Security architect jobs in Joplin, MO - 555 jobs

Title: Sr Information Security Analyst Salary: $100K Job Summary: As a member of the Information Security team, responsibilities include manages and mitigates information security risk by identifying, evaluating, assessing, designing, monitoring, administering, reporting and implementing systems, policies and processes. Provides information security risk insight and guides management on information security risk issues and serves as advisor to peers, team members and management. Minimum Education: Bachelor's degree in Computer Science, MIS, Computer Engineering, Cyber Security or related discipline. Licensure, Registration and/or Certification: One or more of the following certifications are preferred: Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Auditor (CISA). Work Experience: 3 - 4 years related experience inclusive of two years working directly in an Information Services department and previous experience with HIPAA/PHI compliance programs, policies, procedures, risk assessments and audits. Knowledge, Skills and Abilities: In-depth knowledge of cyber security methodology and security practices. Knowledge of HIPAA, PCI, SOX, ISO and NIST cybersecurity frameworks. Knowledge of intrusion detection and intrusion prevention systems, penetration and vulnerability testing. Knowledge of data loss prevention, anti-virus and anti-malware software tools. Knowledge of computer networking, TCP/IP, routing and switching, network protocols and packet analysis tools. Knowledge of Windows, UNIX and Linux operating systems. Excellent problem solving and analytical skills. Excellent written and oral communication skills. Excellent organizational and interpersonal skills. Ability to work independently as well as in a team setting. Essential Functions and Responsibilities: Define, implement, and enforce information security policies, strategies, and procedures that align with healthcare laws and regulations, such as HIPAA. Conduct and/or support targeted risk assessment. Determine significant risk points and exercise process for risk assessment and risk acceptance. Review assessment results for vulnerabilities, gaps, control deficiencies, and work with key stakeholders to establish plans for sustainable resolution. Maintain an effective information security awareness program and educate internal teams on best practices. Ensures that business and clinical software applications include adequate information and security controls. Establish and maintain metrics based on the information security framework..

Expertise in Blue Yonder (JDA) Category Management Suite, including: Floor Space Planning Assortment Optimization Space Automation Pro Open Access CKS Strong database skills with hands-on experience in: Oracle RDBMS SQL Server PL/SQL and SQL scripting Ability to develop and optimize code Technical proficiency in .NET (C# or VB) for developing extensions and modifications within Blue Yonder Category Management. Skilled in CKB environment preparation, Blue Yonder/JDA Category Management installations, and environment configuration.

Oversees and coordinates all information security staff and activities to ensure the firm's overall information assets are adequately protected. Oversees the planning, coordinating and implementing of information security programs in order to maintain information integrity and protect against all cybersecurity threats. Interacts with other individuals in the firm in a problem-solving and team-building manner. Oversees, develops and maintains the Firm's ISO 27001 Program, and operation objectives. Manages the development and cost effective solutions to maintain the integrity of system information while allowing business operations to continue in the event of any type of business interruption. Assists in audits of the Information Security program as needed at the request of management. Uses leadership skills to train, motivate and direct assigned staff. Provides technical expertise in the selection, testing, implementation and deployment of information security systems. Provides technical guidance and direction in information security monitoring, assessment, auditing and testing. Defines, develops and implements the firm's Information Protection Program security policy. Works with the Director of Information Security and Risk Management to develop methods of improving department workflow, customer satisfaction and employee efficiency. Assists in determining department work procedures, plans, assigns and directs work as necessary. Monitors employee workflow and makes adjustments as necessary to ensure customers' needs are addressed in a timely and efficient manner. Monitors and audits analyst(s) work product, reviews and communicate results with employee and provides advice. Coordinates training of staff to ensure work meets/exceeds performance expectations within a reasonable time frame. Oversees department projects, ensuring that procedures are followed and objectives are accomplished according to schedule. Responsible for conducting, coordinating, testing, implementing, deploying, and operational maintenance of all information security systems, applications, appliances and devices throughout the firm. Responsible for assessing, recommending, developing, implementing and maintaining the firm's information security infrastructure and security standards. Lead for security risk assessments and penetration studies of networks. Recommends solutions for security vulnerabilities and takes corrective measures and/or applies security patches when appropriate. Installs, monitors, maintains and upgrades virus detection applications/tools to ensure computer codes, viruses, and worms are blocked or eradicated when detected. Analyzes problematic security log entries from security servers and routers, provides technical solutions to issues and security breaches. Is on call to respond to security incidents or disaster recovery and business continuity operations. Maintains advanced knowledge of the firm's Information Security posture, goals and objectives. Supervises the Information Security Engineers. Is responsible for the overall direction, coordination, and evaluation of designated employees in this category. Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding, coaching, and disciplining employees; addressing complaints and resolving problems.

Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. The Cloud Security Architect is responsible for enabling, maturing, and operationalizing cyber defense capabilities across Elevance Health's enterprise and subsidiary cloud environments. This role partners closely with Cloud Infrastructure, Application Engineering, Detection Engineering, and Security Operations to ensure cloud-native security telemetry, detection, and response capabilities are deployed, monitored, and continuously improved. How You Will Make an Impact: * Lead efforts to integrate cyber defense and security operations capabilities into enterprise and subsidiary cloud environments (AWS, Azure, GCP, and OCI), ensuring consistent visibility and detection coverage across platforms. * Partner with cloud infrastructure and application teams to ensure security controls, logging, and telemetry are properly enabled, validated, and operational for cloud services and workloads. * Work with app, platform and engineering teams to ensure the appropriate level of logging is enabled within their respective environments. * Define roadmap and strategy for the future of cloud cyber defense, including CSPM, threat detection, logging pipelines, and incident response integration. Develop an approach that is tailored to the organization and keeps us out in front of developing threats. * Propose and develop cloud threat monitoring use cases. Train SOC analysts on how to properly triage, investigate and remediate alerts based on those use cases. * Collaborate with security operations and incident response teams to investigate complex cloud security events (e.g. threat detection events, misconfigurations, exposed resources) and support remediation efforts. * Infuse automation and AI-driven capabilities into cloud threat management operations. * Work with vendors to evaluate, select, and onboard technologies. Partner with vendor contacts to ensure product roadmaps address evolving business and technical requirements. * Support pursuit of new business by designing new cloud architectures that are compliant with FedRAMP or other regulatory requirements. * Participate in and contribute to governance review for new cloud services, AI-enabled platforms, and SaaS offerings, ensuring security requirements, logging, and guardrails are defined before approval. * Act as Subject Matter Expert in all aspects of cloud cyber defense. Advise executive leadership on matters relating to cloud security. Train and mentor junior team members. * Draft business-level presentations that garner executive and stakeholder support for cloud cyber defense initiatives. * Develop policies, technical standards and other foundational documentation. * Support regulatory and audit initiatives by validating cloud security controls, evidence collection, and alignment with frameworks such as SOC2, PCI, HITRUST, and FedRAMP. Minimum Requirements: Requires BS/BA in Information Technology or related field of study and a minimum of 10 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background. Preferred Skills, Capabilities & Experiences: * Fluency with all 3 major cloud service providers: AWS, Azure & Google Cloud Platform. * Experience designing, implementing or operating cloud security programs in an enterprise environment. * Cloud security certifications such as CCSP or CSP-specific security certifications . * Experience with Oracle Cloud Infrastructure. Job Level: Non-Management Exempt Workshift: 1st Shift (United States of America) Job Family: IFT > IT Security & Compliance Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

