Information Systems Security Manager
Security Architect Job In Pittsburgh, PA
The Information Systems Security Manager (ISSM) functionally manages the process to protect classified information.
The ISSM's primary function is implementation of all classified security policy, procedures and
government security requirements as required by the United States Government. The ISSM outlines classified security policies and procedures and assures staff compliance with all applicable government regulations. The ISSM serves as the subject matter expert for classified systems security questions and problem solving within the classified security team.
The ISSM reports directly to the Manager, Security Operations.
Performs the Information Systems Security Manager (ISSM) responsibilities and role for classified network, TS/SCI, and SAP/SAR activities; performs oversight administration of classified systems activities.
Supports the FSO as related to classified processing for maintaining secure facility accreditations and joint and co-use agreements with applicable government agencies.
Writes, coordinates, and conducts classified systems security education briefings (SAP, SCI and CLAN) and the User Acknowledgment statement as required.
Supports the Corporate Information System Security Manager, in maintaining detailed records of Security & Classified Operations department functions and activities for monthly reports
Management regarding classified systems; conducts classified security investigations as required by the Corporate Information Systems Security Manager.
Performs computer systems security activities, implementing security controls for systems processing classified information including initial approval, re-approval, decertification and audits.
Coordinates with the Defense Intelligence Agency and other elements of the U.S. intelligence community on inspections, reviews, investigations, and other reportable issues; coordinates with the Defense Counterintelligence and Security Service (DCSA) and Department of Defense sponsors on inspections, reviews, investigations, and other reportable issues.
Responsible for the classified computing protection program at the collateral, TS/SCI, and SAP/SAR levels, as well as the classified computing hardware/software and voice/data communication audits.
Other duties and special projects as assigned.
Cyber Security Analyst
Security Architect Job In Pittsburgh, PA
We are seeking a Cybersecurity Analyst III to join our dynamic team and contribute to the development and execution of strategic cybersecurity initiatives. This role focuses on identifying, managing, and mitigating cyber threats using industry-recognized frameworks and quantitative risk analysis tools. The position is based in Pittsburgh, PA and follows a hybrid schedule with 3 days onsite weekly.
Key Responsibilities:
Drive cybersecurity strategy by managing internal cyber assessments and expanding cyber risk quantification efforts using tools such as ISF's IRAM2 and FAIR.
Develop and enforce governance policies, standards, and controls for continuous cyber hygiene and operational risk management.
Collaborate with cross-functional teams to identify operational roadblocks and develop remediation strategies.
Utilize industry-standard frameworks, including CRI Cyber Profile, NIST CSF, and ISO 27001, to ensure compliance and control effectiveness.
Support business intelligence efforts by analyzing data and creating actionable insights through tools like Power BI, Tableau, and SQL.
Provide professional support for the company's information security infrastructure and consult with stakeholders to address risk and control issues.
Qualifications:
Education: Bachelor's degree in Computer Science, Information Security, or a related discipline (advanced degree preferred).
Experience: 3+ years in GRC, cybersecurity, or a related field. Familiarity with the financial services industry is a plus.
Technical Skills: Proficiency in MS Office, ServiceNow, and tools for quantitative risk analysis such as IRAM2. Experience with SQL, Power BI, Tableau, and other data analysis tools.
Soft Skills: Strong analytical, troubleshooting, and communication skills. Ability to manage time effectively and work both independently and collaboratively.
What We Offer:
An opportunity to work with cutting-edge cybersecurity frameworks and tools.
A collaborative environment where innovation and proactive problem-solving are encouraged.
Competitive salary and potential for long-term growth within the organization.
.NET ARCHITECT
Security Architect Job In Pittsburgh, PA
Title: .NET Architect
Analysis, development, and troubleshooting of VB.NET applications and web services.
Analysis, development, and troubleshooting of MS SQL Server SQL and Stored Procedures.
Managing code via version control and release processes and procedures.
Documenting and working issues, requests, enhancements, etc. via JIRA workflows.
Actively listening and participating in IT meetings, taking notes, and offering insights/suggestions.
Collaboratively working with the organization's Web team members on projects and tasks.
Self-driven learning of technologies being adopted by the organization's Web team
Please share me your updated resume to **********************
Information Security Analyst (Local Applicants ONLY)
Security Architect Job In Canonsburg, PA
Applicants MUST currently live locally to the Canonsburg, PA region
No 3rd Parties/Sub Vendors
Work Authorization: U.S. Citizen or Green Card
Overview:
The A.C. Coy Company is currently seeking candidates for an Information Security Analyst role. This individual will serve as a main contact for compliance and security initiatives within the company. Our ideal candidate will have 5+ years of experience working in information security and specific experience in GRC and cybersecurity. CISSP is strongly preferred. Occasional travel to other office locations is required, but very rarely overnight.
Our client is offering an excellent salary and benefits package and strong career growth opportunities.
Responsibilities:
Lead and manage security initiatives, compliance enforcement, and incident response in accordance with corporate policies and standards
Maintain and improve our ISMP /Process Documents, create and update process documentation, controls, and SOPs
Maintain security policy and procedure documentation, such as ISMP, according to changes in the business and security framework.
Develop and design necessary systems to maintain and improve the organization's security posture
Conduct log reviews and investigations and monitor/report on security systems such as the SIEM, IPS, and VM
Manage third-party risk management and security awareness program
Provide guidance on development and technology security strategy for the IT team
Mentor and grow our high-performing security team
Works closely with Incident Response Team to gather requirements and support their needs
Help maintain Security Operations Center (SOC) to improve incident response time with Network Technician(s)
Support in achieving organizational Objectives and Key Results (OKRs)
Track, analyze, and report threats, risks, vulnerabilities, and incident data as part of our data-driven security operation
Track and improve corporate security Key Performance Indicators (KPIs)
Brief associates and executives at annual reviews, lunch & learns, and training events on security awareness
Develop and sustain long-standing relationships with 3rd party vendors
Assist with RFP and other client requests for security and compliance confirmation documentation
Assist our stakeholders with aligning standard operating procedures, controls, monitoring, and reporting
Qualifications:
Bachelor's degree in Computer Science, Information Systems, Information Security or a related field
5+ years of experience in the working in information security and technology
Willingness to certify in Security+ and Network+ within first year of role placement is required
Preferred:
CISSP certification
Some experience working in networking and server infrastructure
Experience in the commercial print industry preferred
Experience with C# development
Experience with SQL
Snowflake Architect
Security Architect Job In Pittsburgh, PA
Title : Snowflake Architect
Long Term
We are seeking an experienced Snowflake Tech Lead/Architect to join our team. The ideal candidate will have a solid background in data architecture, cloud data warehousing, and analytics. As a Snowflake Tech Lead, you will be responsible for leading the design, development, and implementation of data solutions using Snowflake. You will collaborate closely with cross-functional teams to ensure data solutions are accurate, accessible, and secure.
Key Responsibilities:
Lead the design and implementation of Snowflake solutions to meet business requirements.
Collaborate with business stakeholders, data engineers, and analysts to gather requirements, ensuring data quality and integrity.
Lead the development and maintenance of data models and pipelines using Snowflake.
Manage diverse data sets (XML, JSON, CSV) from disparate sources.
Optimize Snowflake performance, including query tuning and storage optimization.
Manage and mentor a team of data professionals in Snowflake best practices.
Develop and maintain ETL processes to integrate data from various sources.
Monitor and troubleshoot data issues and implement solutions.
Research and develop POCs to demonstrate business capabilities using Snowflake.
Working with global team (onsite & offshore model) and guiding both shores to successfully drive the project/program.
Stay updated with industry trends and advancements in Snowflake and related technologies.
Qualifications:
12+ years of experience in data engineering, data warehousing, or related roles.
Strong expertise in Snowflake architecture, SQL, and data modeling.
Experience with ETL tools (Informatica) and data integration methodologies.
Solid understanding of data warehousing concepts, metadata management, data lakes, and multi-dimensional models.
Familiarity with AWS cloud platforms and data pipeline orchestration tools (e.g., Apache Airflow).
Excellent problem-solving skills and attention to detail.
Strong communication and leadership skills, with the ability to work collaboratively across teams.
