Snowflake Architect
Security Architect Job In Pittsburgh, PA
Title : Snowflake Architect
Long Term
We are seeking an experienced Snowflake Tech Lead/Architect to join our team. The ideal candidate will have a solid background in data architecture, cloud data warehousing, and analytics. As a Snowflake Tech Lead, you will be responsible for leading the design, development, and implementation of data solutions using Snowflake. You will collaborate closely with cross-functional teams to ensure data solutions are accurate, accessible, and secure.
Key Responsibilities:
Lead the design and implementation of Snowflake solutions to meet business requirements.
Collaborate with business stakeholders, data engineers, and analysts to gather requirements, ensuring data quality and integrity.
Lead the development and maintenance of data models and pipelines using Snowflake.
Manage diverse data sets (XML, JSON, CSV) from disparate sources.
Optimize Snowflake performance, including query tuning and storage optimization.
Manage and mentor a team of data professionals in Snowflake best practices.
Develop and maintain ETL processes to integrate data from various sources.
Monitor and troubleshoot data issues and implement solutions.
Research and develop POCs to demonstrate business capabilities using Snowflake.
Working with global team (onsite & offshore model) and guiding both shores to successfully drive the project/program.
Stay updated with industry trends and advancements in Snowflake and related technologies.
Qualifications:
12+ years of experience in data engineering, data warehousing, or related roles.
Strong expertise in Snowflake architecture, SQL, and data modeling.
Experience with ETL tools (Informatica) and data integration methodologies.
Solid understanding of data warehousing concepts, metadata management, data lakes, and multi-dimensional models.
Familiarity with AWS cloud platforms and data pipeline orchestration tools (e.g., Apache Airflow).
Excellent problem-solving skills and attention to detail.
Strong communication and leadership skills, with the ability to work collaboratively across teams.
Preferred Qualifications:
Snowflake (SnowPro Core or higher) & AWS Cloud certification (CCP or higher)
Experience with data visualization tools (e.g., Qlik, SAS) is an advantage.
Knowledge of programming languages such as Python, Java, or Scala.
Having experience in insurance domain is an advantage.
Experience in Agile/Scrum methodologies.
Security Hardware Architect
Security Architect Job In Oklahoma, PA
As the pioneers who introduced RISC-V to the world, SiFive is transforming the future of compute by bringing the limitless potential of RISC-V to the highest performance and most data-intensive applications in the world. SiFive's unrivaled compute platforms are continuing to enable leading technology companies around the world to innovate, optimize and deliver the most advanced solutions of tomorrow across every market segment of chip design, including artificial intelligence, machine learning, automotive, data center, mobile, and consumer. With SiFive, the future of RISC-V has no limits.
At SiFive, we are always excited to connect with talented individuals, who are just as passionate about driving innovation and changing the world as we are.
Our constant innovation and ongoing success is down to our amazing teams of incredibly talented people, who collaborate and support each other to come up with truly groundbreaking ideas and solutions. Solutions that will have a huge impact on people's lives; making the world a better place, one processor at a time.
Are you ready?
To learn more about SiFive's phenomenal success and to see why we have won the GSA's prestigious Most Respected Private Company Award (for the fourth time!), check out our website and Glassdoor pages.
:
Job Description:
The security architect role will be especially vital to SiFive's effort to create silicon at the speed of software across our entire IP portfolio, including Essential, Intelligence, Performance, and Automotive IPs. The security architect will help plan the roadmap for SiFive security features and will work with various teams Product, Core, SoC platform, and software architects to develop groundbreaking new security features. The security architect will engage with customers and partners to help determine the future of platform security on RISC-V and will engage with the RISC-V International Association to help drive the state of the art of computer security forward.
What you will do:
Define Security features
* The security architect will be responsible for defining the platform security requirements and defining the architecture of the needed security features.
* The security architect will be responsible for writing detailed specifications in accordance with the various functional leads (architects, SW, design and verification leads).
* The security architect will be heavily involved in the micro-architecture to define and review the implementation of the required features.
* The security architect will examine the core microarchitecture to assess the security and define countermeasures when vulnerabilities are identified.
* The security architect will have the opportunity to work with a team of micro-architects, SoC architects, and performance architects in developing the microarchitecture of the security features.
Interface with customers
* The security architect will have a chance to interact directly with customers to understand their needs, use cases and to help resolve their concerns/issues.
Interface with RVIA
* The security architect will participate in various TG/HC related to security.
What You Should Know:
* Familiar with advanced CPU architectures and pipelines
* Has experience in SoC design flow, including spec definition, microarchitecture design, and performance modeling.