CyberOne is hiring! We hire smart, talented and high-performing professionals to push our organization forward and provide superior service to our customers. We each take accountability for our work, strive to make each other better, and genuinely love what we do. If you value learning new things, being innovative, and working in a supportive, collaborative environment, CyberOne may be the place for you. If you are ready to raise the bar for your career and be part of our exciting journey, we would like to hear from you! The Presales Senior Security Architect partners closely with Account Managers, Professional Services, and partner resources to design and deliver tailored cybersecurity solutions that address customer needs. Acting as a trusted advisor, this role combines deep technical expertise with strong communication skills to build confidence and drive successful outcomes. The Senior Security Architect will primarily support customers in the Oklahoma region, while providing additional support to other regions as needed. This position requires the candidate to reside in Oklahoma in order to effectively serve the assigned region.Essential Functions Build strong customer relationships and serve as a trusted technical advisor, helping them achieve their business and security goals. Work in close partnership with Account Managers, Professional Services, and vendor partners. Continuously expand and update knowledge of cybersecurity use cases, leading partner technologies, and CyberOne's Professional Services offerings to align with customer needs. Maintain a strong understanding of the broader cybersecurity ecosystem with deep knowledge of key verticals (e.g., network, cloud, OT, application security). Provide training and knowledge sharing to sales teams on vendor products, cybersecurity trends, and market insights. Perform assessments and consulting services to help customers identify risks within their environments. Lead strategic conversations with enterprise customers on industry trends and emerging technologies. Act as the customer's advocate for technical issues, ensuring timely follow-up and resolution. Travel as needed to participate in customer meetings, workshops, and strategic discussions. Education/Experience 7+ years of experience designing and implementing security solutions in large environments. Experience leading and recommending technology selection processes within or for enterprise organizations. Proven experience as a senior or lead technical resource/architect (cybersecurity, network, cloud, etc.) within a large organization, reseller, or systems integrator. Effectively lead and support customer demonstrations with Systems Engineers to highlight CyberOne's value proposition. Certification/License Requirements Industry-recognized certifications (e.g., CISSP, CCSP, SANS, Open CA) preferred. Vendor/technology certifications (e.g., AWS, Palo Alto Networks, Tenable) preferred. Core Skills/Abilities Excellent relationship-building skills with the ability to engage clients confidently in person and virtually. Strong organizational skills with the ability to manage multiple priorities in a fast-paced environment. Strong presentation, written, and oral communication skills across all organizational levels, from senior leadership to peers and team members. Proficiency with standard office equipment such as laptops and smartphones. Work Environment Ability to travel up to 50% within the Oklahoma territory and occasionally to the Plano, TX headquarters. Ability to navigate client environments, including walking, stairs, and carrying light materials (up to 25 lbs). Prolonged periods of sitting or standing while working remotely or attending meetings. Operates a laptop and standard office equipment for prolonged periods. Participates in virtual meetings and occasional in-person training or company events. Strong verbal, visual, and auditory capabilities to effectively present, communicate, and engage with clients and internal teams. If you are passionate, driven and ready to take your career to the next level, we invite you to apply today! CyberOne is a proud Equal Opportunity and Affirmative Action Employer. All qualified applicants, regardless of race, color, genetic information, national origin, religion or belief, sex, affectional or sexual orientation, gender identity or expression, immigration status, ancestry, age, marital status, disability, or protected veteran status, are encouraged to apply and will receive equal consideration based on merit, qualifications, and business need. Recruitment Agencies Please Note: "In accordance with our recruitment policy, CyberOne strictly prohibits any form of solicitation of our employees by external agencies or third parties. Any candidate information that may be received from such agencies or third parties shall be deemed as a voluntary gift and shall become the exclusive property of CyberOne. Exceptions to this policy apply only when an Agency/Third Party is an Authorized Vendor of CyberOne, holding a valid and current contract that has been duly signed by our People Services Manager or CFO of CyberOne. Under no circumstances will any payment be made to any Agency/Third Party unless they are an Authorized Vendor or possess written approval from the CyberOne People Services Manager or CFO, granting them explicit permission to engage in recruitment efforts on behalf of CyberOne."

At Jack Henry, we're more than a technology company, we're a force for good in financial services. We're redefining how community banks and credit unions connect with the people they serve. Our mission is rooted in people inspired innovation, empowering financial institutions to deliver seamless, secure, and human centered experiences. We deliver cutting-edge solutions that are paving the way for the next generation of digital banking and payments, but our true impact begins with our associates. If you're ready to help transform an industry and grow with a company that values purpose, collaboration, and excellence then we'd love to meet you. We are seeking a highly skilled PCI Security Analyst to join our team. The analyst is responsible for ensuring organizational compliance with the Payment Card Industry Data Security Standard (PCI DSS) and related cybersecurity requirements. This role involves conducting compliance assessments, managing audits, implementing security controls, and mitigating risks associated with payment card data. This position offers remote flexibility within a 70-mile radius of our office locations in Allen, TX; Lenexa, KS; Springfield, MO; or Monett, MO. The salary range for this position is $110,000- $125,000 and will be determined based on location and experience level. All positions, regardless of location, may require an onsite interview or in-person onboarding requirement to verify your identity. What you'll be responsible for: * Conducts PCI DSS compliance assessments to identify gaps and risks supporting ongoing security and compliance. * Develops, implements, and maintains PCI-related security policies, standards, and procedures to ensure consistent protection of cardholder data. * Monitors and validates compliance with PCI DSS requirements across systems and processes to maintain regulatory adherence. * Executes comprehensive validation of PCI DSS scope across enterprise environments, ensuring accurate identification and classification of in-scope systems, applications, and data flows. * Collaborates with cross-functional teams to assess segmentation controls, cardholder data locations, and business processes to confirm scope boundaries align with PCI DSS requirements. * Documents scope rationale and provide evidence-based recommendations to reduce scope where feasible, while maintaining compliance integrity. * Validates vulnerability assessments and penetration testing to ensure secure configurations. * Validates encryption, key management, and secure transmission of cardholder data to protect sensitive information. * Supports incident response and forensic investigations involving payment card data to enable rapid resolution. * May perform other job duties as assigned. What you'll need to have: * Minimum of 6 years of experience in a PCI DSS compliance role. * At least one relevant certification (e.g., PCIP, QSA, CISSP, ISA) is required. What would be nice for you to have: * A senior level professional with in-depth body of knowledge, experience and expertise with the ability to resolve complex issues. * Excellent understanding of PCI DSS requirements and security frameworks (e.g., PCI 4.x, NIST, ISO 27001). * Strong knowledge of network security, encryption, and secure system configurations. * Strong technical expertise in network security, encryption, vulnerability management, and secure system design. * Strong risk management capabilities including the ability to identify, assess, and mitigate compliance and security risks within payment card environments * Demonstrated proficiency using compliance management platforms (e.g., Archer, Qualys, Trustwave), SIEM, and vulnerability scanning tools to support PCI DSS compliance and cybersecurity initiatives. If you got this far, we hope you're feeling excited about this opportunity. Even if you don't feel you meet every single requirement on this posting, we still encourage you to apply. We're looking for passionate, driven individuals who align with our mission and can bring unique perspectives to our team. Why Jack Henry? At Jack Henry, we live by the motto: "Do the right thing, do whatever it takes, and have fun." It's more than a tagline, it's the foundation of our culture. We recognize that our associates are the key to our success, and we're deeply committed to their wellbeing. That's why we offer comprehensive benefits designed to support your physical, mental, and financial health so you can thrive both personally and professionally. We're also leading the way in technology modernization, helping financial institutions evolve with speed, security, and flexibility. Our strategy focuses on delivering secure data access, mitigating fraud, and enabling seamless integration. Empowering our teams to build innovative solutions that meet the evolving needs of accountholders. Culture of Commitment Ask our associates why they love Jack Henry, and many will tell you it is because our culture is exceptional. We do great things together. Our culture empowers us to rise to challenges, seek new opportunities, and support one another through change. It's this shared commitment that drives our success. We're proud to foster an environment where inclusion, sustainability, and community impact are more than values, they're how we operate. Visit our Corporate Sustainability site to learn more about our culture and commitment to our people, customers, community, environment, and shareholders. Equal Employment Opportunity At Jack Henry, we know we are better together. We value, respect, and protect the uniqueness each of us brings. Innovation flourishes by including all voices and makes our business - and our society - stronger. Jack Henry is an equal opportunity employer and we are committed to providing equal opportunity in all of our employment practices, including selection, hiring, performance management, promotion, transfer, compensation, benefits, education, training, social, and recreational activities to all persons regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, genetic information, pregnancy, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, and military and veteran status, or any other protected status protected by local, state or federal law. No one will be subject to, and Jack Henry prohibits, any form of discipline, reprisal, intimidation, or retaliation for good faith reports or complaints of discrimination of any kind, pursuing any discrimination claim, or cooperating in related investigations. Requests for full corporate job descriptions may be requested through the interview process at any time.