Preferred Qualifications:
Snowflake (SnowPro Core or higher) & AWS Cloud certification (CCP or higher)
Experience with data visualization tools (e.g., Qlik, SAS) is an advantage.
Knowledge of programming languages such as Python, Java, or Scala.
Having experience in insurance domain is an advantage.
Experience in Agile/Scrum methodologies.
ISSM - Information Assurance Professional (IAP)
Security Architect Job In Canonsburg, PA
Requires a Bachelor's degree in Engineering, or a related Science or Mathematics field. Also requires 5 years of job-related experience, or a Master's degree plus 3 years of job-related experience. CLEARANCE REQUIREMENTS: Department of Defense Secret security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. General Dynamics Mission Systems has an immediate opening for an Information Assurance Security Professional . This position provides an opportunity to further advance the cutting-edge technology that supports some of our nation's core defense/intelligence services and systems. General Dynamics Mission Systems employees work closely with esteemed customers to develop solutions that allow them to carry out high-stakes national security missions. The candidate will be designated as an Information Assurance Professional (IAP) supporting multiple Special Access Programs administering the Information Assurance (IA) Cyber duties for government customers. Components of the IA program include Assessment and Authorization (A&A) activities (i.e., documentation preparation, system configuration/validation, certification testing), security sustainment activities (i.e., hardware change management, software change management, account management, media protection, user interface, file transfers), conducting self-inspections, audit trail review, and delivering information systems security education and awareness. The candidate must be a self-starter capable of multitasking and efficiently managing their time in a dynamic environment while requiring minimal levels of supervision. Additionally, the candidate will possess effective written, speaking, analytical, organizational, and customer service skills that will assist them in identifying solutions to complex compliance and security problems. The I AP will coordinate duties with the System Administrators and/or Information Technology (IT) staff to ensure all configuration requirements are implemented and functional. The I AP will conduct technical and nontechnical reviews and audits as prescribed by the Information Assurance Manager. REPRESENTATIVE DUTIES AND TASKS : As a member of the Information Assurance Security team the I AP support s system security categorization effort s , security requirements selection/analysis, security control assessment s and perform s continuous monitoring. Executes or supports the execution of A&A activities, including development of required security documentation, including items such as System Security P lans, Security Assessment Reports , SCTM's and POA& Ms in compliance with IA policy Perform weekly syst em audit reviews, media reviews, hardware/software configuration management E xecutes security testing and evaluation to ensure correct implementation of security controls Supports the a ssessment and mitigation of vulnerabilities throughout a system s life cycle Conduct IA security education training for all system users on appropriate risk mitigation strategies Perform incident response and cleanup actions, when necessary, per company or customer directions Ensure systems are operated , maintained, and disposed of in accordance with internal security policies and procedures outlined in the System Security Plan (SSP). Assume ISSM responsibilities as assigned by the Region Manager and/or in the absence of the ISSM KNOWLEDGE SKILLS AND ABILITIES: Proficient understanding of cyber security specifications such as Risk Management Framework (RMF), JSIG (Joint SAP Implementation Guide), ICD-503, NIST SP 800-53 . Th is role requires a technical background creating POA&Ms, developing corrective action plans, and writing security plans, policies, and procedural documentation (not just reviewing or performing documentation review) Exp erience implementing government security requirements to include technical computer/network system auditing Trained and proficient in Assured File Transfer (AFT) processes and tools Experience with various security assessment/hardening tools - STIGs, SCAP, ACAS, Nessus, etc. Systems administration experience is highly desirable Very strong writing, speaking, analytical, and customer service skills Ability to participate in or lead security work groups Must be a self-starter capable of multitasking and efficiently managing your time in a dynamic environment while requiring minimal levels of supervision Maintains contact with external customer security professionals PREFERRED DEGREE TYPES AND EXPERIENCE: Demonstrated comprehensive knowledge of the NISPOM, JSIG, ICD-503, NIST SP 800-53 and CNSSI 1253 DoD 8 140 IAM-I I level professional certification ( i.e. Security CE, CAP, GSLC) or ability to obtai n within six (6) mo nths of hire . OUR COMMITTMENT TO YOU: An exciting career path with opportunities for continuous learning and development. Research oriented work, alongside award winning teams developing practical solutions for our nation's security Flexible schedules with every other Friday off work, if desired (9/80 schedule) Competitive benefits, including 401k matching, paid parental leave, healthcare benefits, health & wellness programs, employee resource and social groups, and more See more at gdmissionsystems.com/careers/why-work-for-us/benefits WORKPLACE OPTIONS: This position is 100% ON-SITE in Canonsburg, PA or Charleroi, PA (relocation package/assistance may be available) To learn more about Canonsburg and what this idyllic location has to offer, please visit: ************************************************************************** To learn more about our Progeny Systems business area, please visit: ************************************************ CJ2 This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. USD $118,500.00 - USD $128,500.00 /Yr. At General Dynamics Mission Systems, we rise to the challenge each day to ensure the safety of those that lead, serve, and protect the world we live in. We do this by making the world's most advanced defense platforms even smarter. Our engineers redefine what's possible and our manufacturing team brings it to life, building the brains behind the brawn on submarines, ships, combat vehicles, aircraft, satellites, and other advanced systems. We pride ourselves in being a great place to work with this shared sense of purpose, committed to a diverse and exciting employee experience that drives innovation and creates a community where all feel welcome and a part of something amazing. We offer highly competitive benefits and a flexible work environment where contributions are recognized and rewarded. To see more about our benefits, visit ************************************************************* General Dynamics is an Equal Opportunity/Affirmative Action Employer that is committed to hiring a diverse and talented workforce. EOE/Disability/Veteran
Enterprise Security Architect
Security Architect Job In Pittsburgh, PA
Enterprise Security Architect Duration: Full Time Interview mode: Inperson Brand new role
Serve as a member of the enterprise architecture team, providing technical security insight that aligns with business objectives and security requirements. Establish and evangelize the security architecture (principles, policies, standards and patterns) to development groups, business groups and other stakeholders; Govern adherence to the architecture golden rules. Analyze gaps between current and target security architecture and develops plans to close the gaps.
Responsibilities:
Works with IT departments, information security architects, technical architects, data custodians, and governance groups to develop and update Client security policies, standards, procedures, and solutions for secure application architecture. Ensures that security practices are aligned with Client's overall business strategies.
Advises and drives the security maturity of the development lifecycle including secure coding and system security for operations. Recommends and implements changes in security procedures and practices using best-in-class information to ensure that Client is maintaining best-in-class security practices.
Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs. Conducts Penetration Test, Vulnerability, and Risk assessments to improve the security architecture and security product toolset.
Prepares system security reports by collecting, analyzing, and summarizing data and trends. Executes validation by external vendors.
Verifies security systems and network configurations by developing and implementing test scripts while monitoring adherence to standards in architecture, application design, development, and testing frameworks.
Qualifications
Qualifications:
Bachelor degree with Master preferred. Security certification required.
7 to 10 years of experience operating in a cloud environment (e.g. Azure, AWS, Rackspace) along with at least 5 years working in a dedicated information security role with a focus on Security Architecture for at least 3 years.
7 to 10 years of experience with PaaS, IaaS, SaaS, and/or mobile architecture
Solid experience with security hacking tools and techniques.
Solid understanding in application architectures and technology including web applications, mobile technology, identity and access management, security event and incident management as well as web security controls (e.g. Web Application Firewall, Database Activity Monitor, Distributed Denial of Service controls, etc.)
Extensive working knowledge of web application security best practices to include, but not limited to, Cloud Security Alliance controls matrix, OWASP Top 10.
Experience with compliance standards such as HIPAA, CMS, SOX, GLBA; as well as security frameworks such as SANS 20 CSC, CoBIT, or NIST.
Previous involvement with developing and/or maintaining an Enterprise Security Architecture. Familiarity with TOGAF is a plus
Strong understanding and experience of software development methodologies and life cycles
Excellent written and verbal communications skills required, with the ability to explain advanced concepts to audiences of varying levels
Can be counted on to exceed goals successfully, very bottom-line orientated while steadfastly pushes self and others for results.
Has working knowledge of web application security best practices to include, but not limited to, Cloud Security Alliance controls matrix, OWASP Top 10.
