collaborate with client executives to articulate cloud security roadmaps, business cases, and investment priorities. * Partner with internal teams to develop accelerators, templates, and reusable security patterns that improve time-to-value for clients. * Author client deliverables such as risk assessments, security architecture design documents, gap analyses, and roadmap plans. * Provide thought leadership via security workshops, executive briefings, and architecture reviews. * Stay current with AWS service releases, regulatory changes, and emerging cyber risks to inform recommendations. Core Qualifications * 8+ years of IT security experience with at least 4+ years focused on AWS security. * Proven consulting experience delivering security assessments, compliance programs, and cloud security roadmaps for enterprise clients. * Strong expertise in AWS security services (i.e. IAM, KMS, CloudTrail, GuardDuty, Macie, Security Hub, Detective, WAF, Shield). * Deep knowledge of cloud governance, risk management, and regulatory compliance frameworks (NIST, ISO, CIS Benchmarks, SOC 2, HIPAA, PCI DSS) and experience designing or assessing AWS environments aligned with these frameworks. * Hands-on experience embedding security into DevOps/DevSecOps pipelines and Infrastructure-as-Code (Terraform, CloudFormation, AWS CDK). * Experience designing ransomware detection, response, and business resilience strategies in AWS including backup, recovery, and isolation patterns. About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position, the target base salary pay range in the following locations: Boston, Houston, Los Angeles, Orange County, Seattle, San Diego, Washington DC, New York, New Jersey, for Consultant level is $119,000-$147,500 and for Senior Consultant level it is $136,500-$169,500 and for Principal level it is $151,000-$187,500. In all other markets, the target base salary pay range for Senior Consultant level it is $125,000-$155,500 and for Principal level it is $138,500-$172,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We will accept applications until 3/31/2026 or until the positions are filled. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to attracting, developing and retaining highly qualified talent who empower our innovative teams through unique perspectives and experiences. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team or contact ****************************** if you require accommodations during the interview process.

Director of Information Security Job Summary Smyrna Ready Mix (SRM) is seeking an accomplished and forward-thinking Director of Information Security to lead the strategy, implementation, and continuous improvement of SRM's cybersecurity posture across a rapidly growing enterprise environment. This leadership role will oversee all aspects of information security governance, risk management, compliance, and operations, ensuring that SRM's systems, data, and infrastructure remain secure, resilient, and aligned with business objectives. The Director of Information Security will collaborate with IT Leadership and operational teams to develop scalable security policies, incident response capabilities, and proactive defense measures across both on[1]premises and cloud (Azure/OCI) environments. This role requires a balance of technical expertise, leadership acumen, and business insight to protect SRM's expanding digital footprint. This position reports directly to the Chief Information Officer (CIO) and partners closely with senior IT and business leadership. The Director of Information Security will play a pivotal role in safeguarding SRM's operations and empowering the company's continued growth through secure, reliable, and innovative technology practices. Responsibilities • The Director of Information Security is responsible for the full lifecycle of SRM's cybersecurity program - from strategic planning and design through implementation, monitoring, and continuous improvement. • Develop and execute SRM's enterprise-wide information security strategy, roadmap, and governance framework, ensuring consistent control design, secure system integration, and architectural alignment with Zero Trust principles. • Lead and mentor the information security team, fostering a culture of collaboration, accountability, and ongoing professional development. • Establish and maintain cybersecurity policies, standards, and procedures in alignment with industry best practices (NIST, CIS, ISO 27001). • Design and oversee the implementation of security controls across network, system, application, and cloud infrastructures (Azure, OCI, O365). • Collaborate with IT leadership to integrate security into all technology projects, ensuring secure design, configuration, and deployment practices. • Manage risk assessments, vulnerability management, and remediation activities, prioritizing mitigation efforts based on business impact. • Oversee identity and access management (IAM) strategy, ensuring proper integration with Microsoft Entra ID (Azure AD), Active Directory, and role-based access controls, as well as other identity strategies to be evaluated and implemented. • Oversee enterprise security operations and incident response, leveraging SIEM, threat intelligence, and analytics to detect and mitigate risks, while leading disaster recovery planning, simulation exercises, periodic threat assessments and penetration testing, and post-incident reviews to strengthen organizational resilience. • Coordinate audits and compliance efforts related to security, privacy, and data protection (SOX, PCI, GDPR, etc. as applicable). • Define and track risk metrics on key cybersecurity performance indicators (KPIs) including health, incidents, and strategic initiatives and provide executive reports to CIO and IT leadership regularly and C-suite as needed. • Partner with CIO and IT Leadership, along with Legal and HR teams to ensure adherence to evolving data privacy and regulatory requirements. • Develop security strategies for operational technology (OT) and industrial IoT environments, including plant networks, weigh systems, and telemetry. • Develop and manage enterprise-wide security awareness and training programs to promote a strong security culture. • Evaluate emerging threats and technologies, recommending appropriate security solutions and investments. • Establish and oversee third-party and supply-chain risk management processes, ensuring that vendor systems and services meet SRM's security and privacy requirements. • Collaborate across IT disciplines (systems, networking, applications) to ensure end-to-end resilience, visibility, and alignment of security priorities with operational needs. Qualifications / Requirements • Bachelor's degree in Information Security, Computer Science, or related field (Master's preferred). • 10+ years of progressive experience in IT and information security, including at least 5 years in a leadership or management role. • Strong technical foundation in network, system, and cloud security, including firewalls, SIEM, endpoint protection, identity management, and incident response. • Proven experience implementing and managing security programs across hybrid (on-prem/cloud) infrastructures. • Deep understanding of various security suites for endpoint management and security (Defender, Entra ID, Intune, SentinelOne, Avanon, Azure Security Center and similar). • Knowledge of risk management frameworks such as NIST CSF, ISO 27001, and CIS Controls. • Demonstrated success developing policy, governance, and compliance programs. • Strong analytical and strategic thinking skills with the ability to translate complex security issues into business terms. • Excellent communication, leadership, and interpersonal skills; able to influence across technical and executive levels. • Relevant certifications such as CISSP, CISM, CISA, or CRISC. • Experience with industrial or operational technology (OT) environments is a plus. • Experience with Zero Trust architecture and cloud-native security solutions. • Experience leading incident response teams or managing security operations centers (SOC). • Knowledge of data loss prevention (DLP), MFA, SIEM/SOAR, and endpoint detection and response (EDR) platforms. • Proven ability to develop, budget for, and manage information security projects ensuring strategic investment in technologies, tools, and personnel are implemented timely and with minimal service impact. About SRM Smyrna Ready Mix (SRM) is a growing leader in the ready-mix concrete industry, recognized for excellence, integrity, and innovation. Our IT department supports a fast-paced, technology-driven environment, ensuring reliable systems and connectivity across all SRM locations nationwide. Joining SRM IT means becoming part of a collaborative, forward-thinking team that values accountability, growth, and teamwork. We leverage modern infrastructure solutions to support SRM's mission-building better communities with reliable service and sustainable growth.