Join our Growing Team and see why Summit Utilities, Inc was named as one of the Fastest Growing Denver Area Private Companies 2019 and 2020; Best Places to Work in Maine 2019, 2020, 2021, 2022 and 2023; and Best Places to Work in Arkansas 2020 and 2023, Oklahoma 2022 and 2023 and Missouri 2023. Summit was also recently named one of Forbes 2023 America's Best Small Employers. Summit is a growing natural gas utility providing safe, reliable and clean burning natural gas service to homes and businesses in Arkansas, Colorado, Maine, Missouri, Oklahoma, and Texas. Being part of the Summit team means embracing excellence and innovation, committing to safety each and every day, and doing all that we can to serve each other, our customers and the communities where we live. We aim to bring warmth and energy to everything we do. We have an exciting hybrid opportunity for a Director of Information Technology based in Fort Smith, Arkansas. POSITION SUMMARY The Director of Information Security is a trusted senior leader responsible for protecting Summit's digital and physical information assets while upholding the highest standards of integrity, financial discipline, and organizational trust. This role oversees cybersecurity governance, risk management, and business continuity for enterprise systems - including modern threats emerging from AI technologies and data automation. The Director will develop and execute a forward-looking security strategy that supports Summit's operational excellence, compliance obligations, and AI-driven transformation initiatives. This includes defining governance frameworks, managing enterprise risk, ensuring prudent budget oversight, and cultivating a strong security culture across all levels of the organization. This position requires a strategic thinker, a disciplined financial steward, and a leader of high character who models accountability, transparency, and ethical decision-making. PRIMARY DUTIES AND RESPONSIBILITIES Lead the design, implementation, and continuous improvement of Summit's enterprise information security program - covering cybersecurity, AI and data protection, risk management, and incident response. Ensure strong alignment between security strategy, business goals, and regulatory requirements, particularly in the context of emerging AI use cases, machine learning models, and data governance. Oversee the IT Business Continuity and Disaster Recovery (BCP/DR) programs, including Business Impact Analysis (BIA) and scenario-based recovery exercises. Develop and enforce comprehensive policies, standards, and procedures aligned with frameworks such as NIST CSF 2.0, C2M2, and ISO 27001. Partner with data, application, and operations leaders to ensure secure design, access control, and model integrity across AI and analytics systems. Direct risk assessments and audits to identify vulnerabilities, ensuring mitigation strategies are financially sound and proportionate to organizational risk appetite. Maintain strict adherence to financial controls - including vendor spend, contract review, and security-related procurement - demonstrating accountability for budget stewardship and cost transparency. Lead and mentor a high-performing information security team, fostering a culture of ethics, service, and continuous learning. Serve as the executive liaison for internal and external audits, compliance reviews, and regulatory reporting related to cybersecurity. Stay ahead of evolving threats, particularly those involving AI misuse, data poisoning, and adversarial attacks, and integrate defenses into enterprise security posture. Provide executive-level reporting on risk posture, incidents, and metrics that connect security outcomes to business and financial value. EDUCATION AND WORK EXPERIENCE Bachelor's or Master's degree in information security, Computer Science, Information Technology, or a related field. 10+ years of experience in information security, including at least 5 years in a senior leadership or management capacity. Advanced security certifications strongly preferred (CISSP, CISM, CISA, CRISC, CCISO, etc.). Demonstrated experience managing security for cloud and hybrid environments, and integrating controls for AI, analytics, and data platforms. Proven record of financial accountability, including budget ownership, cost optimization, and vendor governance. Experience implementing and auditing against leading security frameworks (NIST CSF, C2M2, ISO 27001, SOC 2) and regulatory standards (GDPR, HIPAA, PCI, etc.). KNOWLEDGE, SKILLS, ABILITIES Deep expertise in cybersecurity, risk management, and incident response, including threat intelligence, vulnerability management, and data protection. Strong knowledge of AI and data security principles, including model governance, data ethics, and emerging threats tied to generative AI. Uncompromising integrity and sound judgment in handling confidential and financial information. Strong grasp of financial concepts related to technology management: budgeting, forecasting, cost-benefit analysis, and vendor contract negotiation. Exceptional leadership and communication skills - able to translate complex security concepts into clear, actionable guidance for executives and teams. Ability to lead under pressure with discipline, humility, and transparency. Demonstrated track record of fostering a culture of trust, compliance, and ethical leadership. The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and/or skills required of all personnel so classified. Summit offers competitive pay and medical/dental/vision and other benefits that provide flexibility, choice and support to our employees when they need it most. We understand that home and family are essential pieces of your life, and our benefits are designed to support you both at work and at home. Summit Utilities, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status and will not be discriminated against on the basis of disability or veteran status.