Demonstrated ability to make sound decisions using a mixture of analysis, wisdom, experience, and judgement coupled with a strong ability to learn on the fly (quickly learns new tasks, open to change).
Certifications, licenses or registrations: Security+, CISSP, CISA, CEH
Proven ability to organize/manage multiple priorities coupled with the flexibility to quickly adapt to ever-changing business needs.
Additional Information
All your information will be kept confidential according to EEO guidelines.
Generative AI Security Architect
Security Architect Job In Pittsburgh, PA
When you join us at Thermo Fisher Scientific, you'll be part of an inquisitive team that shares your passion for exploration and discovery. With revenues of more than $40 billion and the largest investment in R&D in the industry, we give our people the resources and chances to create meaningful contributions to the world.
**Location/Division Specific Information**
**This is a hybrid opportunity at one of the following locations - Pittsburgh, PA, Frederick, MD or Morrisville, NC**
**Discover Impactful Work:**
As the Generative AI Product Security Architect, you will enable our product development and sustainment teams to ensure that Thermo Fisher products are developed and tested against security standards, further helping our customers to make the world healthier, cleaner and safer.
**A day in the Life:**
+ Evaluate and provide technical security architecture guidance in the assessment, design and implementation of AI-related products
+ Work with multi-functional business units to identify, capture, and raise, security vulnerabilities found in Thermo Fisher AI-related products and platforms and build corresponding solutions
+ Establish and build working relationships with product development partners to maintain and improve product and application security processes
+ Conduct threat modeling exercises to identify potential security risks and vulnerabilities in AI-related products, working closely with AI development teams to integrate security into the design and development processes
+ Collaborate with AI, cloud security, and infrastructure teams to embed security into applications
+ Design and implement security solutions and controls tailored to the unique challenges of AI-related products
+ Contribute to maturing process, policy, and standards guidance
+ Build security control framework and generic reference architectures for AI-related applications and products
+ Keep up-to-date with the latest data protection and AI security practices and laws
+ Provide domain expertise related to AI security
**Keys to Success:**
**Education**
+ Bachelor's Degree in cybersecurity, computer science, or related field. Equivalent work experience is accepted.
+ Certifications not required, but encouraged: Azure AI Engineer Associate, AWS Certified Machine Learning - Specialty **,** AWS Certified AI Practitioner **,** CISSP, or other security-related certifications
**Experience**
+ 3-5 years of related work experience with product security, secure software development, risk assessment, or vulnerability management
+ 3-5 years working as an architect or engineer in Cloud, e-Commerce, IoT, Endpoint, Network, or Server
+ Experience with AI frameworks such as Azure OpenAI and Amazon Bedrock AI
+ Strong organization skills, leading sophisticated projects
**Knowledge, Skills, Abilities**
+ Strong knowledge of AI technologies and governance principles and their inherent security risks, machine learning models, adversarial attacks, and data privacy regulations
+ In-depth knowledge related to building, managing, and securing AI solutions
+ Excellent verbal and written communication skills and the ability to interact professionally with a diverse group, executives, managers, and technical teams
+ Exposure to popular application and AI security standards including OWASP ASVS, OWASP Top 10, OWASP LLM Top 10
+ Proficiency in web application compliance standards, regulatory frameworks, and proven security strategies
+ Knowledge of application and data security, AI/Gen AI, Machine Learning, or data science
+ Experience developing Reference Security Architecture and Design Patterns to support proactive security controls.
+ Strong analytical and product management skills required
+ Excellent customer service skills required
**Benefits**
We offer competitive remuneration, annual incentive plan bonus, healthcare, and a range of employee benefits. Thermo Fisher Scientific offers employment with an innovative, forward-thinking organization, and outstanding career and development prospects. We offer an exciting company culture that stands for integrity, intensity, involvement, and innovation!
Our Mission is to enable our customers to make the world healthier, cleaner and safer. Watch as our colleagues explain 5 reasons to work with us. As one team of 100,000+ colleagues, we share a common set of values - Integrity, Intensity, Innovation and Involvement - working together to accelerate research, solve complex scientific challenges, drive technological innovation and support patients in need. #StartYourStory at Thermo Fisher Scientific, where diverse experiences, backgrounds and perspectives are valued.
**Apply today! ******************************
Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
**Accessibility/Disability Access**
Job Seekers with a Disability: Thermo Fisher Scientific offers accessibility service for job seekers requiring accommodations in the job application process. For example, this may include individuals requiring assistance because of hearing, vision, mobility, or cognitive impairments. If you are a job seeker with a disability, or assisting a person with a disability, and require accessibility assistance or an accommodation to apply for one of our jobs, please submit a request by telephone at ***************. Please include your contact information and specific details about your required accommodation to support you during the job application process.
*This telephone line is reserved solely for job seekers with disabilities requiring accessibility assistance or an accommodation in the job application process. Messages left for other purposes, such as not being able to get into the career website, following up on an application, or other non-disability related technical issues will not receive a response.
**Compensation and Benefits**
The salary range estimated for this position based in Maryland is $143,000.00-$214,475.00.
This position may also be eligible to receive a variable annual bonus based on company, team, and/or individual performance results in accordance with company policy. We offer a comprehensive Total Rewards package that our U.S. colleagues and their families can count on, which includes:
+ A choice of national medical and dental plans, and a national vision plan, including health incentive programs
+ Employee assistance and family support programs, including commuter benefits and tuition reimbursement
+ At least 120 hours paid time off (PTO), 10 paid holidays annually, paid parental leave (3 weeks for bonding and 8 weeks for caregiver leave), accident and life insurance, and short- and long-term disability in accordance with company policy
+ Retirement and savings programs, such as our competitive 401(k) U.S. retirement savings plan
+ Employees' Stock Purchase Plan (ESPP) offers eligible colleagues the opportunity to purchase company stock at a discount
For more information on our benefits, please visit: *****************************************************
Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.
Principal Information Security Architect - Healthcare Delivery Technology
Security Architect Job In Washington, PA
* Develop systems and component architectures and APIs that meet the test of time. Articulate and evangelize architectural principles reciprocally with engineering, architecture and product teams that ensure system components fit securely, are sustainable, and align with company's business direction. Analyze and recommend novel technologies, architectural solutions (and associated business cases) to the various technology executives across the company which simultaneously optimize value, risk, spend & design footprints.
* Influence enterprise solutions architects and engineers to define, develop, maintain, and communicate the technology and platform strategy, guidelines, and re-usable design patterns to all levels including the Highmark Health executive team.
* Work with external and internal engineering teams to provide continuous architecture and design mentorship/leadership and be a source of support that ensures successful product delivery and operational excellence in production, including leadership and support for application development and change management activities.
* Establish relationships with key architects and executive technology leadership across the enterprise technology organization and collaborate on promoting architectural standard methodologies.
* Collaborate with key internal and external partners such as security, developers, development managers, product and program management and senior technical and business executives to drive the Architecture strategy, reference enterprise architecture documents, functional specifications, designs, and architectural libraries.
* Resolve approaches for new areas by quickly investigating and synthesizing the state of the art and available technologies including leading the development of enterprise solutions which meet current and future business requirements.
* Take a consultative approach to develop, present and share the value and vision of proposed architectures and solutions to a wide audience
* Promote architecture standard methodologies and mentor key technical people within the Data Product organization.
* Champion a culture of innovation in an environment that requires high levels of scalability, security and reliability for our most critical enterprise cloud and 'on premise' applications and infrastructure.
* Other duties as assigned or requested.
* 10 years of experience in Information Security.
* 4 years of experience as Information Security Architect with deep understanding of domains of security (e.g. zero trust, data protection, identity & access mgmt., threat mgmt., etc.)
* 3 years of experience with data management, query processing, distributed processing, high availability, statistical and machine learning and operational excellence of production systems.
* 3 years of experience in Mergers and Acquisitions (evaluation, integration, etc.)
* 3 years of experience managing and leading teams.