**Weekly Schedule:** Monday- Friday: 9am-5pm **Primary Responsibilities** + Manages solution design from conception, through ARB, to delivery + Primarily responsible for producingarchitecture documentation forsecurityapplications as assigned and as projects and programs of work dictate + Maintains First Horizon'sSecurityArchitecture Pattern Inventory (across identity, data, application, network, and cloud) as a member of the Core EnterpriseArchitecture Team + Leadssecuritydesign workshops and POC efforts for new (security) capabilities + Validates 3rd Party/Vendor Solutions forsecurityconcerns + Aligns InformationSecurityTechnology strategy and planning with First Horizon's business goals and objectives + Promotes the use of a shared infrastructure and application roadmap to reduce costs and improve how assets are secured + Builds and maintains technical trusted advisor relationships with influential technical decision makers within Technology + Works with engineers to ensure that technical solutions as delivered align with InformationSecurityStandards and Policies + Works with Portfolio technology leaders to include IT Risk and SecurityException initiatives in portfolio roadmap + Manage Encryption Standards: key management, tokenization for payments, DLP/classification/handling;architect PCI DSS segmentation boundaries and compensating controls. + Manage Network/Zero Trust Standards: microsegmentation across Azure and colocation; secure branch/office connectivity; define workload identity and continuous verification patterns; enforce least privilege. + Detection/telemetry: Publish Splunk logging schema, retention, and correlation strategies; onboard logs from Azure, Colo, API Gateways, IAM, CyberArk, MFaaS, and core platforms; drive ATT&CK‑aligned detections and forensic readiness. + Secure SDLC and supply chain: Operationalize threat modeling; collaboratively define CI/CD control overlays with DevOps; establish artifact signing/SBOM standards; ensure secrets handling and container/Kubernetes baselines where applicable. + Governance and risk: Maintain control overlays mapped to FFIEC/GLBA/PCI/NIST; lead design reviews; manage exceptions with remediation timelines; produce audit-ready decision records in partnership with the CISO team. + Payments and third-party/SaaS: Define intake andsecurityrequirements for MFaaS, Salesforce, ServiceNow, FIS/Fiserv/Bottomline integrations-identity, logging, data handling, and PCI scoping. + Physicalsecurityintegration: Align building access, video, and visitor systems with identity and logging patterns; coordinate incident playbooks with Corporate/PhysicalSecurity. + Enablement and influence: Mentor seniorarchitects and engineering associates; lead communities of practice; communicate strategy, benefits, and trade-offs to executives and delivery teams. **Requirements** + Bachelor's degree in Computer Science, Management Information Systems, or related field + (12+) years of InformationSecurityexperience + (7+) years of SecurityArchitecture + Experience in regulated financial services + Experience with Azuresecurityarchitecture across multi-tenant/region and hybrid environments; strong Zero Trust and network segmentation expertise + Regulatory fluency: FFIEC, GLBA, PCI DSS; practical NIST CSF/800-53 mapping; MITRE ATT&CK‑aligned detection design. + Experience with technical documentation like interaction diagrams, process diagrams, network topologies and otherarchitectural content + Experience with Agile/SAFe methodologies + Experience with EnterpriseArchitecture Governance: ARB/design councils, exception handling, and audit narratives; ability to set and harmonize enterprise standards. **Certifications/Licensures** + Strongly preferred: CISSP or CompTIASecurity+ Microsoft AzureSecurityEngineer or Azure SolutionsArchitectExpert + Preferred: CCSP; CISM or CRISC; SANS GCSA or GCLD; PCI Professional (PCIP) or equivalent GIAC enterprise defense/IR certifications **Skills And Competencies** + Ability to adapt to new technologies and learn quickly + Enterprisearchitectural leadership across identity, cloud, application, data, and networksecurity. + IAM for associates (Entra ID, Active Directory) and clients (TransmitSecurity, ForgeRock/Ping, or Okta); OAuth/OIDC; phishing-resistant MFA/passkeys; PAM integration and privileged pathway design. + IntegrationSecurity: FAPI, OAuth2.0, FDX, mTLS, rate limiting, schema validation, abuse/bot mitigation, CIAM integration, OWASP, and high-quality telemetry to Splunk. + Secure SDLC and supply chain: threat modeling, pipelinesecurity, artifact signing/SBOM, dependency hygiene, and secrets management. + Communication, influence, and enablement: ability to translate risk to business impact, drive adoption, and coach peers and engineers. + Ownership and execution: measurable risk reduction, pattern adoption, and cross‑team collaboration. **About Us** First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ******************** (https://urldefense.com/v3/\_\_https:/********************/\_\_;!!Cz2fjcuE!hpq9hPnrucZCPIAVPojVESItIq-FPzhurNdCrQ3JE8Rkx3gMd70nIk6\_kmPxl66\_oJCEsXs0gNunPowMAMHCmBYPOtUxUGI$) . **Benefit Highlights** - Medical with wellness incentives, dental, and vision - HSA with company match - Maternity and parental leave - Tuition reimbursement - Mentor program - 401(k) with 6% match - More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook (****************************************** X formerly Twitter LinkedIn (*************************************************** Instagram YouTube (********************************************************** Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor.

The Senior Security Engineer is responsible for designing and leading advanced security solutions to safeguard Dollar General's digital infrastructure, with a focus on cloud, network, and system security in a dynamic retail environment. This role drives layered security integration, mentors junior team members, and utilizes tools such as Palo Alto Networks, Splunk, and F5 ASM to address complex security risk. The ideal candidate brings a balance of technical depth, critical thinking, and pragmatism to strengthen Dollar General's overall security posture. Job Details Duties & Responsibilities: What major responsibilities does this position have and what percentage of time is spent on completing them? (Typically 5 - 7) * Design and implement security architectures across on-premises and cloud environments (Google GCP, Azure) utilizing tools such as Palo Alto firewalls, F5 ASM, and Akamai App & API Protector. * Promote modern security fundamentals by embedding security into CI/CD pipelines using Terraform and championing secure design practices for applications and APIs. * Perform advanced risk analysis and vulnerability management, leveraging tools such as ExtraHop RevealX, Palo Alto Cortex XDR, and Sysdig Secure to identify and mitigate threats. * Manage and respond to security incidents and perform forensic analysis using Splunk and Proofpoint Email Security while leveraging CyberArk for privileged access control. * Develop and enforce security policies related to network security (Palo Alto, Fortinet), DNS (Akamai), and identity management (Clearpass), with emphasis on PKI and conditional access frameworks. * Mentor junior security engineers, fostering critical thinking and hands-on problem-solving skills while collaborating with IT and business units to embed security into organizational processes. * Research emerging threats and evaluate technologies to inform and enhance Dollar General's security strategy and posture. Knowledge, Skills and Abilities (KSAs): What KSAs are required to perform this job? * Deep expertise in network security (Palo Alto, Fortinet, Meraki MX), application firewalls (F5 ASM, Akamai App & API Protector, Cloud Armor), and data protection (Digital Guardian DLP, Microsoft DLP). * Advanced proficiency in cloud security (GCP, Azure) and container security (Sysdig Secure), including tools such as VPC Service Controls and Cloud Armor. * Strong scripting skills in Python, Bash, or PowerShell, and hands-on experience in Terraform for automating security infrastructure. * In-depth understanding of PKI, VPN/remote access technologies (CyberArk Alero, GlobalProtect), and DNS security (Akamai DNS, Akamai GLB). * Exceptional analytical and critical thinking skills with the ability to solve complex security challenges in a pragmatic and business-aligned manner. * Proven leadership and communication skills, with the ability to mentor team members and influence cross-functional stakeholders. * Excellent written, oral, and inter-personal communications skills with the ability to clearly communicate complex topics across technical and non-technical audiences. * Capability to adapt to rapidly changing technologies and threat landscapes, with occasional availability for non-standard hours or travel (up to 5%). Qualifications Work Experience &/or Education: What are the minimum education and/or experience requirements necessary to perform this job? * Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent combination of education and relevant experience. * Minimum 7 years of experience in information security, including at least 2 years in a senior or leadership capacity. * Advanced hands-on experience with at least five of the following: * Palo Alto Networks firewalls and Panorama * Akamai App/API Protector * F5 Application Security Manager (ASM) * Sysdig Secure (or equivalent) * Google Cloud Platform (GCP) native security tools * Microsoft Azure native security tools * Microsoft Defender * CyberArk Privileged Access * HCL BigFix * Splunk Enterprise and Enterprise Security * Data security methodologies * DLP technologies * Proven track record in risk analysis, mitigation planning, and implementing secure configurations across cloud, network, and application layers. * Preferred certifications: CISSP, CISM, CISSP-ISSAP, Palo Alto PCNSE, Splunk Certified Architect, or GCP Cloud Security Engineer.