Join our Growing Team and see why Summit Utilities, Inc was named as one of the Fastest Growing Denver Area Private Companies 2019 and 2020; Best Places to Work in Maine 2019, 2020, 2021, 2022 and 2023; and Best Places to Work in Arkansas 2020 and 2023, Oklahoma 2022 and 2023 and Missouri 2023. Summit was also recently named one of Forbes 2023 America's Best Small Employers. Summit is a growing natural gas utility providing safe, reliable and clean burning natural gas service to homes and businesses in Arkansas, Colorado, Maine, Missouri, Oklahoma, and Texas. Being part of the Summit team means embracing excellence and innovation, committing to safety each and every day, and doing all that we can to serve each other, our customers and the communities where we live. We aim to bring warmth and energy to everything we do. We have an exciting hybrid opportunity for a Director of Information Technology based in Fort Smith, Arkansas. POSITION SUMMARY The Director of Information Security is a trusted senior leader responsible for protecting Summit's digital and physical information assets while upholding the highest standards of integrity, financial discipline, and organizational trust. This role oversees cybersecurity governance, risk management, and business continuity for enterprise systems - including modern threats emerging from AI technologies and data automation. The Director will develop and execute a forward-looking security strategy that supports Summit's operational excellence, compliance obligations, and AI-driven transformation initiatives. This includes defining governance frameworks, managing enterprise risk, ensuring prudent budget oversight, and cultivating a strong security culture across all levels of the organization. This position requires a strategic thinker, a disciplined financial steward, and a leader of high character who models accountability, transparency, and ethical decision-making. PRIMARY DUTIES AND RESPONSIBILITIES Lead the design, implementation, and continuous improvement of Summit's enterprise information security program - covering cybersecurity, AI and data protection, risk management, and incident response. Ensure strong alignment between security strategy, business goals, and regulatory requirements, particularly in the context of emerging AI use cases, machine learning models, and data governance. Oversee the IT Business Continuity and Disaster Recovery (BCP/DR) programs, including Business Impact Analysis (BIA) and scenario-based recovery exercises. Develop and enforce comprehensive policies, standards, and procedures aligned with frameworks such as NIST CSF 2.0, C2M2, and ISO 27001. Partner with data, application, and operations leaders to ensure secure design, access control, and model integrity across AI and analytics systems. Direct risk assessments and audits to identify vulnerabilities, ensuring mitigation strategies are financially sound and proportionate to organizational risk appetite. Maintain strict adherence to financial controls - including vendor spend, contract review, and security-related procurement - demonstrating accountability for budget stewardship and cost transparency. Lead and mentor a high-performing information security team, fostering a culture of ethics, service, and continuous learning. Serve as the executive liaison for internal and external audits, compliance reviews, and regulatory reporting related to cybersecurity. Stay ahead of evolving threats, particularly those involving AI misuse, data poisoning, and adversarial attacks, and integrate defenses into enterprise security posture. Provide executive-level reporting on risk posture, incidents, and metrics that connect security outcomes to business and financial value. EDUCATION AND WORK EXPERIENCE Bachelor's or Master's degree in information security, Computer Science, Information Technology, or a related field. 10+ years of experience in information security, including at least 5 years in a senior leadership or management capacity. Advanced security certifications strongly preferred (CISSP, CISM, CISA, CRISC, CCISO, etc.). Demonstrated experience managing security for cloud and hybrid environments, and integrating controls for AI, analytics, and data platforms. Proven record of financial accountability, including budget ownership, cost optimization, and vendor governance. Experience implementing and auditing against leading security frameworks (NIST CSF, C2M2, ISO 27001, SOC 2) and regulatory standards (GDPR, HIPAA, PCI, etc.). KNOWLEDGE, SKILLS, ABILITIES Deep expertise in cybersecurity, risk management, and incident response, including threat intelligence, vulnerability management, and data protection. Strong knowledge of AI and data security principles, including model governance, data ethics, and emerging threats tied to generative AI. Uncompromising integrity and sound judgment in handling confidential and financial information. Strong grasp of financial concepts related to technology management: budgeting, forecasting, cost-benefit analysis, and vendor contract negotiation. Exceptional leadership and communication skills - able to translate complex security concepts into clear, actionable guidance for executives and teams. Ability to lead under pressure with discipline, humility, and transparency. Demonstrated track record of fostering a culture of trust, compliance, and ethical leadership. The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and/or skills required of all personnel so classified. Summit offers competitive pay and medical/dental/vision and other benefits that provide flexibility, choice and support to our employees when they need it most. We understand that home and family are essential pieces of your life, and our benefits are designed to support you both at work and at home. Summit Utilities, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status and will not be discriminated against on the basis of disability or veteran status.

We are seeking an experienced and mission-driven Manager of Information Security to help protect our credit union's systems, safeguard member data, and support our commitment to being the best place our employees have ever worked and the best place our members have ever banked. The ideal candidate holds a current CISSP certification, and has experience in IT Security, Business Continuity, and Vendor Management, demonstrating deep expertise across all cybersecurity domains, and maintains ongoing training to stay ahead of evolving threats and regulatory requirements in the financial services sector. The Manager Information Security responsible for overseeing the Information Security program, Vendor Management program, and the administration of the Business Continuity Plan at WEOKIE Federal Credit Union. Responsibilities include but are not limited to developing and maintaining the information security framework, monitoring and managing vendor risk, and maintaining, enhancing, and testing the Business Continuity Plan. Major Activities: * Develops, maintains, and reviews appropriate information security policies and procedures needed to maintain the integrity of the information security program. * Conducts threat focused business impact analysis to maintain an inventory of business impacting cyber threats. * Organizes and conducts cybersecurity simulation exercises. * Acts as the IT Security, Business Continuity, and Vendor Management central point of contact for the annual NCUA exam and IT Controls Audit. * Ensures proper policies, procedures, risk mitigation activities, and operation controls are followed. Reports gaps in policies, procedures, and operating controls to leadership to ensure member impact and risk is mitigated. * Responsible for performing information security risk assessments on a scheduled basis that focus on ensuring policies and procedures are consistently applied. * Attends/makes presentations to the WEOKIE Board of Directors and various Board Committees as assigned. * Assist with development of company wide information security training materials for computer-based training modules and build company wide information security awareness materials. * Support technology/systems that enable all vendor management activities by administering the Tandem platform. * Responsible for vendor risk assessment and execution of other vendor management activities as needed. This includes administration, processing risk acceptance documentation, and maintaining the schedule of vendor management activities. * Maintain, develop, update, and test WEOKIE's Business Continuity Plan. * Write reports to summarize testing activities, including results and recommendations. * Act as Business Continuity Coordinator in the event of an incident, to ensure that WEOKIE's Business Continuity Plan is implemented. Critical Results: * WEOKIE's information security program is a core part of its culture and is integrated into all of its lines of business, support functions and third-party management programs. * Information Security risks and threats are clearly identified, measured and remediated timely. * The Board of Directors and Senior Management receive timely and credible reporting and recommendations that lead to effective decision-making in both strategic and tactical contexts. * Members and credit union information security assets are protected from unauthorized access and when necessary, reacts timely and effectively to manage incidents or vulnerabilities. * WEOKIE receives favorable results from key reviews, audits, and exams from audit and exam sources. * WEOKIE's information security program is seen as independent from the IT line of business and also seen as supportive and collaborative to all stakeholders. * Risk assessments are completed annually and deficiency are quickly addressed and/or remediated. * Security incidents are properly documented, tracked, and escalated in a timely fashion when deficiencies are presented. * New quality control activities are developed and presented to leadership that correspond to the information security program. * Vendor Management risk assessments, reporting results, and conclusions are thoroughly documented, completed timely and accurately. * Vendor Management is collaboratively managed with fellow team members. * Vendor Management risks are controlled and mitigated by adhering to all applicable policies and procedures. * WEOKIE's Business Continuity Plan is up-to-date, regularly tested, thoroughly communicated, and ready for immediate implementation in the event of an incident. Qualifications: * Specialized or Technical Knowledge and Skills: The Manager Information Security is a data security professional skilled at managing IT security activities in a complex, multi-system/multi-vendor computing environment. A strong, practical working knowledge of information security concepts and technical architecture are necessary along with an ability to take technical concepts