* Outstanding verbal, written, presentation, facilitation, and interaction skills, including ability to effectively communicate architectural issues and concepts to technical and non-technical people at multiple organization levels
* Outstanding technical acumen across a broad range of cloud and on premise technologies, architectures, applications and APIs
* Demonstrated ability to initiate and guide enterprise technical programs and/or products and services business cases to successful outcomes at scale
* Demonstrated ability to both navigate technical details for enterprise security programs and services, and guide staff through solution development
* Outstanding judgement and ability to methodically analyze cyber risk, and intelligence and both offer risk appropriate advice and make risk appropriate decisions
Highmark Health is a national, blended health organization that includes one of America's largest Blue Cross Blue Shield insurers and a growing regional hospital and physician network.
Based in Pittsburgh, Pa., Highmark Health's 35,000 employees serve millions of customers nationwide through the nonprofit organization's affiliated businesses, which include Highmark Inc., Allegheny Health Network, HM Insurance Group, United Concordia Dental, HM Health Solutions and HM Home & Community Services.
Highmark Health's businesses proudly serve a broad spectrum of health-related needs including health insurance, health care delivery, population health management, dental solutions, reinsurance solutions, and innovative, technology solutions.
Cyber Security Architect (Flexible Location)
Security Architect Job In Pittsburgh, PA
Shape Your World
At Alcoa, you will become an essential part of our purpose: to turn raw potential into real progress. The way we see it, every Alcoan is a work-shaper, team-shaper, idea-shaper, world-shaper.
Alcoa (NYSE: AA) is a global industry leader in bauxite, alumina and aluminum products, with a strong portfolio of value-added cast and rolled products and substantial energy assets. Alcoa is built on a foundation of strong values and operating excellence dating back nearly 130 years to the world-changing discovery that made aluminum an affordable and vital part of modern life. Since inventing the aluminum industry, and throughout our history, our talented “Alcoans” have followed on with breakthrough innovations and best practices that have led to efficiency, safety, sustainability and stronger communities wherever we operate.
As a leader within Alcoa, you can help us fulfill our purpose and realize our vision to reinvent the aluminum industry. Be part of the team that is helping shape a better workplace with a better work-life balance and the equal opportunities that help everyone thrive. You have the power to shape things to make them better.
About the Role:
We are seeking a Cyber Security Architect to play a critical role in protecting Alcoa from evolving cyber threats. This global position encompasses specialist-level responsibilities for cyber security initiatives, projects, and activities across all operating units and locations. Does the prospect of serving in a leadership role within the global cyber security team of a top-tier global manufacturer interest you? If so, Alcoa is looking for you.
Perform in-depth evaluations of Alcoa's technology, infrastructure, and information systems to identify vulnerabilities, risks, and opportunities for strengthening security.
Deliver insightful recommendations based on assessments to guide cybersecurity improvements across IT and Business/Process Control Networks.
Design and evolve Alcoa's global cyber security architecture, ensuring alignment with industry frameworks (e.g., ISO 27001, NIST).
Champion a Defense in Depth approach, integrating best practices, tools, and processes into the architecture.
Facilitate the deployment of cyber security architecture across infrastructure, cloud, and applications globally.
Proactively identify cyber risks using advanced risk assessment processes, tools, and metrics.
Lead the remediation of security gaps while ensuring compliance with Alcoa's cyber security standards, regulatory requirements, and governance frameworks.
Provide consistent operational support to business units, ensuring effective execution of security requirements during routine and emergency operations.
Actively participate in incident response, threat containment, and forensic analysis, leveraging Alcoa's SIEM and monitoring systems.
Conduct security assessments and threat analysis across Alcoa's global sites to evaluate physical, technical, and network security controls.
Collaborate with regional teams to implement corrective measures that reduce identified risks.
Drive awareness and education initiatives across all organizational levels, promoting a strong cyber security culture.
Serve as a bridge between IT teams, leadership, and business stakeholders to align security objectives with business goals.
Assist in shaping Alcoa's cyber security vision, by emphasizing, centralized data and asset protection strategies, preforming threat intelligence, incident management, and investigations.
Balanced risk, compliance, and cost optimization aligned with business objectives.
Develop and govern security standards for data and asset protection, risk management, and cyber resilience.
Collaborate with development teams to implement Secure-by-Design principles throughout the Software Development Life Cycle (SDLC).
Develop and enforce stringent application security standards for all production and development environments.
Continuously research evolving cyber threats, emerging security technologies, and innovative authentication mechanisms.
Recommend and implement cutting-edge solutions to keep Alcoa ahead of adversarial trends.
What you can bring to this role:
Our values - act with integrity, operate with excellence, care for people - are at the foundation of everything we do. To be successful in this role and to play a part in our ongoing success we desire the following background:
Bachelor's degree in computer science/IT/IS, Business, Math, Finance, Engineering, Economics or Accounting/procurement from an accredited institution
4+ years in IT Operations or similar, preferred
5+ years in IT security
Experience with security architectures, frameworks (ISO-2700x, NIST), and technologies
Knowledge of process control systems, associated protocols, architecture, and security strongly preferred
Certified in CISSP / CISM, preferred but not required.
Project management experience in leading several small to large projects.
Demonstrate a solid understanding of project management processes, methodologies, and techniques.
Experience with large, global infrastructure support processes
What we offer:
Competitive compensation packages, including pay-for performance variable pay, recognition and rewards programs, and stock-based compensation awards (3-year vesting schedule)
Flexible spending accounts and generous employer contribution to the HSA
401(k), employer match up to 6%, additional employer retirement income contribution (no vesting period), and a nonqualified deferred compensation plan
10 holidays and one flexible holiday of your choice.
56 hours of sick/safe leave.
8 hours of Paid annual volunteer hours
Alcoa has been chosen as one of America's Greatest Workplaces 2023 by Newsweek
#LI-TL2
#LI-Remote
About the Location
Recognized as an industry pioneer, Alcoa has established itself as an international company with operations across six continents. Alcoa's U.S. portfolio includes Alcoa's corporate headquarters, Alcoa's Technology Center, two smelters, and a calcined coke plant. While some roles are based on-site, Alcoa also offers a flexible working model for certain positions. Wherever you choose to join us, you'll be joining a global team committed to advancing sustainability and delivering excellence and innovation.
We are values led, vision driven and united by our purpose of transforming raw potential into real progress. Our commitments to Inclusion, Diversity & Equity include providing trusting workplaces that are safe, respectful and inclusive of all individuals, free from discrimination, bullying and harassment and that our workplaces reflect the diversity of the communities in which we operate.
As a proud equal opportunity workplace and affirmative action employer, Alcoa is dedicated to providing equal opportunities and equal access to all individuals regardless of a person's gender, age, race, ethnicity, sexual orientation, gender identity, religion, nation of origin, disability, veteran status, language spoken or any other characteristic or status protected by the laws or regulations in the places where we operate.
If you have visited our website in search of information on U.S. employment opportunities or to apply for a position, and you require an accommodation, please contact Alcoa Recruiting via email at ***********************.
This is a place where you are empowered to do your best work, be your authentic self, and feel a true sense of belonging. Come join us and shape your career!
Your work. Your world. Shape them for the better.
Sr. Information Security Manager
Security Architect Job In Murrysville, PA
Sr. Information Security Manager - Murrysville, PA The Integrated Supply Chain (ISC) Information Security Manager will be responsible for developing, implementing and monitoring a strategic and comprehensive IT security plans across multiple geographies and driving security in manufacturing sites, Distribution Centers, and warehouses across the US.
Your role:
* Develop, maintain and improve upon security controls and policies to protect Philips business from security breaches/ incidents, while ensuring operational performance to deliver security controls at optimum cost..
* Provide direction for Enterprise IT Security and Cybersecurity protection, and oversee Technology governance and policies.
* Evaluates potential security breaches, coordinates response, and recommend corrective actions.
* Provides Security Project Management and leadership to staff and external resources in support of established goals and objectives, improved efficiencies, and problem resolution.
* Is responsible for the security schedules of major global contracts and the supplier integration and delivery of secure services as contracted. This includes managing all service delivery components and coordination of supplier teams delivering services.
You're the right fit if:
* You have +10 years experience on developing and implementing cybersecurity strategies on manufacturing/ supply chain/ logistics environment.
* Bachelor's in Computer Science, Information Technology and/or an equivalent academic field. Master's degree in a similar academic field is preferred.