Job Description: with a base location in Louisville, KY. What the Role Is The Information Security Engineer is responsible for strengthening and supporting Heaven Hill's cybersecurity program. This hands-on technical role focuses on implementation, monitoring, and continuous improvement of security controls across cloud and on-premise environments. The Engineer supports governance and risk management efforts and plays a key role in incident response and in deploying and maintaining secure technology solutions. This position will collaborate with IT and business units to ensure Heaven Hill's data and systems remain resilient against evolving threats, while helping enable secure and efficient access through identity and access management solutions. This role is instrumental in advancing Heaven Hill's overall security maturity and ensuring that cybersecurity enables, rather than limits, innovation and operational excellence. How You Will Spend Your Time? Security Engineering & OperationsDesign, implement, monitor, and maintain security controls across cloud, identity, endpoint, and network environments. Implement and manage Privileged Access Management (PAM) and Role-Based Access Control (RBAC) programs that align with business needs and support POLP (Principle of Least Privilege). Support and enhance Identity Management solutions, including user provisioning, Single Sign-On (SSO) integrations, and secure application configurations. Support secure configuration and hardening of Windows and Linux servers, as well as Windows and mac OS workstations. Manage and maintain DNS and domain registrar configurations to ensure secure and reliable name resolution and domain integrity. Implement, integrate, and manage authentication, including Kerberos, FIDO2, Smart Cards, passkeys, certificate-based authentication, and TLS or key management solutions. Administer and support Public Key Infrastructure (PKI), including certificate issuance, renewal, and lifecycle management. Perform vulnerability scanning and coordinate remediation activities. Administer and optimize core security platforms such as endpoint detection and response (EDR) and security information and event management (SIEM) systems, including alert tuning, integration, and incident response support. Develop and maintain automation or scripting (e. g. , PowerShell, Python) to improve efficiency in security monitoring, configuration management, and response processes. Monitor security events, investigate incidents, perform root cause analysis, and drive post-incident improvements. Collaborate with IT and business teams to ensure security considerations are integrated into infrastructure and project planning from the outset. Risk & GovernanceConduct and document formal risk assessments, identify, evaluate, and communicate risk mitigation strategies. Develop, update, and maintain cybersecurity policies, standards, and procedures aligned with the NIST framework. Partner across the business to build awareness, ensure accountability, and foster a risk-informed culture. Support security aspects of vendor assessments and technology evaluations. Collaboration & Continuous ImprovementProvide security guidance for new initiatives, integrations, and system changes. Contribute to incident response planning, tabletop exercises, and lessons-learned reviews. Develop, maintain, and refine security operations and incident response playbooks to support consistent and effective response activities. Stay informed on emerging threats, technologies, and best practices relevant to manufacturing and spirits production environments. Who You Are… Required Skills and Experience:Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or equivalent experience along with Information Technology related associate's degree. Minimum 5 years of experience in cybersecurity engineering and/or IT engineering. Strong cloud security experience, including the design input, configuration, and operation of controls in cloud and hybrid environments. Hands-on experience with Microsoft Entra ID (Azure AD), including Conditional Access, identity lifecycle management, and integration within hybrid Active Directory environments. Experience with enterprise email security, endpoint protection, network security, data protection. Experience implementing and managing Microsoft Purview for data protection, governance, and compliance. Experience supporting third-party risk management or vendor assessments. Strong understanding of identity, endpoint, and network security architectures and their integration across enterprise environments. Experience performing root cause analysis during and after security incidents. Experience developing or contributing to security documentation such as policies, standards, or procedures. Strong communication skills across technical and non-technical audiences. Experience in manufacturing or industrial environments. Familiarity with OT/ICS security principles, including network segmentation, asset visibility, and industrial protocol security. Valued but not Required Skills and Experience:Professional certifications such as CISSP, CISM, CRISC, or equivalent. Understanding secure application deployment or DevSecOps principles. Physical Requirements While performing duties of job, employee is occasionally required to:Stand; walk; use hands and fingers to handle or feel objects; use a computer; and reach with hands and arms. Occasionally lift and/or move up to 20 pounds. BenefitsPaid Vacation11 Paid HolidaysHealth, Dental & Vision eligibility from day one FSA/HSA401K match EAPMaternity/Paternity Leave Heaven Hill and its affiliates are committed to fostering a diverse workforce as an Equal Employment Opportunity company. We invite applications from candidates of all backgrounds, without regard to race, religion, color, sex, sexual orientation, natural origin, gender identity or expression, age, disability, veteran status, or any other legally protected characteristic.