and translate them into business impact. * A bachelor's degree is required, preferably in Information Technology or Computer Science. * A minimum of three years of experience in the information security field. * A Certified Information System Security Professional (CISSP) certification is required; additional certifications such as a Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) are preferred. * Demonstrated experience in managing and working with third party vendors. * Demonstrated ability to research and implement innovative solutions that have improved security, operational efficiency, quality, and service levels. * In-depth understanding of the financial services or highly regulated business, and the applications systems and technical infrastructures needed to support them. B. Behavioral Competencies: Behavioral competencies are the skills and personal characteristics that an individual should possess in order to be successful in this position. * Core Competencies: Core competencies are consistent for all positions across the organization and are aligned with WEOKIE's core values. * Member Focus (internal and external): Builds member confidence, is committed to increasing member satisfaction, sets achievable member expectations, assumes responsibility for solving member problems, ensures commitments to members are met, solicits opinions and ideas from members, responds to internal members. * Dependability: Meets commitments, works independently, accepts accountability, handles change, sets personal standards, stays focused under pressure, and meets attendance/punctuality requirements. * Integrity/Ethics: Deals with others in a straightforward and honest manner, is accountable for actions, maintains confidentiality, supports company values, conveys good news and bad. * Job Specific Competencies: The position requires a well‐rounded and level‐headed individual who is able to maintain composure in a variety of situations. The following stand out among a long list of behavioral competencies for this position: * Managing Vision and Purpose: Communicates a compelling and inspired vison of core purpose; talks beyond today; talks about possibilities, is optimistic, creates mileposts and symbol to rally support behind the vision; make the vision sharable by everyone; can inspire and motivate entire units or organizations. * Strategic Agility: Sees ahead clearly, can anticipate future consequences and trends accurately; has broad knowledge and perspective; is future oriented; can articulately pain credible pictures and visions of possibilities and likelihoods; can create competitive and breakthrough strategies and plans. * Oriented Towards Serving Others: Is predisposed to servant leadership and excited towards improving conditions for others. * Command Skills: Relishes leading; takes unpopular stands if necessary; encourages direct and tough debate but isn't afraid to end it and move on; is looked to for direction in a crisis; faces adversity head on; energized by tough challenges. * Intellectual Horsepower: Is bright and intelligent; deals with concepts and complexity comfortably; described as intellectually sharp, capable, and agile. * Innovation Management: Is good at brining the creative ideas of others to market; has good judgement about which creative ideas and suggestions will work; has a sense about managing the creative process of others; can facilitate effective brainstorming; can project how potential ideas may play out in the marketplace. * Composure: Is cool under pressure; does not become defensive or irritated when times are tough; is considered mature; can be counted on to hold things together during tough times; can handle stress; is not knocked off balance by the unexpected; doesn't show frustration when resisted or blocked; is a settling influence in a crisis. * Political Savvy: Can maneuver through complex political situations effectively and quietly; is sensitive to how people and organizations function; anticipates where the land mines are and plans his/her approach accordingly; views corporate politics as a necessary part of organizational life and work to adjust to that reality. C. Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to stand; walk; sit; use hands to finger, handle, or feel; reach with hands and arms; climb or balance; stoop, kneel, crouch, or crawl and talk or hear. The employee must occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include color vision, peripheral vision, depth perception and ability to adjust focus. D. Work Environment: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The worker is not substantially exposed to adverse environmental conditions. The noise level in the work environment is usually moderate. WEOKIE does not and shall not discriminate on the basis of Protected Status, marital status, and political belief or any other status or condition protected by applicable federal and/or state law. Bona fide occupational qualifications will be applied impartially. These activities include, but are not limited to, hiring of staff, selection of volunteers and vendors, and provision of services. We are committed to providing an inclusive and welcoming environment for all our members, our staff, clients, volunteers, subcontractors, vendors, and clients.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Developing, and implementing secure processes and systems used to prevent, detect, mitigate, and recover from cyberattacks. Educating and managing information and technology risk in collaboration with business leaders.Building and driving a cybersecurity strategy and framework, with initiatives to secure the organization's cyber and technology assets. Maintain Professional Knowledgebase; keep apprised of latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to ESU.Continuously evaluating and managing the cyber and technology risk posture of the organization.Implementing and managing the cyber governance, risk, and compliance process. Developing, justifying, and evaluating cybersecurity investments. Developing and implementing ongoing security awareness training and education for users. In coordination with the CIO and emergency management team, implementing disaster recovery protocols and business continuity plans with business resilience in mind. QUALIFICATIONS: Minimum Qualifications: * Bachelor's degree; preference for advanced degree. * Minimum of five years' experience in information security or equivalent. * Strong commitment to customer-focused and team-oriented management. * Proven leadership abilities with a history of advancing roles in security management. * Proficiency in project planning, implementation, and management. * Demonstrated capability in collaborating with diverse populations. * Experience handling sensitive and confidential information in compliance with federal and state laws. * Skilled in presenting complex security concepts to various audiences (e.g., end-user training, executive-level briefings). * Up-to-date knowledge of emerging information security technologies and strategies. * Availability for off-hours support when necessary. COMPENSATION: * Annual salary range is $130,000-$160,000 * Salary will be commensurate with experience and qualifications. BENEFITS: Base pay is one component of Emporia State University's total rewards package. We are dedicated to supporting the needs of the "whole you" with our holistic approach to employee benefits by offering comprehensive well-being benefits for you and your family that include: * Health Insurance * Free Dental insurance for employees * Retirement through the Kansas Board of Regents * Paid parental leave * Up to 31 days paid vacation and holiday days * Tuition reduction and tuition assistance * Dependent tuition waiver * For full details about our benefit plan offerings, please visit here. APPLY: Please upload a cover letter, resume, and contact information of three references here. Consideration of applications will begin immediately, and will continue until the position is filled. A background check is required prior to hire. For more information Human Resources ****************** ************** Emporia State University is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for

Oversees and coordinates all information security staff and activities to ensure the firm's overall information assets are adequately protected. Oversees the planning, coordinating and implementing of information security programs in order to maintain information integrity and protect against all cybersecurity threats. Interacts with other individuals in the firm in a problem-solving and team-building manner. Oversees, develops and maintains the Firm's ISO 27001 Program, and operation objectives. Manages the development and cost effective solutions to maintain the integrity of system information while allowing business operations to continue in the event of any type of business interruption. Assists in audits of the Information Security program as needed at the request of management. Uses leadership skills to train, motivate and direct assigned staff. Provides technical expertise in the selection, testing, implementation and deployment of information security systems. Provides technical guidance and direction in information security monitoring, assessment, auditing and testing. Defines, develops and implements the firm's Information Protection Program security policy. Works with the Director of Information Security and Risk Management to develop methods of improving department workflow, customer satisfaction and employee efficiency. Assists in determining department work procedures, plans, assigns and directs work as necessary. Monitors employee workflow and makes adjustments as necessary to ensure customers' needs are addressed in a timely and efficient manner. Monitors and audits analyst(s) work product, reviews and communicate results with employee and provides advice. Coordinates training of staff to ensure work meets/exceeds performance expectations within a reasonable time frame. Oversees department projects, ensuring that procedures are followed and objectives are accomplished according to schedule. Responsible for conducting, coordinating, testing, implementing, deploying, and operational maintenance of all information security systems, applications, appliances and devices throughout the firm. Responsible for assessing, recommending, developing, implementing and maintaining the firm's information security infrastructure and security standards. Lead for security risk assessments and penetration studies of networks. Recommends solutions for security vulnerabilities and takes corrective measures and/or applies security patches when appropriate. Installs, monitors, maintains and upgrades virus detection applications/tools to ensure computer codes, viruses, and worms are blocked or eradicated when detected. Analyzes problematic security log entries from security servers and routers, provides technical solutions to issues and security breaches. Is on call to respond to security incidents or disaster recovery and business continuity operations. Maintains advanced knowledge of the firm's Information Security posture, goals and objectives. Supervises the Information Security Engineers. Is responsible for the overall direction, coordination, and evaluation of designated employees in this category. Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding, coaching, and disciplining employees; addressing complaints and resolving problems. Additional preferred knowledge and experience to include: Azure Cloud Security Intune Security Endpoint Detection and Response Security Information and Event Management (SIEM) Intrusion Protection Systems Data Loss and Prevention Vulnerability and Penetration Testing/Remediation Data Classification Encryption (Endpoint and In-Transit) Site Certificates Incident Response Program Business Resiliency Procedures Bachelor's degree (B.A.) from four-year college or university; or three to five years advanced information security experience and/or training; or ten years of combined information systems and information security experience; and three to five years supervisory experience; and/or equivalent combination of education and experience. Professional certification of CISA or CISSP desirable. Must have advanced knowledge of general information security equipment and functionality. OR Must have advanced knowledge with PC and LAN servers, security firewalls, intrusion protection systems, cloud-based security systems and other Information Security related technologies. Additional preferred knowledge and experience to include: Azure Cloud Security Intune Security Endpoint Detection and Response Security Information and Event Management (SIEM) Intrusion Protection Systems Data Loss and Prevention Vulnerability and Penetration Testing/Remediation Data Classification Encryption (Endpoint and In-Transit) Site Certificates Incident Response Program Business Resiliency Procedures

**Location:** This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. The **Cloud Security Architect** is responsible for enabling, maturing, and operationalizing cyber defense capabilities across Elevance Health's enterprise and subsidiary cloud environments. This role partners closely with Cloud Infrastructure, Application Engineering, Detection Engineering, and Security Operations to ensure cloud-native security telemetry, detection, and response capabilities are deployed, monitored, and continuously improved. **How You Will Make an Impact:** + Lead efforts to integrate cyber defense and security operations capabilities into enterprise and subsidiary cloud environments (AWS, Azure, GCP, and OCI), ensuring consistent visibility and detection coverage across platforms. + Partner with cloud infrastructure and application teams to ensure security controls, logging, and telemetry are properly enabled, validated, and operational for cloud services and workloads. + Work with app, platform and engineering teams to ensure the appropriate level of logging is enabled within their respective environments. + Define roadmap and strategy for the future of cloud cyber defense, including CSPM, threat detection, logging pipelines, and incident response integration. Develop an approach that is tailored to the organization and keeps us out in front of developing threats. + Propose and develop cloud threat monitoring use cases. Train SOC analysts on how to properly triage, investigate and remediate alerts based on those use cases. + Collaborate with security operations and incident response teams to investigate complex cloud security events (e.g. threat detection events, misconfigurations, exposed resources) and support remediation efforts. + Infuse automation and AI-driven capabilities into cloud threat management operations. + Work with vendors to evaluate, select, and onboard technologies. Partner with vendor contacts to ensure product roadmaps address evolving business and technical requirements. + Support pursuit of new business by designing new cloud architectures that are compliant with FedRAMP or other regulatory requirements. + Participate in and contribute to governance review for new cloud services, AI-enabled platforms, and SaaS offerings, ensuring security requirements, logging, and guardrails are defined before approval. + Act as Subject Matter Expert in all aspects of cloud cyber defense. Advise executive leadership on matters relating to cloud security. Train and mentor junior team members. + Draft business-level presentations that garner executive and stakeholder support for cloud cyber defense initiatives. + Develop policies, technical standards and other foundational documentation. + Support regulatory and audit initiatives by validating cloud security controls, evidence collection, and alignment with frameworks such as SOC2, PCI, HITRUST, and FedRAMP. **Minimum Requirements:** Requires BS/BA in Information Technology or related field of study and a minimum of 10 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background. **Preferred Skills, Capabilities & Experiences:** + Fluency with all 3 major cloud service providers: AWS, Azure & Google Cloud Platform. + Experience designing, implementing or operating cloud security programs in an enterprise environment. + Cloud security certifications such as CCSP or CSP-specific security certifications . + Experience with Oracle Cloud Infrastructure. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Candidates can live within commutable distance to any Slalom office in the US. We have a hybrid and flexible environment. Who You'll Work With As a modern technology company, we've never met a technical challenge we didn't like. We enable our clients to learn from their data, create incredible digital experiences, and make the most of new technologies. We blend design, engineering, and analytics expertise to build the future. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are seeking an experienced AWS Security Architect with deep expertise in AWS cloud architecture, native & external security services, and regulatory compliance to provide advisory and delivery services aligned with the standards of a top-tier consulting firm. This role will partner with enterprise clients to design, assess, and implement secure AWS environments that meet business, compliance, and regulatory requirements. This role requires a strong blend of hands-on technical capabilities, architectural leadership, and client-facing advisory skills. As a trusted advisor, you will lead security strategy sessions, assess current cloud security postures, and deliver AWS-native and third-party solutions that align with best practices. You will work across multiple industry verticals, collaborating with engineering, security, risk, and compliance teams, and guiding clients through security transformation journeys and ensuring AWS adoption is secure, compliant, and resilient. This is a strategic technical consulting role suited for individuals who are passionate about cloud security, compliance, and helping clients adopt secure architectures in regulated environments. Key Responsibilities * Serve as a client-facing advisor, providing strategic guidance on cloud security transformation, governance, and operating models. * Lead cloud security assessments, maturity evaluations, and gap analyses, producing recommendations aligned with regulatory frameworks (e.g., NIST, ISO 27001, CIS, PCI DSS, HIPAA). * Design and implement AWS-native security architectures leveraging IAM, KMS, CloudTrail, Security Hub, GuardDuty, Macie, Detective, and Control Tower. * Establish governance, risk, and compliance (GRC) frameworks for AWS adoption, including policy-as-code and automated compliance monitoring. * Define and implement identity and access management (IAM) strategies, including federation, least privilege, and Zero Trust principles. * Guide clients in adopting secure application and data architectures, including encryption, data loss prevention, and secure API integrations. * Support incident response and forensics readiness through AWS-native logging, monitoring, and detection services. * Collaborate with DevOps and platform teams to integrate security into DevOps pipelines (DevSecOps) with automation for vulnerability management, code scanning, and compliance validation. * Collaborate with client executives to articulate cloud security roadmaps, business cases, and investment priorities. * Partner with internal teams to develop accelerators, templates, and reusable security patterns that improve time-to-value for clients. * Author client deliverables such as risk assessments, security architecture design documents, gap analyses, and roadmap plans. * Provide thought leadership via security workshops, executive briefings, and architecture reviews. * Stay current with AWS service releases, regulatory changes, and emerging cyber risks to inform recommendations. Core Qualifications * 8+ years of IT security experience with at least 4+ years focused on AWS security. * Proven consulting experience delivering security assessments, compliance programs, and cloud security roadmaps for enterprise clients. * Strong expertise in AWS security services (i.e. IAM, KMS, CloudTrail, GuardDuty, Macie, Security Hub, Detective, WAF, Shield). * Deep knowledge of cloud governance, risk management, and regulatory compliance frameworks (NIST, ISO, CIS Benchmarks, SOC 2, HIPAA, PCI DSS) and experience designing or assessing AWS environments aligned with these frameworks. * Hands-on experience embedding security into DevOps/DevSecOps pipelines and Infrastructure-as-Code (Terraform, CloudFormation, AWS CDK). * Experience designing ransomware detection, response, and business resilience strategies in AWS including backup, recovery, and isolation patterns. About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position, the target base salary pay range in the following locations: Boston, Houston, Los Angeles, Orange County, Seattle, San Diego, Washington DC, New York, New Jersey, for Consultant level is $119,000-$147,500 and for Senior Consultant level it is $136,500-$169,500 and for Principal level it is $151,000-$187,500. In all other markets, the target base salary pay range for Senior Consultant level it is $125,000-$155,500 and for Principal level it is $138,500-$172,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We will accept applications until 3/31/2026 or until the positions are filled. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to attracting, developing and retaining highly qualified talent who empower our innovative teams through unique perspectives and experiences. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team or contact ****************************** if you require accommodations during the interview process.