* You have a Cybers Security Certification such as CISSP, CISM, CISA, CIPP etc. preferred. Knowledge on MITRE Framework, IEC 62443/NIST 800:23 is preferred.
* Your skills a thorough understanding of Security Management and Governance principles, along being able to deliver cross-cultural etiquette, customer-centric and collaborative mindset.
* You must be able to successfully perform the following minimum Physical, Cognitive and Environmental job requirements with or without accommodation for this position.
How we work together
We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company's facilities. Field roles are most effectively done outside of the company's main facilities, generally at the customers' or suppliers' locations.
This is an in office role.
About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help improve the lives of others.
* Learn more about our business.
* Discover our rich and exciting history.
* Learn more about our purpose.
* Learn more about our commitment to diversity and inclusion.
Philips Transparency Details
The pay range for this position in Murrysville, PA is from $ 107,000. 00 to $154,000.00
The actual base pay offered may vary within the posted ranges depending on multiple factors including job-related knowledge/skills, experience, business needs, geographical location, and internal equity.
In addition, other compensation, such as an annual incentive bonus, sales commission or long-term incentives may be offered. Employees are eligible to participate in our comprehensive Philips Total Rewards benefits program, which includes a generous PTO, 401k (up to 7% match), HSA (with company contribution), stock purchase plan, education reimbursement and much more. Details about our benefits can be found here.
At Philips, it is not typical for an individual to be hired at or near the top end of the range for their role and compensation decisions are dependent upon the facts and circumstances of each case.
Additional Information
US work authorization is a precondition of employment. The company will not consider candidates who require sponsorship for a work-authorized visa, now or in the future.
Company relocation benefits will not be provided for this position. For this position, you must reside in or within commuting distance to Murrysville, PA.
#LI-PH1
#LI-OFFICE
This requisition is expected to stay active for 45 days but may close earlier if a successful candidate is selected or business necessity dictates. Interested candidates are encouraged to apply as soon as possible to ensure consideration.
Philips is an Equal Employment and Opportunity Employer/Disabled/Veteran and maintains a drug-free workplace.
Sr. Information Security Manager
Security Architect Job In Murrysville, PA
Job TitleSr. Information Security ManagerJob Description
Sr. Information Security Manager - Murrysville, PA
The Integrated Supply Chain (ISC) Information Security Manager will be responsible for developing, implementing and monitoring a strategic and comprehensive IT security plans across multiple geographies and driving security in manufacturing sites, Distribution Centers, and warehouses across the US.
Your role:
Develop, maintain and improve upon security controls and policies to protect Philips business from security breaches/ incidents, while ensuring operational performance to deliver security controls at optimum cost..
Provide direction for Enterprise IT Security and Cybersecurity protection, and oversee Technology governance and policies.
Evaluates potential security breaches, coordinates response, and recommend corrective actions.
Provides Security Project Management and leadership to staff and external resources in support of established goals and objectives, improved efficiencies, and problem resolution.
Is responsible for the security schedules of major global contracts and the supplier integration and delivery of secure services as contracted. This includes managing all service delivery components and coordination of supplier teams delivering services.
You're the right fit if:
You have +10 years experience on developing and implementing cybersecurity strategies on manufacturing/ supply chain/ logistics environment.
Bachelor's in Computer Science, Information Technology and/or an equivalent academic field. Master's degree in a similar academic field is preferred.
You have a Cybers Security Certification such as CISSP, CISM, CISA, CIPP etc. preferred. Knowledge on MITRE Framework, IEC 62443/NIST 800:23 is preferred.
Your skills a thorough understanding of Security Management and Governance principles, along being able to deliver cross-cultural etiquette, customer-centric and collaborative mindset.
You must be able to successfully perform the following minimum Physical, Cognitive and Environmental job requirements with or without accommodation for this position.
How we work together
We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company's facilities. Field roles are most effectively done outside of the company's main facilities, generally at the customers' or suppliers' locations.
This is an in office role.
About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help improve the lives of others.
Learn more about our business.
Discover our rich and exciting history.
Learn more about our purpose.
Learn more about our commitment to diversity and inclusion.
Philips Transparency Details
The pay range for this position in Murrysville, PA is from $ 107,000. 00 to $154,000.00
The actual base pay offered may vary within the posted ranges depending on multiple factors including job-related knowledge/skills, experience, business needs, geographical location, and internal equity.
In addition, other compensation, such as an annual incentive bonus, sales commission or long-term incentives may be offered. Employees are eligible to participate in our comprehensive Philips Total Rewards benefits program, which includes a generous PTO, 401k (up to 7% match), HSA (with company contribution), stock purchase plan, education reimbursement and much more. Details about our benefits can be found here.
At Philips, it is not typical for an individual to be hired at or near the top end of the range for their role and compensation decisions are dependent upon the facts and circumstances of each case.
Additional Information
US work authorization is a precondition of employment. The company will not consider candidates who require sponsorship for a work-authorized visa, now or in the future.
Company relocation benefits
will not
be provided for this position. For this position, you must reside in
or
within commuting distance to Murrysville, PA.
#LI-PH1
#LI-OFFICE
This requisition is expected to stay active for 45 days but may close earlier if a successful candidate is selected or business necessity dictates. Interested candidates are encouraged to apply as soon as possible to ensure consideration.
Philips is an Equal Employment and Opportunity Employer/Disabled/Veteran and maintains a drug-free workplace.
VP - Chief Information Security Officer
Security Architect Job In Pittsburgh, PA
About the job Wabtec Corporation is a leading global provider of equipment, systems, digital solutions and value-added services for freight and transit rail. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation and Faiveley Transport, the company has unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems. Wabtec is focused on performance that drives progress, creating transportation solutions that move and improve the world. Wabtec has approximately 27,000 employees in facilities throughout the world. Visit the company's new website at: **************************
Our best-in-class Enterprise Information Security team has overarching responsibility for cyber security across our global Wabtec Enterprise. You will drive the strategy and define requirements to protect company assets and businesses.
As a member of our IT leadership staff, Wabtec is looking for an individual to run a best-in-class Cyber Security & Risk function. The VP - Chief Information Security Officer reports directly to the CIO and is responsible for establishing and maintaining Wabtec's enterprise information security policy and strategy, ensuring availability, integrity and confidentiality of customer, business partner, employee and business information. This position leads a global team that oversees the development, implementations, and enforcement of several key security domains including Security Operations, Application Security, Security Architecture, and Governance, Risk & Compliance (GRC). The right leader for this job will be passionate about security, both enterprise and product, and takes pride in developing people and process.
• Develop, implement and monitor a strategic, comprehensive enterprise information security, product, and IT risk management program
• Work directly with the business units to facilitate risk assessment and risk management processes
• Develop and enhance an information security management framework
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
• Provide leadership to the enterprise's information security organization
• Partner with business stakeholders across the company to raise awareness of risk management concerns
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
• Provide thought leadership and advice for Wabtec product development teams around tools and processes which would contribute to the overall cyber security of the Company's commercial software products
• Supervisory Responsibilities
• Managing staff of 5 direct reports and an organization of 20-30 employees
• Monitoring and reviewing the work of staff members, including conducting annual performance reviews
• Participate in hiring and recruitment efforts, including interviews for employees in Security & Risk department
• Other duties as assigned
• Regularly remaining in a stationary position, often standing or sitting for prolonged periods
• Regularly communicating with others to exchange information
• Regularly required to attend meetings in person and virtually using video and audio computer equipment
• Regularly repeating motions that may include the wrists, hands and/or fingers, such as typing
• Occasionally moving about to accomplish tasks or moving from one worksite to another
• Occasionally light work that includes moving objects up to 20 pounds
Work Environment:
• Hybrid schedule at the Pittsburgh site three days per week.
• The employee will normally work in a temperature-controlled office environment, with frequent exposure to electronic office equipment. During visits to areas of operations, may be exposed to extreme cold or hot weather conditions. Is occasionally exposed to fumes or airborne particles, toxic or caustic chemicals, and loud noise
**Qualifications:**
You must have:
• Degree in business administration or a technology-related field required
• Professional security management certification
• Minimum of 8 to 12 years of experience in a combination of risk management, information security and IT jobs
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST
• Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Experience with contract and vendor negotiations and management including managed services
• Experience with Cloud computing/Elastic computing across virtualized environments
• Able and willing to travel, occasionally internationally, up to 20%
We would love it if you had:
• Advanced college degree in related technology field (Computer, Engineering, Science, etc.)