Senior Security Engineer - Detection and Response Candidates must be local or willing to relocate at their own expense Our Mission Acadia Healthcare's purpose is to Lead Care With Light and our mission is to be a world-class organization that sets the standard for excellence in the treatment of mental health and addiction concerns. We strive to maintain our standing as a thought leader in the behavioral healthcare industry, providing treatment that is synonymous with compassion and innovation. About the Role The Sr. Security Engineer - Detection and Response position is instrumental in the safeguarding and preservation of Acadia's crucial IT infrastructure and sensitive patient data. This role is entirely committed to upholding the most stringent cybersecurity standards within a healthcare environment, ensuring full compliance with industry regulations, and promptly addressing security incidents. Through the adept utilization of state-of-the-art security technologies, automation, and strong partnerships with third-party MSSPs, the Healthcare Security Engineer assumes a pivotal role in the delivery of superior patient care, the nurturing of patient trust, and the unwavering preservation of integrity and confidentiality within our healthcare systems. The first 90 days in this role will be fully in-person to ensure comprehensive onboarding and training. After the initial period, the position will transition to a hybrid model, with 2 days remote and 3 days in the office each week. Compensation & Benefits We value your expertise and dedication-and we invest in your success. * Competitive Base Salary commensurate with experience * Comprehensive Medical, Dental, and Vision Insurance * 401(k) Plan with Company Match * Paid Time Off (PTO) and recognized holidays * Company-paid Basic Life and AD&D Insurance * Employee Assistance Program (EAP) and mental wellness resources * Opportunities for professional growth and advancement within Acadia's nationwide network Key Responsibilities * Security Operations: * Implement and manage security tools * Continuously monitor for malicious activities and vulnerabilities * Develop comprehensive threat detection and alerting procedures * Incident Response: * Lead and coordinate incident response, collaborating with IT and compliance teams * Tailor incident response plans for healthcare settings * Investigate and assess security incidents, with forensic analysis * Develop containment and remediation strategies for risk mitigation * Security Infrastructure and Compliance: * Maintain and optimize security tools and systems * Ensure compliance with healthcare regulations and standards * Assist in external compliance audits * MSSP and Threat Intelligence: * Collaborate with MSSP for security tools and configurations * Define SLAs and KPIs to align with security objectives * Share threat intelligence with MSSP for unified threat response * Coordinate incidents and create incident response playbooks with MSSP's expertise * Continuous Improvement and Automation: * Enhance security through scripting and automation * Develop custom security solutions * Automate incident response with scripting * Stay current with scripting languages and automation frameworks * Operational Metrics and SLOs: * Define operational metrics and KPIs * Establish quantifiable performance indicators * Regularly review and refine operational metrics * Develop and monitor service level objectives (SLOs) to ensure operational excellence Other Responsibilities * Performs other tasks as assigned Standard Expectations * Complies with organizational policies, procedures, performance improvement initiatives and maintains organizational and industry policies regarding confidentiality * Communicate clearly and effectively to person(s) receiving services and their family members, guests and other members of the health care team * Develops constructive and cooperative working relationships with others and maintains them over time * Encourages and builds mutual trust, respect and cooperation among team members Education/Experience/Skill Requirements * Education: A bachelor's degree or equivalent work experience * Experience: Minimum of 5 years of cybersecurity experience, with a preference for at least 4 years in detection and response * Expertise: Strong knowledge of cybersecurity principles, technologies, and best practices. Proven experience in healthcare security and knowledge of industry regulations, such as HIPAA and HITECH * Communication: Excellent communication and collaboration skills to work with diverse teams and vendors * Compliance: Knowledge and understanding of relevant legal and regulatory requirements, such as: Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard (PCI) * Frameworks: Proficiency in common information security management frameworks, such as ITIL, Center for Internet Security (CIS) Critical Security Controls (CSC), and NIST, including 800-53 and MITRE ATT&CK Framework * Problem-Solving: Strong problem-solving and analytical abilities * Technology Proficiency: Candidates must be capable of effectively evaluating and implementing technical alternatives, staying up to date with emerging technologies, risk assessment methodologies, and incident response * Self-Motivation: Self-motivated with strong organizational skills and exceptional attention to detail * Multitasking: Ability to manage multiple tasks/projects simultaneously within strict time frames and adapt to frequent priority changes * Adherence: Capability to work within established policies, procedures, and practices set by the organization * Language Skills: Proficient in English to provide and receive instructions and directions effectively. License/Designations/Certifications * Certifications: Desired by not required: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), CompTIA Security + or Network +, GIAC Certified Incident Handler Certification (GCIH), GIAC Certified Intrusion Analyst Certification (GCIA), Certified Cloud Security Professional (CCSP), Certified Intrusion Analyst (GCIA), Certified Information Security Incident Handler (CIHI), Certified Incident Handler (EC-Council ECIH), Certified Ethical Hacker (CEH), or other similar credentials. Supervisory Requirements This position is an Individual Contributor While this job description is intended to be an accurate reflection of the requirements of the job, management reserves the right to add or remove duties from particular jobs when circumstances (e.g. emergencies, changes in workload, rush jobs or technological developments) dictate. #LI-JS1

Job Requirements & Qualifications: •Designs, put into practice, administers, and supports multiple information security platforms, systems, and applications. Supports a variety of technologies in a hands-on manner. •Performs internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies. (Examples include directory services, database platforms, client and server operating systems, programming languages, web services, firewalls, remote access technologies, messaging platforms, encryption solutions, wireless technologies, internally-hosted applications, externally-hosted applications, and cloud services). •Supports defined Company operating principles via effective, pragmatic information security controls. Analyzes, defines, implements, and administers efficient business processes related to information security programs. Represents the information security function through pragmatic consultation and participation in a defined SDLC. •Maintains knowledge of current and up-and-coming security, compliance, and technical developments. Identifies present and prospective future vulnerabilities and collaborates with suitable leaders to identify, recommend, and develop risk remediation plans, ad to track remediation outcomes and timelines. •Works with the information security management team to administer, maintain, and continuously improve HIPAA, PCI DSS, SOX, and internal controls compliance programs, investigate known or suspected security incidents, support internal and external audits, and assist in the development of appropriate audit response Management Action Plans. •Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements. •Uses project management best practices to initiate, manage, and close projects, often simultaneously across a variety of projects. Creates and maintains a variety of documents related to projects and information security. •Guide and cross-train junior department team members lead meetings construct and uphold strong partnerships with multiple departments coordinate vendor support engagements etc. Knowledge, Skills, and Abilities •Knowledgeable with and ability to apply time-proven, generally-accepted security management concepts, techniques, and methodologies. •Strong understanding of pragmatic implementation of information security controls, holistic defense-in-depth strategies, protocols used to interconnect networks, and publish application resources. •Strong, efficient written and verbal communication skills that enables effective communications to multiple audiences. •Ability to occasionally work unscheduled shifts and in an on-call capacity and be available for occasional travel (up to 25%). •Strong internal (security recommendations) and external (vendor support) negotiation skills. •Ability to influence and encourage others. •Strong understanding of PCI, HIPAA, and SOC regulatory requirements. •Development/analysis proficiency in one or more scripting languages. •Development/analysis proficiency in TSQL. •Capability to learn and preserve new skills required to adapt to growing business and technical environments. •Strong perceptive of present and emergent information security technologies and trends. Qualifications Work Experience and/or Education •Bachelor's and/or Master's degree in information security or computer information systems. •6+ years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives. •Active CISA, CISSP, or CISM certification. •Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AS400, PAN OS, AIX, Cisco IOS, etc.) enterprise services (e.g. directory services, email, web publishing, database, virtualization, etc.) content management, client-server, and collaboration, thin-client, and web-based applications enterprise applications (e.g. Lawson) cloud services (e.g. SaaS, IaaS, etc.) data storage, etc. •Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management. Additional Information