Join our Growing Team and see why Summit Utilities, Inc was named as one of the Fastest Growing Denver Area Private Companies 2019 and 2020; Best Places to Work in Maine 2019, 2020, 2021, 2022 and 2023; and Best Places to Work in Arkansas 2020 and 2023, Oklahoma 2022 and 2023 and Missouri 2023. Summit was also recently named one of Forbes 2023 America's Best Small Employers. Summit is a growing natural gas utility providing safe, reliable and clean burning natural gas service to homes and businesses in Arkansas, Colorado, Maine, Missouri, Oklahoma, and Texas. Being part of the Summit team means embracing excellence and innovation, committing to safety each and every day, and doing all that we can to serve each other, our customers and the communities where we live. We aim to bring warmth and energy to everything we do. We have an exciting hybrid opportunity for a Director of Information Technology based in Fort Smith, Arkansas. POSITION SUMMARY The Director of Information Security is a trusted senior leader responsible for protecting Summit's digital and physical information assets while upholding the highest standards of integrity, financial discipline, and organizational trust. This role oversees cybersecurity governance, risk management, and business continuity for enterprise systems - including modern threats emerging from AI technologies and data automation. The Director will develop and execute a forward-looking security strategy that supports Summit's operational excellence, compliance obligations, and AI-driven transformation initiatives. This includes defining governance frameworks, managing enterprise risk, ensuring prudent budget oversight, and cultivating a strong security culture across all levels of the organization. This position requires a strategic thinker, a disciplined financial steward, and a leader of high character who models accountability, transparency, and ethical decision-making. PRIMARY DUTIES AND RESPONSIBILITIES Lead the design, implementation, and continuous improvement of Summit's enterprise information security program - covering cybersecurity, AI and data protection, risk management, and incident response. Ensure strong alignment between security strategy, business goals, and regulatory requirements, particularly in the context of emerging AI use cases, machine learning models, and data governance. Oversee the IT Business Continuity and Disaster Recovery (BCP/DR) programs, including Business Impact Analysis (BIA) and scenario-based recovery exercises. Develop and enforce comprehensive policies, standards, and procedures aligned with frameworks such as NIST CSF 2.0, C2M2, and ISO 27001. Partner with data, application, and operations leaders to ensure secure design, access control, and model integrity across AI and analytics systems. Direct risk assessments and audits to identify vulnerabilities, ensuring mitigation strategies are financially sound and proportionate to organizational risk appetite. Maintain strict adherence to financial controls - including vendor spend, contract review, and security-related procurement - demonstrating accountability for budget stewardship and cost transparency. Lead and mentor a high-performing information security team, fostering a culture of ethics, service, and continuous learning. Serve as the executive liaison for internal and external audits, compliance reviews, and regulatory reporting related to cybersecurity. Stay ahead of evolving threats, particularly those involving AI misuse, data poisoning, and adversarial attacks, and integrate defenses into enterprise security posture. Provide executive-level reporting on risk posture, incidents, and metrics that connect security outcomes to business and financial value. EDUCATION AND WORK EXPERIENCE Bachelor's or Master's degree in information security, Computer Science, Information Technology, or a related field. 10+ years of experience in information security, including at least 5 years in a senior leadership or management capacity. Advanced security certifications strongly preferred (CISSP, CISM, CISA, CRISC, CCISO, etc.). Demonstrated experience managing security for cloud and hybrid environments, and integrating controls for AI, analytics, and data platforms. Proven record of financial accountability, including budget ownership, cost optimization, and vendor governance. Experience implementing and auditing against leading security frameworks (NIST CSF, C2M2, ISO 27001, SOC 2) and regulatory standards (GDPR, HIPAA, PCI, etc.). KNOWLEDGE, SKILLS, ABILITIES Deep expertise in cybersecurity, risk management, and incident response, including threat intelligence, vulnerability management, and data protection. Strong knowledge of AI and data security principles, including model governance, data ethics, and emerging threats tied to generative AI. Uncompromising integrity and sound judgment in handling confidential and financial information. Strong grasp of financial concepts related to technology management: budgeting, forecasting, cost-benefit analysis, and vendor contract negotiation. Exceptional leadership and communication skills - able to translate complex security concepts into clear, actionable guidance for executives and teams. Ability to lead under pressure with discipline, humility, and transparency. Demonstrated track record of fostering a culture of trust, compliance, and ethical leadership . The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and/or skills required of all personnel so classified. Summit offers competitive pay and medical/dental/vision and other benefits that provide flexibility, choice and support to our employees when they need it most. We understand that home and family are essential pieces of your life, and our benefits are designed to support you both at work and at home. Summit Utilities, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status and will not be discriminated against on the basis of disability or veteran status.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00

Candidates can live within commutable distance to any Slalom office in the US. We have a hybrid and flexible environment. Who You'll Work With As a modern technology company, we've never met a technical challenge we didn't like. We enable our clients to learn from their data, create incredible digital experiences, and make the most of new technologies. We blend design, engineering, and analytics expertise to build the future. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are seeking an experienced AWS Security Architect with deep expertise in AWS cloud architecture, native & external security services, and regulatory compliance to provide advisory and delivery services aligned with the standards of a top-tier consulting firm. This role will partner with enterprise clients to design, assess, and implement secure AWS environments that meet business, compliance, and regulatory requirements. This role requires a strong blend of hands-on technical capabilities, architectural leadership, and client-facing advisory skills. As a trusted advisor, you will lead security strategy sessions, assess current cloud security postures, and deliver AWS-native and third-party solutions that align with best practices. You will work across multiple industry verticals, collaborating with engineering, security, risk, and compliance teams, and guiding clients through security transformation journeys and ensuring AWS adoption is secure, compliant, and resilient. This is a strategic technical consulting role suited for individuals who are passionate about cloud security, compliance, and helping clients adopt secure architectures in regulated environments. Key Responsibilities * Serve as a client-facing advisor, providing strategic guidance on cloud security transformation, governance, and operating models. * Lead cloud security assessments, maturity evaluations, and gap analyses, producing recommendations aligned with regulatory frameworks (e.g., NIST, ISO 27001, CIS, PCI DSS, HIPAA). * Design and implement AWS-native security architectures leveraging IAM, KMS, CloudTrail, Security Hub, GuardDuty, Macie, Detective, and Control Tower. * Establish governance, risk, and compliance (GRC) frameworks for AWS adoption, including policy-as-code and automated compliance monitoring. * Define and implement identity and access management (IAM) strategies, including federation, least privilege, and Zero Trust principles. * Guide clients in adopting secure application and data architectures, including encryption, data loss prevention, and secure API integrations. * Support incident response and forensics readiness through AWS-native logging, monitoring, and detection services. * Collaborate with DevOps and