• Approximately 15+ years of experience in related IT roles
• Able to exhibit a progression of increasingly complex job responsibilities during the period inclusive of senior staff management oversight for large global organizations
• Drive efficiency through automation
• Strategic and creative thinking to analyze issues that may arise and create solutions
• Ability to respond positively to feedback and implement change in process and procedures as needed
• Ability to work in a fast-paced environment
**Compensation:**
**How to Apply:**
Apply Online
**URL:**
**Posted:**
30-Aug-2024
Principal Information Security Officer - Pittsburgh Supercomputing Center (PSC)
Security Architect Job In Pittsburgh, PA
The Pittsburgh Supercomputing Center (PSC) a joint research center of Carnegie Mellon University and the University of Pittsburgh, was established in 1986, and for over 30 years has provided university, government, and industrial researchers with access to several of the most powerful systems for sophisticated computational research, communications, and data storage available to scientists, engineers and scholars nationwide for unclassified research. PSC advances science across a wide spectrum of fields, including artificial intelligence/machine learning, medical imaging, weather modeling, cell biology, and genomics.
Carnegie Mellon University's department of PSC is searching for a Principal Information Security Officer (PISO) to join their team. This is an exciting opportunity for someone who thrives in an interesting and challenging work environment. Your contribution to the department will be to assign, direct, review and supervise a team of IT professionals that provide information security engineering and operations support for specific research applications based on both theoretical and practical knowledge to help scientists accomplish discovery on modern high-performance computing platforms. Must ensure leadership is aware and accountable for IT security policy and compliance within the PSC and ensures that research projects and services provided externally comply with PSC's cybersecurity program. You will also assure that appropriate engineering protocols are executed to discover, examine, test and mitigate new and potential threats. As well as manage the monitoring and response to security incidents and oversee strategic direction for overall group activities and goals.
Responsibilities are determined by active project needs. Some examples are as follows:
Pittsburgh Supercomputing Center (PSC) provides a high performance computing and communications service in support of the nation's computational science work. PSC is a member of ACCESS, a national computer collaboration of 15 partners from across the U.S. that provides high performance computing, networking, data, scientific visualization and instrument services to the nation's scientists. The overall responsibility of the Principal Information Security Officer (PISO) is to lead teams of PSC staff members, particularly from the Networking and Systems & Operations groups, in order to develop and implement plans for integrated network-, host- and human-based information security practices and procedures for PSC. The PISO keeps PSC management informed regarding current, continuing and emerging security risks to PSC and the broader academic community. The PISO will also serve as a key member of Trusted CI, the NSF Cybersecurity Center of Excellence. The mission of Trusted CI is to lead in the development of an NSF Cybersecurity Ecosystem with the workforce, knowledge, processes, and cyberinfrastructure that enables trustworthy science and NSF's vision of a nation that is a global leader in research and innovation. Within PSC, the PISO will work with other staff members to assess PSC's computer security risks and to choose appropriate security measures, prepares plans for implementing the measures and leads implementation, monitors performance of the measures and adjusts them accordingly, and leads response to security incidents. Within Trusted CI, the PISO performs potentially similar duties as prescribed by Trusted CI's leadership, with particular attention to cybersecurity interoperability.
Skills and experience:
Leads teams of cybersecurity experts from PSC.
Actively participates in Trusted CI engagements and initiatives, assists with center operations and leads projects with other Trusted CI staff.
Oversees information security of leading edge computing and communications equipment. that is in round-the-clock use by the national research community. PSC's Equipment is valued at roughly $60 million.
Coordinate security in PSC: Conduct periodic assessments of PSC's cybersecurity program. With input from members of a team and/or leadership, enhance PSC's cybersecurity program.
Stay current with new security threats, technological advances and regulatory requirements.
Explore applicable cybersecurity improvement strategies and tactics.
Lead team that carries out the implementation plans. Coordinate periodic audits of
compliance of PSC practices and procedures to requirements, regulations and standards.
Lead PSC incident response, including protection and custody of evidence. Interact with law enforcement or organizations as necessary.
Oversee development, maintenance and dissemination of PSC's documentation on center information security policies and procedures.
Participate in local and national computer security incident response groups.
Develop and promote cybersecurity awareness among staff and users.
Oversee security training for staff and users.
Regularly report to PSC management on information security posture.
Perform associated high-performance computing and communications information security administration duties as needed.
Acts as team leader. Determines own and team's priorities based on overall goals, and may deviate from established procedures and practices as long as end results meet performance objectives and established goals.
Gives advice and counsel to PSC, Trusted CI and ACCESS higher management which significantly influence decisions.
Performs under minimal supervision. All normal duties and responsibilities are handled independently. Only the most difficult or unique situations are referred to higher management levels.
Assesses the severity of an information security or system problem independently and makes a problem determination quickly.
Regular status reports and attendance at various meetings is required.
Flexibility, excellence, and passion are vital qualities within PSC. Inclusion, collaboration and cultural sensitivity are valued competencies at CMU. Therefore, we are in search of a team member who is able to effectively interact with a varied population of internal and external partners at a high level of integrity. We are looking for someone who shares our values and who will support the mission of the university through their work.
Qualifications
Minimum Bachelor's Degree in Computer Science or a related field. A graduate degree in cybersecurity or related field, or certification such as CISSP, CISM, CISA, or CRISC is preferred.
Minimum requirements include knowledge and skills developed through 7+ years of work experience in a related job discipline.
Broad understanding of current computer, data and networking information security practices in a high performance computing and communications environment; demonstrated ability to apply that knowledge to develop and implement a practical, effective security program
Excellent analytical, technical, reasoning and innovative problem-solving skills.
Ability to lead teams and to function competently in a team environment.
Ability to interact and communicate effectively and courteously with members of PSC, the broader university community, partner sites in ACCESS, and Trusted CI and the NSF Cyberinfrastructure community.
Requirements:
Successful background check
Additional Information:
Sponsorship: Applicants for this position must be currently legally authorized to work for CMU in the United States. CMU will not sponsor or take over sponsorship of an employment visa for this opportunity.
Work Posture: This position is operating on a hybrid schedule, with an on-campus/in office presence 3 days a week.
This is a full-time (37.5 hours/week), exempt position
Funding: This is a grant-funded position.
Joining the CMU team opens the door to an array of exceptional benefits available to eligible employees.
Those employees who are benefits eligible have the opportunity to experience the full spectrum of advantages from comprehensive medical, prescription, dental, and vision insurance to an enticing retirement savings program offering a generous employer contribution. You can also unlock your potential with tuition benefits and take well-deserved breaks with ample paid time off and observed holidays. Finally, rest easy knowing you are covered by life and accidental death and disability insurance.
Other perks include a free Pittsburgh Regional Transit bus pass, our Family Concierge Team to help navigate childcare needs, fitness center access, and so much more!
For a comprehensive overview of the benefits that may be awaiting you, explore our Benefits page.
At Carnegie Mellon, we value the whole package when extending offers of employment. Beyond just credentials, we consider the role and responsibilities, your invaluable work experience, and the knowledge gained through education and training. We acknowledge and appreciate your unique skills and the diverse perspective you bring. Your journey with us is about more than just a job; it's about finding the perfect fit for your professional growth and personal aspirations.
Are you interested in an exciting opportunity with an exceptional organization?! Apply today!
Location
Pittsburgh, PA
Job Function
Security
Position Type
Staff - Regular
Full Time/Part time
Full time
Pay Basis
Salary
More Information:
Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world.
Click here to view a listing of employee benefits
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.
Statement of Assurance
Cloud Security Engineer
Security Architect Job In Pittsburgh, PA
**At Dario, Every Day is a New Opportunity to Make a Difference.** Dario is seeking a skilled Cloud Security Engineer to join our Information Security team. In this role, you'll help design, implement, and maintain security controls across our cloud infrastructure while ensuring compliance with industry standards and best practices.