Our Fortune 500 company is driving a digital transformation and looking for forward-thinking innovators to disrupt how our industry thinks about and uses technology. As one of the world's leading employee benefits providers, we help millions of people gain affordable access to benefits that help them protect their families, their finances and their futures. Are you an asker of questions, a solver of problems, and a challenger of the status quo? Our mission is to provide a differentiated customer experience and exceed the expectations people have of technology at any company - not just insurers. We are seeking individuals to join our team of talented IT professionals who share never-ending passion and an unwavering focus on our customer experience. Team members comfortable working in an agile, fast-paced, and delivery-focused environment thrive in our environment where we value an entrepreneurial spirit and those who challenge the status-quo. Unum is changing, and we're excited about what's next. Join us. General Summary:The Manager - Information Security Policy and Controls Governance is responsible for strategic enhancement and day-to-day operation of key governance, risk, and compliance capabilities, including policy and standards governance, enterprise and application-level risk assessments, and controls management and attestation programs. This role will oversee the full lifecycle of governing documents, manage policy exceptions, coordinate external and regulatory assessments, and ensure strong alignment between security controls and regulatory requirements. The manager will also drive consistent, timely issues management across all domains. This leader will partner closely with stakeholders across the organization to mature processes, strengthen compliance posture, and ensure effective, repeatable execution of GRC activities. They will manage a small to mid-size team of IT security and risk management professionals. Job Specifications Bachelors degree in computer science, or relevant technical experience Has 5+ years experience in an IT Risk Management field, or equivalent relevant work experience Has a security technology background with strong knowledge of relevant technical security disciplines Exhibits courage by taking smart risks and encouraging others to do so; empowers innovative approaches by motivating others to be proactive and resourceful Able to effectively coach, mentor, identify, and address skills needs and gaps Proficient in methods and techniques for running effective meetings and for understanding and influencing the roles played by participants Displays good interpersonal skills at all levels of contact and in a wide variety of situations, able to listen and influence, and to relate to customers in their own language Demonstrates the ability to champion change and support teams through change. Demonstrates the ability to think critically, challenge conventional thinking and generate and apply unique business insight to create competitive advantage for the organization Has solid knowledge of regulations, including, GLPA, HIPAA, GDPR, CCPA, and other cyber security regulatory compliance requirements and related programs Has in-depth knowledge of security and control frameworks such as the NIST Cyber Security Framework, NIST SP 800-53, ISO 17799/27001, CobIT, and ITIL CRISC, CISSP, CISM, CISA, and other security related certifications are a plus Principal Duties and Responsibilities Oversees and evaluates the delivery and effectiveness of the organizations policy governance, risk assessments, control attestation, and issues management capabilities, taking action to address performance or quality gaps as needed. Ensures the team maintains a well‑defined, risk‑aligned backlog of work that advances program maturity and meets regulatory, audit, and business needs. Guides team members in prioritizing assessments, policy lifecycle activities, and control-related work based on risk, business value, and regulatory timelines. Proactively removes obstacles and operational roadblocks that hinder timely completion of assessments, attestations, and governance processes. Partners with business and technology stakeholders to translate security, compliance, and risk management objectives into actionable work items. Ensures best‑practice execution, including structured assessment methodologies, clear control documentation, consistent issue tracking, adherence to policy standards, and high‑quality evidence collection. Encourages creativity and continuous improvement in maturing governance, assessment, and control processes; fosters a culture of innovation within the team. Uses operational metrics, assessment cycle data, and workflow insights to understand team performance and drive process efficiency. Partners with leadership to ensure strong talent is in place to support the organization's governance, risk and compliance obligations. Mentors, coaches, and motivates team members to elevate their GRC expertise, business partnership skills, and overall performance. Identifies skill gaps related to risk frameworks, regulatory requirements, control design, and assessment techniques, ensuring development plans address these needs. Promotes cross‑training and shared ownership of GRC functions to reduce single‑points‑of‑failure and increase team resilience. While accountable for the team's output, actively cultivates a self‑organizing, autonomous, and collaborative team that consistently demonstrates accountability and continuous improvement. Conducts regular 1:1s and development discussions to monitor progress, reinforce strengths, and close skill gaps. Collaborates with peers to evaluate the effectiveness of resourcing models, proposing enhancements to better support team operations. Maintains a strong understanding of emerging regulatory trends, risk frameworks (e.g., NIST CSF, HIPAA, SOC, ISO), and control expectations to inform program improvements. Reinforces disciplined prioritization by ensuring the team focuses on the highest‑value, highest‑risk activities and commitments. Designs and operates GRC processes with partner teams' knowledge and needs in mind, ensuring risk governance activities are clear, intuitive, and easy to complete. #LI-TO1 #LI-MULTI IN4 Our company is built on helping individuals and families, and this starts with our employees. We want employees to maintain a positive balance, which is why we provide access to the benefits and resources they need to invest in themselves. From our onsite fitness facilities and generous paid time off to employee professional development programs, we are committed to helping employees live and work their best - both inside and outside the office. Unum is an equal opportunity employer, considering all qualified applicants and employees for hiring, placement, and advancement, without regard to a person's race, color, religion, national origin, age, genetic information, military status, gender, sexual orientation, gender identity or expression, disability, or protected veteran status. The base salary range for applicants for this position is listed below. Unless actual salary is indicated above in the job description, actual pay will be based on skill, geographical location and experience. $89,400.00-$183,500.00 Additionally, Unum offers a portfolio of benefits and rewards that are competitive and comprehensive including healthcare benefits (health, vision, dental), insurance benefits (short & long-term disability), performance-based incentive plans, paid time off, and a 401(k) retirement plan with an employer match up to 5% and an additional 4.5% contribution whether you contribute to the plan or not. All benefits are subject to the terms and conditions of individual Plans. Company: Unum

DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. With a focus on end-to-end managed IT services, including managed mobility, cloud, cybersecurity, network operations, and application development, DMI supports public sector agencies and commercial enterprises around the globe. Recognized as a Top Workplace, DMI is committed to delivering secure, efficient, and cost-effective solutions that drive measurable results. Learn more at ************* About the Opportunity DMI, LLC. is seeking an experienced and proactive Information Systems Security Manager (ISSM) who will report directly to the Program Manager. The ISSM will be the primary security leader for the program while achieving a new Authority to Operate (ATO) and maintaining the security posture for an application migrating to the Enterprise Cloud Management Agency (ECMA) cARMY environment. Responsible for navigating the unique challenges of securing systems in a DOW-approved cloud while ensuring compliance with all applicable DOW, DISA, and Army security policies. Primary focus will be on proactive risk management, continuous monitoring, and successfully managing the ATO lifecycle within the Army's cloud ecosystem. Duties and Responsibilities: Cloud ATO Lifecycle Management: Lead all efforts to achieve and maintain the system's ATO within the ECMA cARMY environment. Primary driver for the RMF package, developing, maintaining, and updating all required documentation within the Enterprise Mission Assurance Support Service (eMASS). Vulnerability Management & ACAS Remediation: Directly manage the vulnerability remediation process. This includes analyzing scan results from the Assured Compliance Assessment Solution (ACAS), prioritizing vulnerabilities, and coordinating with system administrators and developers for timely remediation within the cloud environment. Cloud Security Controls & Compliance: Architect and validate the implementation of security controls, interpreting and applying them specifically to a cloud environment. Leverage control inheritance from the cARMY platform and ensure compliance with relevant Security Technical Implementation Guides (STIGs). Incident Response: Serve as the lead for investigating and resolving security-related incidents and anomalies. Risk Management Framework (RMF): Apply a deep understanding of the RMF to advise leadership on security posture, risk acceptance, and strategic planning for the system's successful operation in cARMY. Collaboration & Support: Interfaces directly with government counterparts, including but not limited to the ECMA, the system's Information System Security Officer (ISSO), and Authorizing Official (AO) representatives. Oversee all aspects of application and system security for a program hosted in a DOW cloud environment. Manage the Plan of Action & Milestones (POA&M): Track vulnerabilities and ensure a clear path to remediation. Ensure continuous compliance with all relevant DISA STIGs and Cloud Computing Security Requirements Guide (CCSRG) mandates. Provide regular security posture reports and briefings to program leadership and Government customers. Other security-related duties as assigned. Qualifications Education and Years of Experience: 7+ years of progressive experience in cybersecurity, with at least 5 years in a direct ISSM or similar role supporting DOW programs. A Bachelor of Science degree in Cybersecurity, Information Technology, or a related field is highly desirable. Required Skills/Certifications: DoD 8570 IAM Level III certification (e.g., CISM, CISSP, or GSLC) is highly preferred DoD 8570 IAT Level II certification is mandatory (CompTIA Security+ CE). Demonstrable experience successfully guiding a system through the ATO process is strongly preferred. eMASS Proficiency: Significant experience working within eMASS to manage the RMF package for a DOW IT system. Demonstrated expertise with ACAS: Proven hands-on experience managing vulnerabilities identified by ACAS and driving the remediation process Deep Understanding of RMF and STIGs: A thorough understanding of the DOW Risk Management Framework and the ability to effectively apply and validate DISA STIGs Citizenship and Clearance: Citizenship Status: Must be a United States Citizen. Security Clearance: Must possess an active SECRET security clearance. Physical Requirements: None required for this position. Location: Must reside within a one-hour driving time of Fort Knox, Kentucky. Working at DMI DMI is a diverse, prosperous, and rewarding place to work. Our culture is shaped by five core values that guide how we work, grow, and succeed together: Do What's Right - We lead with honesty and integrity. Own the Outcome - We take responsibility and deliver. Deliver for Our Customers - We are relentless about delivering value. Think Bold, Act Smart - We innovate with purpose. Win Together - We collaborate and celebrate our success. These values aren't just ideals-they show up in how we support every part of your well-being: Convenience/Concierge - Virtual health visits, commuter perks, pet insurance, and entertainment discounts that make life easier. Development - Annual performance reviews, tuition assistance, and internal career growth opportunities to help you thrive. Financial - Generous 401(k) matches, life and disability insurance, and financial wellness tools to support your future. Recognition - Annual awards, service anniversaries, referral bonuses, and peer-to-peer shoutouts that spotlight your achievements. Wellness - Healthcare coverage, wellness programs, flu shots, and biometric screenings to support your health. DMI values employees for their talents and contributions, and we take pride in helping our customers achieve their goals. Because when we live our values, we all win together. ***************** No Agencies Please ***************** Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Established in 1991, Collabera has been a leader in IT staffing for over 22 years and is one of the largest diversity IT staffing firms in the industry. As a half a billion dollar IT company, with more than 9,000 professionals across 30+ offices, Collabera offers comprehensive, cost-effective IT staffing & IT Services. We provide services to Fortune 500 and mid-size companies to meet their talent needs with high quality IT resources through Staff Augmentation, Global Talent Management, Value Added Services through CLASS (Competency Leveraged Advanced Staffing & Solutions) Permanent Placement Services and Vendor Management Programs. Collabera recognizes true potential of human capital and provides people the right opportunities for growth and professional excellence. Collabera offers a full range of benefits to its employees including paid vacations, holidays, personal days, Medical, Dental and Vision insurance, 401K retirement savings plan, Life Insurance, Disability Insurance. Job Description Title: ArcSight Security Engineer Duration: 6 months (Possibility to Hire) Location: Fort Knox, KY Description: • Assist the customer and required to provide technical leadership on major tasks or technology assignments. • The ideal candidate will have a wide range of technical knowledge in Applicant should posses an in -depth understanding of ArcSight ESM, and be able to perform the functions of a Senior Analyst, Advanced Content Author, and Security Solutions Architect. • Applicant should be able to provide a practical solutions-based approach for design and implementation of a complete enterprise SIEM deployment, and understand methodologies, terms, concepts, and best practices within the context of the HP ArcSight product line. Duties & Responsibilities: • Assist in the Information Assurance Office activities to support with the installation, configuration, troubleshooting, customization and optimization of the ArcSight product suite and its dependencies. • This position requires strong knowledge in network security operations and familiarity with a variety of endpoint security products. • The candidate will develop ArcSight specific content including reports, filters, trends and dashboard content. The candidate must be experienced with ArcSight in order to provide optimization, tuning, and flex agent development. The successful candidate should be very experienced in IT networks, security systems design, and deployment and troubleshooting. • Duties will include the ability to lead the installation, configuration, optimization and customization of ArcSight software and appliances. • Required to translate customer requirements into use cases, design and implement as ArcSight content. The ability to perform system administration for ArcSight components and create customized dashboards for ArcSight ESM and Logger to elevate high threat items to incident responders. DOD 8570 CNDSP Infrastructure certification is desired. Qualifications • Expert level knowledge in defining an organization's ArcSight ESM Network Model • Extensive experience implementing the ArcSight suite of software and appliances in an Enterprise Environment • Experience developing ArcSight FlexConnectors • Proficient in Unix scripting • Ability to develop an ArcSight training program to be used to train our Systems Administrators, Network Administrators, Security Engineers, and Security Analysts in the efficient use of the ArcSight Suite • A Bachelor's degree from an accredited institution or equivalent in Computer Science, Information Systems, Engineering, or related technical discipline is required. • Significant experience may substitute for minimum educational requirements. • Must possess at least 8 years of hands on technical experience with a minimum of 5 year of experience in ArcSight ESM. • Ability to Create Advanced ESM content for Security Use Cases in order to find, track and remediate security incidents, including: Using variables and correlation activities, Customizing report templates to use dynamic content and Customizing notification templates to send the appropriate notification based upon specific attributes of an event Required Qualifications: • ArcSight Certified Analyst (ACSA) and or ArcSight Certified Integrator Administrator (ACIA) • Familiarity with network defense technologies including IDS/IPS, Firewalls, VPN • Determine appropriate Logger/ESM architecture to address specific log management requirements • Integrate Logger/ESM in peering and hierarchical deployments • Optimize ArcSight SmartConnector configurations for a Logger/ESM integrated environment • Identify types of criteria used to define system requirements • Present a thorough compilation of the various architectures and the pros and cons of each • Identify integration capabilities and best practices for each product • Identify data sources and ESM resources required to fulfill the objectives of the use case • Present multiple real-world scenarios that will be the basis of a complete implementation exercise • Must possess a CompTIA Security+ certification (baseline certification - day 1 requirement) • Minimum Certification as a DoD 8570 IAM II, must possess or able to obtain from hire date, within 6 months IAT Level II certification related to Release Management field • Must hold an active Department of Defense Security Clearance (interim Secret minimum - day 1 requirement). • Knowledge of DoD directives 8500.2, 8530.2, CJCSI 6510, and DISA STIGS- specifically requirements pertaining to the access and retention of network device logs. • Strong customer service, organizational skills, knowledge of applicable DoD/Government policies and procedures. • Demonstrated exceptional ability to troubleshoot complex systems required. • Solid understanding of industry standard availability and security practices required. Additional Information To discuss on this, please contact: Himanshu Prajapat Call on: ************ **********************************