* Familiar with the common security threat models
* Familiar with the micro-architectural side-channel attacks and how they can be mitigated
* Familiarity with secure enclave solutions for high-end CPUs
* Familiarity with automotive security considerations and solutions
* Familiarity with mobile device security considerations and solutions
* Familiarity with ROP and JOP exploitation techniques
* Familiarity with security certification processes and methodologies, such as Common Criteria, PSA, SESIP, FIPS 140-3
* Familiarity with common cryptographic algorithms and systems
* Basic understanding of public key cryptography
Additional Information:
This position requires a successful background and reference checks and satisfactory proof of your right to work in:
United States of America
Any offer of employment for this position is also contingent on the Company verifying that you are a authorized for access to export-controlled technology under applicable export control laws or, if you are not already authorized, our ability to successfully obtain any necessary export license(s) or other approvals.
SiFive is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Enterprise Security Architect
Security Architect Job In Pittsburgh, PA
Enterprise Security Architect Duration: Full Time Interview mode: Inperson Brand new role
Serve as a member of the enterprise architecture team, providing technical security insight that aligns with business objectives and security requirements. Establish and evangelize the security architecture (principles, policies, standards and patterns) to development groups, business groups and other stakeholders; Govern adherence to the architecture golden rules. Analyze gaps between current and target security architecture and develops plans to close the gaps.
Responsibilities:
Works with IT departments, information security architects, technical architects, data custodians, and governance groups to develop and update Client security policies, standards, procedures, and solutions for secure application architecture. Ensures that security practices are aligned with Client's overall business strategies.
Advises and drives the security maturity of the development lifecycle including secure coding and system security for operations. Recommends and implements changes in security procedures and practices using best-in-class information to ensure that Client is maintaining best-in-class security practices.
Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs. Conducts Penetration Test, Vulnerability, and Risk assessments to improve the security architecture and security product toolset.
Prepares system security reports by collecting, analyzing, and summarizing data and trends. Executes validation by external vendors.
Verifies security systems and network configurations by developing and implementing test scripts while monitoring adherence to standards in architecture, application design, development, and testing frameworks.
Qualifications
Qualifications:
Bachelor degree with Master preferred. Security certification required.
7 to 10 years of experience operating in a cloud environment (e.g. Azure, AWS, Rackspace) along with at least 5 years working in a dedicated information security role with a focus on Security Architecture for at least 3 years.
7 to 10 years of experience with PaaS, IaaS, SaaS, and/or mobile architecture
Solid experience with security hacking tools and techniques.
Solid understanding in application architectures and technology including web applications, mobile technology, identity and access management, security event and incident management as well as web security controls (e.g. Web Application Firewall, Database Activity Monitor, Distributed Denial of Service controls, etc.)
Extensive working knowledge of web application security best practices to include, but not limited to, Cloud Security Alliance controls matrix, OWASP Top 10.
Experience with compliance standards such as HIPAA, CMS, SOX, GLBA; as well as security frameworks such as SANS 20 CSC, CoBIT, or NIST.
Previous involvement with developing and/or maintaining an Enterprise Security Architecture. Familiarity with TOGAF is a plus
Strong understanding and experience of software development methodologies and life cycles
Excellent written and verbal communications skills required, with the ability to explain advanced concepts to audiences of varying levels
Can be counted on to exceed goals successfully, very bottom-line orientated while steadfastly pushes self and others for results.
Has working knowledge of web application security best practices to include, but not limited to, Cloud Security Alliance controls matrix, OWASP Top 10.
Demonstrated ability to make sound decisions using a mixture of analysis, wisdom, experience, and judgement coupled with a strong ability to learn on the fly (quickly learns new tasks, open to change).
Certifications, licenses or registrations: Security+, CISSP, CISA, CEH
Proven ability to organize/manage multiple priorities coupled with the flexibility to quickly adapt to ever-changing business needs.
Additional Information
All your information will be kept confidential according to EEO guidelines.
SAP Platform Security Consultant
Security Architect Job In Pittsburgh, PA
We are a global collective of innovators applying the "New" every day to improve the way the world works and lives. Help us show the world what's possible as you partner with clients to unlock hidden value and deliver innovative solutions. Empowered with innovative tools, continuous learning, and a global community of diverse talent and perspectives, we drive success in a new business architecture that disrupts conventional practices. Our expertise spans 40+ industries across 120+ countries and impacts millions of lives every day. We turn ideas into reality.
We Are:
Platform Security professionals develop and deliver solutions - including the design and implementation of SAP application Security Roles, implementation of SAP Access and Process Control, Segregation of Duties Analysis Rules, Security Role Provisioning solutions, Security Analytics, Automated External Application Scanning, and Automated Source Code Analysis - that minimize the impact of internal and external manipulation of applications to access, steal, modify, or delete sensitive data.