**Responsibilities:**
* Design and implement security architectures for cloud environments (AWS/Azure/GCP)
* Conduct security assessments, vulnerability scanning, and penetration testing of cloud infrastructure
* Develop and maintain cloud security policies, procedures, and standards
* Monitor cloud environments for security incidents and respond to security alerts
* Implement and maintain Identity and Access Management (IAM) policies
* Automate security processes and controls using Infrastructure as Code
* Collaborate with DevOps teams to implement security best practices
* Perform security reviews of cloud architecture designs and deployments
* Implement security controls within CI/CD pipelines
* Develop and maintain security automation scripts for deployment processes
* Implement and manage security logging acquisition to centralized SIEM
* Perform security scanning of container images and dependencies
* Support the Dario Information Security Practice by creating, updating security architecture SOP's
* Review and secure Infrastructure as Code templates
* Monitor and audit configuration changes in cloud environments
* Implement automated security testing in deployment workflows
* Collaborate with development teams to establish secure coding practices
* Maintain security documentation for DevOps processes
* Design and implement secrets management solutions
* Create and maintain security metrics dashboards
Requirements:
* Bachelor's degree in computer science, Cybersecurity, Biomedical Engineering, or related field.
* 3-5 years of experience in cloud security engineering
* Strong knowledge of major cloud platforms (AWS/Azure/GCP)
* Experience with security tools, SIEM solutions, and cloud monitoring
* Proficiency in scripting languages (Python, Bash, PowerShell)
* Understanding of network security concepts and protocols
* Experience with container security and orchestration platforms
* Knowledge of compliance frameworks (SOC 2, ISO 27001, NIST)
* Relevant certifications (CCSP, AWS Security, Azure Security)
* Experience with Infrastructure as Code (Terraform, CloudFormation)
* Knowledge of DevSecOps practices and tools
* Experience with CI/CD security integration
* Incident response and threat hunting experience
Technical Skills:
* Cloud Platforms: AWS, Azure, GCP
* Security Tools: Cloud-native security tools, SIEM platforms
* IAM and Authentication: OAuth, SAML, SSO
* Networking: VPCs, Security Groups, NACLs
* Containerization: Docker, Kubernetes
* Automation: Terraform, Ansible, Python
* Microsoft Cloud / Azure Certification (Architect/Engineer)
* AWS Solutions Architect and/or AWS Security Certification
* DarioHealth promotes diversity of thought, culture and background, which connects the entire Dario team. We believe that every member on our team enriches our diversity by exposing us to a broad range of ways to understand and engage with the world, identify challenges, and to discover, design and deliver solutions. We are passionate about building and sustaining an inclusive and equitable working and learning environments for all people, and do not discriminate against any employee or job candidate. ***
Senior Cloud Security & Automation Engineer
Security Architect Job In Pittsburgh, PA
At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world's financial system we touch nearly 20% of the world's investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere.
We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about.
We're seeking a future team member in the role of Senior Cloud Security & Automation Engineer to join our Information Security Division (Cyber Cloud Security) team. (ISD). This role is located in Pittsburgh, PA or Lake Mary, FL - Hybrid (2-3 days/week in-office. Must live within a commutable distance.)
Click here to view our Information Security Division Career Brochure.
What to expect:
Be part of team that is laser focused on delivering a transformative cloud security program that is in alignment with BNY's overall cloud strategy.
Provided with an opportunity to further finetune and specialize in skills across all cyber disciplines.
You will collaborate with passionate leaders, technologists, architects, engineers, and cyber professionals that strive to enable business securely with innovative technology and solutions.
Strong partnership and support from the Cloud Service Providers (Azure, GCP, AWS) and Cyber Security partners and vendors we do business with.
An opportunity to influence the bank's cloud security and automation strategy.
In this role, you'll make an impact in the following ways:
Design, implement, and maintain secure cloud environments in accordance with industry best practices and regulatory requirements.
Optimize cloud security controls and capabilities (e.g., CSPM, DSPM, etc.) to ensure IaaS, SaaS, PaaS, and FaaS cloud service compliance with relevant regulations, standards, organizational policies, and design patterns through continuous assessment and reporting.
Integrate security tools and practices into our continuous integration and continuous delivery (CI/CD) pipeline, ensuring security is embedded in all stages of the software development lifecycle.
Partner closely with cloud architecture, cloud engineering, developers, and other line-of-business representatives to develop and refine automation capabilities for a multitude of Cloud Service design patterns.
In partnership with SOC and IR implement monitoring and logging solutions to detect and respond to security threats and incidents in real-time.
Provide security domain expertise on protective controls, to include system, network, encryption, and authentication services.
Collaborate with stakeholders to define security requirements and provide guidance on secure development practices.
Develop and maintain documentation related to security policies, procedures, and best practices.
Provide training and support to development and operations teams on security-related topics and tools.
To be successful in this role, we're seeking the following:
Bachelor's or Graduate degree in engineering, computer science or a related discipline or equivalent work experience required.
10+ years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
3-4 years of larger scale application scripting/development experience combined with 2-3 years of direct experience working with and securing cloud native workloads in one or more of the three major cloud service providers (Microsoft Azure, Google Cloud Platform, and AWS).
Expertise in cloud-native container and container orchestration security (e.g., Azure Kubernetes Service).
Experience developing Infrastructure-as-code/Policy-as-code components and automation using languages and tools like Python, Terraform, ARM/BICEP to name but a few.
Experience in implementing security controls in CI/CD pipelines, third party security tools (e.g., Rego) and cloud native policies.
Experience in API Security and implementation of appropriate security controls.
Experience with software architectures and development/scripting experience in at least one programming language.
Experience with cyber security related processes and tooling (e.g., Vulnerability management, IAM).
Familiarity with adopting cloud security frameworks and best practices (e.g., NIST, CIS, CSA CCM, and OWASP).
At BNY, our culture speaks for itself. Here's a few of our awards:
America's Most Innovative Companies, Fortune, 2024
World's Most Admired Companies, Fortune 2024
Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024
Best Places to Work for Disability Inclusion, Disability: IN - 100% score, 2023-2024
“Most Just Companies”, Just Capital and CNBC, 2024
Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024
Bloomberg's Gender Equality Index (GEI), 2023
Our Benefits and Rewards:
BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.
BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.
This is a Talent Pipeline requisition.
Cloud Security Engineer Company Hidden Pittsburgh, PA Contract-to-Hire DevOps 2 Openings Posted today $2,000 reward per hire
Security Architect Job In Pittsburgh, PA
**Cloud Security Engineer** Company Hidden Other Pittsburgh, PA Base pay $12,345 - $678,910 or to view salary and company information DevOps Contract 2 Openings $2,000 reward per hire **About this Role** Agility Partners is seeking a qualified Cloud Security Engineer to fill an open position with one of our banking clients. This is an exciting opportunity to join a security engineering team dedicated to mitigating risks, fraud, and security operations within the technology industry.
Key Responsibilities:
* Deploy Amazon Cloud tools and integrate them into Splunk Cloud
* Deploy Splunk Cloud
* Design and develop components of application and technical architecture
* Execute tests for application or technical architecture components
* Assist in selecting appropriate platforms and integrating and configuring solutions
* Develop software components and hardware for new and emerging technology projects
* Provide consultation on common issues and best practices for junior staff
* Ensure quality of project deliverables and maintain compliance with relevant standards and processes
**Benefits and Perks**
This is a great opportunity to work for a coast-to-coast financial services firm, with tremendous opportunity to grow, develop and move internally to pursue your passions. An organization that develops tools and technologies that incorporate some of the most modern and cutting-edge approaches, working collaboratively and continuously developing as experts in their respective fields.
* Amazing opportunity for growth, healthy work/life balance and a community focused environment
* Working for an organization that focuses on company culture, inclusion and diversity
* 50% medical coverage for you and your entire family, short/long term disability and life insurance options
* 401(k)
* Life Insurance
* Disability coverage
**The Ideal Candidate**
Qualifications:
* Technical Skills: AWS (Kinesis Firehose) Onboarding Mechanism, Cloud Architecture, Splunk Cloud
* Flex Skills: AWS Security, Security Hub, Security Lake, Cloud Trail, Ansible
* Soft Skills: Good documentation skills (Confluence), work tracking (JIRA), good communication
* Education: Bachelor's degree in computer science, software engineering, or relevant field preferred; AWS Certifications preferred
* Experience: 5-7 years of experience in a similar role; experience with security tools onboarding into AWS, integration with Kinesis Firehose, and engineering with Splunk Cloud
Share this job. Make $2,000.