Job DescriptionOverview: East Tennessee R&D facility is currently seeking qualified applicants to serve as Junior Information Systems Security Officer (ISSO). The successful candidate should have a basic understanding of all aspects of cybersecurity. The candidate will collaborate with other teams across the lab, to include Information Technology, Physical Security, Classification Office, Cybersecurity, Lab Enterprise Risk, Lab Internal Audit, and others as appropriate. Primary Responsibilities: Provide assistance to the Information Systems Security Manager (ISSM) and Chief Information Security Officer (CISO) in the certification and accreditation (C&A) of systems/networks and implementation of cybersecurity requirements and procedures across the federal facility. Ensure systems are operated, maintained, and disposed of in accordance with DOE security policies and procedures and as outlined in applicable System Security Plans (SSPs). Establish and perform documented procedures for authorizing users to information systems Develop and maintain SSPs for system C&A. Identify, review, and provide analysis and recommendations to meet requirements of applicable laws, regulations, orders, and the contract, translate into policies, procedures, suggested control structures, analysis/white papers, aligning with business objectives Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls Identify, promote, and implement process improvements Qualifications Required: Experience in security control assessments, Master Plans, and Cybersecurity program plans Strong analytical and organizational skills as well as problem solving capabilities to understand Cybersecurity risk and exposure (legal, regulatory violations, etc.) Demonstrated experience implementing compliance frameworks (NIST, etc) Facilitation and project management knowledge, skills and abilities; lead program implementations Demonstrated excellent interpersonal, verbal, written and presentation communication skills and demonstrated ability to interact with all levels of internal and external stakeholders Strong customer service, networking, and teamwork skills with all levels of internal and external personnel, demonstrated ability to work with all levels of an organization Ability to work independently and meet deadlines High ethical standards and operates with integrity and professionalism Must be able to obtain and maintain a DOE Q security clearance Preferred Qualifications: Bachelor's degree in IT, Cybersecurity, Information Assurance, or related field and at least 5 years of experience in cybersecurity policy, risk management, governance, and compliance through a combination of education and experience may be considered for exceptional candidates. Minimum five years' experience working in an information security, information technology or information risk management related field Cybersecurity certifications (CISA, CISM, CRISC, CISSP, CCSP, SSCP) Incident Response Certification Privacy management, cybersecurity, evaluating security controls, identifying control gaps, and mitigating measures along with a strong understanding of business practices and technology concepts Thorough understanding of industry standards and regulations including PCI, HIPAA, Privacy Act, NIST 800-53, NIST Risk Management Framework, FAIR Working knowledge of privacy regulations and impacts Highly motivated individual with an enthusiasm for governance, risk and compliance who can communicate benefits and drive success Experience gaining an Authority to Operate (ATO) for a government system Proven track record of prioritizing tasking and meeting established deadlines Active DOE Q or TS clearance Special Requirement:This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.

Remote | Product and Development | Full-Time WHO WE ARE Headquartered in Nashville, Tenn., Ncontracts leads the industry in integrated risk management and compliance solutions, serving over 5,000 financial institutions nationwide. As a seven-time Inc. 5000 Fastest Growing Companies honoree and consistent year-over-year recipient of "Best Places to Work" awards, we offer a thriving, work environment where career growth and life-work balance go hand in hand. At Ncontracts, you'll join a team of industry experts dedicated to strengthening the financial services sector through innovation and thought leadership. We're seeking creative, collaborative, and self-driven professionals across all areas of our business - from developing cutting-edge solutions to sales, marketing, customer support, and beyond. Join us in our mission to make the financial industry stronger and more resilient, while advancing your career in a supportive, dynamic environment that values your unique skills and perspectives. THE ROLE We're looking for a Product Security Engineer to embed security throughout our software development lifecycle. You'll work closely with engineering teams to secure our financial services platform, with particular focus on emerging AI technologies including Agentic AI systems. This role offers the opportunity to shape security practices in a cutting-edge fintech environment. WHAT YOU DO Participate in security architecture reviews and threat modeling for new features and systems Perform code reviews with focus on security vulnerabilities and best practices Design and implement security controls for cloud infrastructure (AWS, Azure, GCP) Participate in security assessments of AI/ML systems, including Agentic AI implementations Contribute to secure coding guidelines and security testing frameworks Integrate security tools into CI/CD pipelines (SAST, DAST, dependency scanning) Collaborate with DevOps team on infrastructure-as-code security practices Investigate and remediate security vulnerabilities across the technology stack Create security documentation for development teams and architectural decisions Support penetration testing activities and coordinate remediation efforts Research emerging threats and security technologies, particularly in AI/ML space WHAT YOU NEED 2+ years of experience in application security or product security engineering Bachelor's degree in computer science, Cybersecurity, or related technical field Strong programming skills in modern languages (Python, Ruby, Java, C#, JavaScript, PowerShell) Strong database experience with proficiency in SQL and PostgreSQL Deep understanding of web application security (OWASP Top 10, API security) Experience with cloud security architectures and containerization (Docker, Kubernetes) Experience with server administration across Linux and Windows environments Knowledge of security testing tools and methodologies (SAST, DAST, penetration testing) Experience applying risk assessment methodologies (DREAD, CVSS) to analyze security findings and establish data-driven remediation priorities Understanding of secure software development lifecycle (SSDLC) practices Experience with version control systems (Git) and CI/CD pipelines Experience with infrastructure automation using Ansible Demonstrated ability to communicate technical security concepts to diverse stakeholders and influence remediation efforts Self-motivated with ability to work independently and drive security initiatives to completion Experience collaborating with development teams to implement security fixes NICE TO HAVE Professional certifications (SAA-C03, PJPT, CSSLP, CEH, OSCP, AZ-400, AWS DevOps, or equivalent) Experience with AI/ML security, including model security and adversarial attacks Knowledge of financial services security requirements and data protection Experience with infrastructure-as-code tools (Terraform, CloudFormation) Background in threat modeling frameworks (STRIDE, PASTA, OCTAVE) Experience with security orchestration and automation platforms WE OFFER A fun, fast-paced work environment Responsible PTO Plan that meets or exceeds state and local medical and family leave laws 11 paid holidays Community and social events to keep you connected and engaged Mental Health Benefits Medical, Dental and Vision insurance Company-paid Group Life Insurance, Short- and Long-Term Disability Flexible Spending Account & Health Savings Account Aflac Benefits - Critical Illness, Cancer Protection, & Hospital Choice Pet Insurance 401 (k) with company match with eligibility on Day 1 of employment 2 Paid Volunteer Time Off Days And much more! Compensation Information Pursuant to state and local law disclosure requirements, the pay range for this role, with final offer amount dependent on education, skills, experience and location is $80,000 to $100,000 per year. This position may be eligible for an annual discretionary incentive award. The incentive award amount is dependent upon company performance and your personal performance and is not guaranteed. AAP/EEO Statement Ncontracts provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