platform teams to integrate security into DevOps pipelines (DevSecOps) with automation for vulnerability management, code scanning, and compliance validation. * Collaborate with client executives to articulate cloud security roadmaps, business cases, and investment priorities. * Partner with internal teams to develop accelerators, templates, and reusable security patterns that improve time-to-value for clients. * Author client deliverables such as risk assessments, security architecture design documents, gap analyses, and roadmap plans. * Provide thought leadership via security workshops, executive briefings, and architecture reviews. * Stay current with AWS service releases, regulatory changes, and emerging cyber risks to inform recommendations. Core Qualifications * 8+ years of IT security experience with at least 4+ years focused on AWS security. * Proven consulting experience delivering security assessments, compliance programs, and cloud security roadmaps for enterprise clients. * Strong expertise in AWS security services (i.e. IAM, KMS, CloudTrail, GuardDuty, Macie, Security Hub, Detective, WAF, Shield). * Deep knowledge of cloud governance, risk management, and regulatory compliance frameworks (NIST, ISO, CIS Benchmarks, SOC 2, HIPAA, PCI DSS) and experience designing or assessing AWS environments aligned with these frameworks. * Hands-on experience embedding security into DevOps/DevSecOps pipelines and Infrastructure-as-Code (Terraform, CloudFormation, AWS CDK). * Experience designing ransomware detection, response, and business resilience strategies in AWS including backup, recovery, and isolation patterns. About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position, the target base salary pay range in the following locations: Boston, Houston, Los Angeles, Orange County, Seattle, San Diego, Washington DC, New York, New Jersey, for Consultant level is $119,000-$147,500 and for Senior Consultant level it is $136,500-$169,500 and for Principal level it is $151,000-$187,500. In all other markets, the target base salary pay range for Senior Consultant level it is $125,000-$155,500 and for Principal level it is $138,500-$172,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We will accept applications until 3/31/2026 or until the positions are filled. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to attracting, developing and retaining highly qualified talent who empower our innovative teams through unique perspectives and experiences. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team or contact ****************************** if you require accommodations during the interview process.

Description & Requirements Maximus is seeking a qualified Sr. Technical/Security Analyst for multiple projects, current and upcoming. The qualified candidate will be involved in technical/security planning and assessment projects with potentially multiple state agencies. The position requires the candidate to produce/review security relevant documentation, such as system security plans, POA&Ms, assessment plans, etc., produce technical/security analyses, develop estimates, review and contribute to requirements for large systems-planning efforts in the Child Support, Child Welfare and/or Integrated Eligibility public-sector domains. The individual will report directly to a Senior Manager. Maximus is a matrix-managed organization, which means the individual will have secondary reporting relationships to one or more Project Managers, depending on which projects they are assigned. *This role is remote but requires working standard business hours in the US time zone of the client. This position is contingent upon award. * Essential Duties and Responsibilities: - Collaborate with project managers on various initiatives and projects to track progress and provide support as necessary. - Support leadership in ensuring that the project is delivered to specifications, is on time, and within budget. - Work closely with management and work groups to create and maintain work plan documents. - Track the status and due dates of projects. - Manage relationships with project staff responsible for projects. - Produce regular weekly and monthly status reports that could include; work plan status, target dates, budget, resource capacity, and other reports as needed. - Facilitate regular meetings and reviews. - Adhere to contract requirements and comply with all corporate policies and procedures. Job Specific Duties and Responsibilities: -Perform duties independently under the direction of their direct manager and/or Project Managers on specific projects. -Review project documentation and client materials and provide analysis of technical and security related topics. -Participate in client meetings and offer observations and insight on technical and security related topics. -Identify risk areas and potential problems that require proactive attention. -Review and author artifacts and other project documents and identify potential gaps, inconsistencies, or other issues that may put the project at risk. Such artifacts and documents may include but are not limited to: *System Security Plan *Plan of Action and Milestones (POA&M) *Security Assessment Plan *Risk Assessment reports *CMS ARC-AMPE forms and documentation *Data Conversion and Migration Management Plan *Deployment and/or roll-out plans -Perform security assessments, lead security audit and assessment activities, and provide direct security oversight support to assigned clients and projects. -Identify and escalate to the Senior Manager / Project Manager risks, alternatives, and potential quality issues. -Attend interviews, focus groups, or other meetings necessary to gather information for project deliverables in accordance with the project scope of work. -Attend project meetings with the client, subcontractors, project stakeholders, or other Maximus Team members, as requested by the Senior Manager / Project Manager. -Complete project work in compliance with Maximus standards and procedures. -Support team to complete assigned responsibilities as outlined in the Project schedule. -Support all other tasks assigned by Senior Manager / Project Manager. Minimum Requirements - Bachelor's degree in related field. - 7-10 years of relevant professional experience required. - Equivalent combination of education and experience considered in lieu of degree. Job Specific Requirements: -Be available to work during standard client business hours. Projects may involve clients from any US time zone, so it is possible that work outside of the individual's local business hours will be required. -Bachelor's degree from an accredited college or university, or equivalent work experience. -7+ years of experience in information security, with at least 3 years of security-compliance work in a regulated industry. -5+ years of experience working with HIPAA, NIST 800-53 and/or CMS MARS-E or ARC-AMPE security frameworks. -Familiar with operating systems: Windows, Linux/UNIX, OS/X. -Familiar with AI tools, capabilities. -Strong command of cloud computing topics. -Strong command of agile software development practices as well as waterfall development practices. -Strong desktop software skills: proficient in MS Office, Excel, Word, Project. -Ability to explain and communicate technical subjects to non-technical audiences. -Ability to develop advanced concepts, techniques, and standards requiring a high level of interpersonal and technical skills. -Ability to work independently. -Good organizational skills and the ability to manage multiple tasks and deadlines simultaneously. -Strong interpersonal and team building skills, as well as an understanding of client relationship building are essential. -Excellent verbal and writing skills and be comfortable working with customers. -Ability to multi-task with supervision. -Self-motivated fast learner. Preferred Skills: -Prefer a candidate with experience in the Health & Human Services industry, which may include working with programs such as Child Support, Child Welfare, or Integrated Eligibility (SNAP, TANF, and Medicaid). -Preference for security related certifications, such as the CISSP (Certified Information Systems Security Professional). EEO Statement Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information and other legally protected characteristics. Pay Transparency Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances. Accommodations Maximus provides reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage of the employment process-including accessing job postings, completing assessments, or participating in interviews,-please contact People Operations at **************************. Minimum Salary $ 120,000.00 Maximum Salary $ 140,000.00