When a friend applies to this position and gets hired, you'll get credited with a referral reward!*
*Reward paid upon hire of your candidate according to our Recruiting Agreement Policy (see right).
Embedded Security Engineer
Security Architect Job In Pittsburgh, PA
At Skild AI, we are building the world's first general purpose robotic intelligence that is robust and adapts to unseen scenarios without failing. We believe massive scale through data-driven machine learning is the key to unlocking these capabilities for the widespread deployment of robots within society. Our team consists of individuals with varying levels of experience and backgrounds, from new graduates to domain experts. Relevant industry experience is important, but ultimately less so than your demonstrated abilities and attitude. We are looking for passionate individuals who are eager to explore uncharted waters and contribute to our innovative projects.
****Position Overview****
We are seeking a proficient Embedded Security Engineer to join our team and contribute to the protection of our models deployed on robotic hardware. You will be responsible for conducting comprehensive threat modeling and security assessments, as well as supporting our engineering teams in adhering to established security standards and requirements. This role involves both software engineering techniques and deep learning methods to encode/encrypt trained models. A blend of technical acumen and collaborative skills is essential, as you will develop solutions to identified risks, write test cases for security controls, and actively participate in offensive security assessments.
****Responsibilities****
* Conduct detailed threat modeling and security assessments of critical assets.
* Regularly update threat models to reflect evolving threats and changes in the business environment.
* Identify and explore vulnerabilities in critical software components used across our environment.
* Create and implement technical solutions to mitigate identified risks, and maintain test cases to ensure the effectiveness and resilience of the solutions.
* Collaborate with engineering teams to ensure compliance with defined security standards and requirements.
* Provide support in the implementation of security measures.
* Lead penetration tests and red team exercises.
****Preferred Qualifications****
* BS, MS or higher degree in Computer Science, Robotics, Engineering or a related field, or equivalent practical experience.
* Proficiency developing higher-level languages (e.g., PHP, Python, C++, or Java).
* Experience with deep learning software, frameworks, and APIs (e.g., PyTorch, etc.).
* Experience with enterprise security.
* Proven experience in threat modeling, security assessments, and penetration testing.
* Strong understanding of cybersecurity principles, frameworks, and standards.
* Understanding and experience with securing transfer and storage of deep neural network models.
Mainframe Security Engineer
Security Architect Job In Pittsburgh, PA
At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world's financial system we touch nearly 20% of the world's investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere.
We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about.
We're seeking a future team member for the role of Mainframe DB2 Systems Engineer to join our Technology Services Group (TSG) - Mainframe team. This role is preferred to be located in Lake Mary, FL or Pittsburgh, PA - HYBRID.
In this role, you'll make an impact in the following ways:
Support mainframe security environment (Focusing on RACF but also ACF2 and TopSecret)
Improving security setup for existing products and engineering security solutions/setup for new products.
Support of third party vendor software utilities and packages as well as in-house developed solutions that are used to manage the security environments.
Capability to evaluate existing security provisioning/setup, identify possible gaps, recommend solutions and effectively communicate with technical, operational and business teams.
Identify security and system vulnerabilities and work with groups to resolve them.
Interact with auditors and provide information required to complete auditing tasks.
To be successful in this role, we're seeking the following:
College/Technical Degree with 8-10 years' technical experience with increasing responsibilities and knowledge and expertise. Knowing mainframe Db2 operational and processing perspectives with distributed WEB access, SQL performance and tuning, and Db2 operational problem determination skills.
At BNY, our culture speaks for itself. Here's a few of our awards:
America's Most Innovative Companies, Fortune, 2024
World's Most Admired Companies, Fortune 2024
Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024
Best Places to Work for Disability Inclusion, Disability: IN - 100% score, 2023-2024
“Most Just Companies”, Just Capital and CNBC, 2024
Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024
Bloomberg's Gender Equality Index (GEI), 2023
Our Benefits and Rewards:
BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.
BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.
Application Security Engineer, Product
Security Architect Job In Ohio, PA
**Compensation** * $94.5K - $175.5K • Offers Equity • Offers Bonus To provide greater transparency to candidates, we share **base salary ranges** for all United States-based job listings. We set standard base salary ranges for all roles based on function, level, and location, benchmarked against software companies.Individual pay decisions are based on a number of factors, including qualifications for the role, relevant work experience, skillset, internal equity, and other factors, consistent with applicable law.
The SecEng team at Chainalysis is focused on maintaining the security and integrity of our solutions. As Security Engineering, we collaborate with various teams across the company to integrate secure practices into our development processes, build and manage security tools and dashboards, and oversee the security operations and deployment across our products and infrastructure.
The Application Security Engineer at Chainalysis is dedicated to maintaining and enhancing the security of our products.. This role involves collaborating with developers to embed security into every stage of the product lifecycle, building custom security tools, automating assessments, and ensuring a robust security posture within our CI/CD pipelines. The Application Security Engineer also leads proactive efforts in vulnerability management, penetration testing, and security reviews to safeguard our products and continuously enhance our security practices
**In this role, you'll:**
* Conduct penetration testing and security assessments to identify vulnerabilities and ensure robust security measures.
* Develop and maintain custom security tools and scripts to automate and enhance security processes.
* Collaborate with development teams to integrate secure coding practices and solutions into both front-end and back-end systems.
* Review and improve security within CI/CD pipelines, integrating tools like SonarCloud and Wiz for continuous security assurance.
* Perform security audits and code reviews, offering guidance through pull requests and collaborative sessions.
* Analyze and address security issues by providing expert advice and actionable solutions to maintain the integrity of applications.
**We're looking for candidates who have:**
* Experience working within a Security Engineering team.
* Hands-on experience in penetration testing and security assessments, with a strong ability to identify and mitigate vulnerabilities.
* Excellent communication skills, both verbal and written, for effective collaboration with cross-functional teams.
* Proficiency with security tools like Burp Suite, Sonarcloud, Jfrog, and Wiz.
* Ability to create custom scripts using Python to enhance automation.
* Proficient coding skills with a focus on security, particularly in Java, Python or Go.
* In depth knowledge of cloud security practices, specifically on platforms such as AWS or GCP.
* Experience integrating security tools into CI/CD pipelines, and a demonstrated ability to automate security testing within development workflows.
**Nice to have experience:**
* Familiarity with blockchain or cryptocurrency security challenges and solutions.
* Experience with Infrastructure as Code (IaC), particularly reviewing and securing Terraform code.
* Certifications such as CISSP, OSCP, or similar credentials, demonstrating a formalized knowledge of security principles and practices.
**Technologies we use and teach:**
* Coding Languages: Java, Python, and Javascript
* IaC: Terraform
* Cloud: AWS, GCP, Cloudflare
* CI/CD Pipeline: GitHub, GitHub Actions, Jenkins
* APIs: REST APIs
**About Chainalysis**
Blockchain technology is powering a growing wave of innovation. Businesses and governments around the world are using blockchains to make banking more efficient, connect with their customers, and investigate criminal cases. As adoption of blockchain technology grows, more and more organizations seek access to all this ecosystem has to offer. That's where Chainalysis comes in. We provide complete knowledge of what's happening on blockchains through our data, services, and solutions. With Chainalysis, organizations can navigate blockchains safely and with confidence.
**You belong here.**
At Chainalysis, we believe that diversity of experience and thought makes us stronger. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us. Some of the ways we're ensuring we keep learning are an internal Diversity Committee, Days of Reflection throughout the year including International Women's Day, Harvey Milk Day, World Humanitarian Day, and UN International Migrants Day, and a commitment to continue revisiting and reevaluating our diversity culture.
We encourage applicants across any race, ethnicity, gender/gender expression, age, spirituality, ability, experience and more. If you need any accommodations to make our interview process more accessible to you due to a disability, don't hesitate to let us know. You can learn more . We can't wait to meet you.
Compensation Range: $94.5K - $175.5K