The Security Engineer is responsible for ensuring that technical and procedural security controls are established and maintained within the organization and complies with a variety of security requirements as well as industry best practices. The position works closely with the Information Security Officer, IS leadership, and team members to implement and maintain security and compliance across LBMC. The Security Engineer will assist in managing Security Systems such as various endpoints, network logging, monitoring, physical access methods, and preventive systems as needed. The Security Engineer must focus on continuous improvement of response capabilities through automation and critical thinking. The professional is responsible for scrutinizing malware, targeted attacks, and intrusion detection. The Security Engineer will identify, investigate, and respond to information security alerts. They play an active role in searching through datasets, alerts, and notifications to detect any threats and anomalies. The security engineer will help resolve any issues related to network perimeter and security infrastructure devices. They must help resolve Windows and other security vulnerabilities. The Security Engineer must be able to dissect network, host, memory, and other artifacts that are originating from multiple operating systems and applications. The engineer will perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the security engineer to develop alerting and detection strategies to investigate any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics. The Security professional must be involved in incident response and investigations. The Information Security Engineer may suggest tools and techniques to achieve security goals. The Security Engineer may perform well-researched security enhancement suggestions to the ISO which meet security standards that protect the organization from possible security breaches. Essential Responsibilities * Security Alerts: Review, respond, and remediate where applicable; * Vulnerability remediation (may also be tasked with vulnerability administration, enhancements, scans, and automation development opportunities); * Phish campaign monitoring and resolution; * Analyze security systems and seek improvements on a continuous basis; * Report possible threats or software issues; * Research weaknesses and determine ways to counter them; * Understand software, hardware, and internet needs while adjusting them according to our business environment; * Assist fellow employees with cybersecurity, software, hardware, or IT needs; * Carry out and support information security plans and policies; * Respond to, investigate, and assist in recovery efforts related to a security breach; * Assist in Security Awareness training development and support; * Troubleshoot security and network problems; * Ensure the organization's data and infrastructure are protected by enabling and/or recommending appropriate security controls; * Participate and follow the change management process; * Daily administrative tasks, reporting, and communication within Information Security as well as relevant departments within the organization, as needed or directed; * Administer, configure, and troubleshoot security infrastructure devices such as Varonis; * Test new software and firmware, as needed or directed. Operational Management * Work closely with IS Engineering, Security Engineers/Analysts, and other IS departments on corporate technology development to fully secure information, computer, network, and processing systems; * Recommend and implement changes, where appropriate, related to security policies and practices in accordance with changes in local and federal law; * Creatively provide resolution to security issues/problems in a cost-effective manner; * Collaborate with the Information Security Officer to establish and maintain systems for ensuring security and privacy policies are met. * Other security responsibilities as directed by the Information Security Officer Other Qualifications * Minimum of 1 - 3 years progressive experience in Cybersecurity technology development/engineering, with an emphasis on cybersecurity technology installations projects, administration, development, support, and related security tools/technology implementations; * Position requires a 4-year degree in Information Systems, Computer Science, Information Security or similar. An equivalent combination of education and experience will be considered; * For those not meeting the minimum education, additional work-related experience will be deemed equivalent; * CISSP or related certification is an advantage; * Strong knowledge of core IT and Security infrastructures including Active Directory, Azure AD, Microsoft Windows security controls, SIEM, AV/EDR [specifically Microsoft o365/E5], IPS, PIM, PAM, IAM, Certificate Management, vulnerability scanners, etc.; * Working knowledge and experience in the following areas: * Cloud computing security in Azure/Windows environments, security controls, security capabilities identification; * Experience in working on Microsoft products and can learn new systems quickly; * Experience with Nessus, Sentinel, Log Analytics, M365 Security stack, penetration testing, security patching, AppLocker, etc.; * Strong verbal and written communication skills required; * Must be able to handle multiple, simultaneous tasks effectively and efficiently while maintaining a professional, courteous manner; * Must be able to work well with others; * Must be detail oriented and organized; * High integrity, including maintenance of confidential information; * Must be able to exercise good judgement and positively influence others, including handling confrontations/conflict with poise and efficiency; * Focus on continuously improving skillset to meet security changes and challenges; * Based on business need, ability to work a flexible schedule, including some evenings and weekends as approved in advance or as required to support a security issue; * Regular and reliable attendance required.

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role As a Physical Security Systems Engineer at xAI, you'll design, implement, and maintain advanced security systems to safeguard our facilities, assets, and personnel. Working onsite in Memphis, Tennessee, you'll tackle complex challenges, leveraging your deep expertise in security technologies to strengthen our infrastructure at a fast-scaling company. Expect to dive into system optimization, ensure robust protection, and travel regularly to xAI sites to support our mission of accelerating human scientific discovery through AI. This is an in-person role based in Memphis, Tennessee, with regular travel required to all xAI sites. Responsibilities Develop detailed design plans for the installation of physical security systems including access control, surveillance cameras, intrusion detection, and alarm systems. Collaborate with InfoSec, IT and facility management teams to integrate security hardware with existing systems across locations. Manage health and configuration of security network infrastructure Regularly assess the performance of installed security systems and make necessary adjustments or upgrades. Conduct preventive maintenance to ensure all security equipment is in optimal working condition. Diagnose and resolve hardware issues promptly to minimize downtime and security risks. Keep detailed records of all service and maintenance activities. Participate in or lead security audits to identify vulnerabilities in physical security measures. Recommend and implement solutions to address identified security gaps. Liaise with vendors for procurement of security hardware, ensuring compliance with organizational standards and budget constraints. Manage relationships with external contractors for installation and maintenance services. Train security and facility staff on the use of new security systems. Ensure all security hardware installations meet local, state, and federal regulations. Maintain up-to-date documentation on system configurations, maintenance schedules, and security incident responses. Required Qualifications Minimum of 5 years in a role focused on physical security systems design. Proven experience with CCTV, access control, and intrusion detection systems. Experience using CAD software and reading architectural drawings Experience using Bluebeam software Preferred Qualifications Bachelor's degree in Electrical Engineering, Computer Science, or related field; or equivalent experience in security systems. Ability to interpret security objectives, develop project schedules and manage adherence to established timetables. Familiarity with Genetec software is a plus. Proficiency in hardware troubleshooting and system diagnostics. Experience configuring security and network architecture in integrated security systems. Familiarity with current security technology trends and innovations. Certifications such as CPP (Certified Protection Professional) or PSP (Physical Security Professional) are highly desirable. Excellent problem-solving abilities and attention to detail. Strong communication skills for effective collaboration with team members and stakeholders. Ability to work under pressure in a dynamic environment on highly condensed timelines. Regular sitting at a desk or computer for extended periods, typing and writing. Occasionally walking, around the facility and standing. xAI is an equal opportunity employer. For details on data processing, view our Recruitment Privacy Notice.