You Are:
A Security and Risk professional developing and delivering solutions that protect SAP systems and data by establishing policies, practices, and tools that prevent unauthorized access, use, disclosure, modification, or disruption. SAP Platform Security professionals develop and deliver solutions - including design and implementation of SAP Security Roles, Segregation of Duties Analysis Rules, Security Role Provisioning solutions, Security Workflow, Business Process Controls, Security Analytics, Enterprise GRC Solutions, Automated External Application Scanning, and Automated Source Code Analysis. A professional at this position level within Accenture has the following responsibilities:
+ Adapts existing methods and procedures to create possible alternative solutions to moderately complex problems.
+ Understands the strategic direction set by senior management as it relates to team goals.
+ Uses considerable judgment to determine solutions and seeks guidance on complex problems. Primary upward interaction is with the direct supervisor. May interact with peers and/or management levels at a client and/or within Accenture.
+ Determines methods and procedures on new assignments with guidance. Decisions often impact the team in which they reside.
+ Manages small teams and/or work efforts (if in an individual contributor role) at a client or within Accenture.
The Work (Role Responsibility):
+ Contribute to a strong client relationship through interactions with client personnel-
+ Understand engagements as they relate to client's business
+ Configure security and associated solutions in SAP S/4 to meet unique client security requirements
+ Demonstrate knowledge in some areas of industry or functional specialty
+ Communicate client expectations to the engagement team
+ Conduct security assessments
+ Assume responsibility for small components of engagements. May have a greater role in small engagements
+ Contribute to engagement planning and verify that deliverables meet contract and work plan objectives.
+ Deliver services that meet Accenture Project Manager specifications
+ Recognize and communicate opportunities to sell "add-on" work to client
+ Strong understanding of information security management principles, SAP application security implementation methodologies, role-based access controls, distributed systems administration, and distributed system recovery.
+ Demonstrate experience 1) independently completing complex security-related tasks (ex. An upgrade to S/4HANA); 2) making major contributions in assuring deliverables meet contract and work plan objectives and; 3) taking on tasks of increased complexity
+ Ability to take a broad view of the position and take initiative to communicate, interact, and cooperate with others to ensure that all aspects of a task are addressed
+ Ability to independently create written deliverables and participate in presentations
+ On-site, regular client travel will be required for this position
Here's What You Need (Basic Qualifications):
- Minimum 3 years of experience in SAP S/4 HANA, with a focus on implementation
- Minimum 3 years of experience creating technical documentation
- Minimum 3 years of experience with SAP Fiori and HANA DB security experience
- Bachelor's degree or equivalent (minimum 12 years) work experience. (If Associate's Degree, must have minimum 6 years work experience)
- Travel may be required for this role. The amount of travel will vary from 0 to 100% depending on business need and client requirements.
Bonus Points If You Have (Preferred Skills):
- Prior experience working in a consultant/advisory capacity. Big Four experience preferred
- Knowledge of internal controls, with relation to SAP Security and SAP Access/Process Controls - Proven ability to work creatively and analytically in a problem-solving environment
- Proven success in contributing to a team-oriented environment
+ Desire to work in an environment fostering teamwork and camaraderie
+ Excellent leadership, communication (written and oral), and interpersonal skills
Compensation at Accenture varies depending on a wide array of factors, which may include but are not limited to the specific office location, role, skill set, and level of experience. As required by local law, Accenture provides a reasonable range of compensation for roles that may be hired in California, Colorado, District of Columbia, Illinois, Maryland, Minnesota, New York or Washington as set forth below.We accept applications on an on-going basis and there is no fixed deadline to apply.
Information on benefits is here. (************************************************************
Role Location Annual Salary Range
California $63,800 to $196,000
Colorado $63,800 to $169,300
District of Columbia $68,000 to $180,300
Illinois $59,100 to $169,300
Minnesota $63,800 to $169,300
Maryland $59,100 to $156,800
New York $59,100 to $196,000
Washington $68,000 to $180,300
#LI-NA
What We Believe
We have an unwavering commitment to diversity with the aim that every one of our people has a full sense of belonging within our organization. As a business imperative, every person at Accenture has the responsibility to create and sustain an inclusive environment.
Inclusion and diversity are fundamental to our culture and core values. Our rich diversity makes us more innovative and more creative, which helps us better serve our clients and our communities. Read more here (***********************************************************************
Equal Employment Opportunity Statement
Accenture is an Equal Opportunity Employer. We believe that no one should be discriminated against because of their differences, such as age, disability, ethnicity, gender, gender identity and expression, religion or sexual orientation.
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Accenture is committed to providing veteran employment opportunities to our service men and women.
For details, view a copy of the Accenture Equal Employment Opportunity and Affirmative Action Policy Statement (********************************************************************************************************************************************** .
Requesting An Accommodation
Accenture is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Accenture and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.
If you would like to be considered for employment opportunities with Accenture and have accommodation needs for a disability or religious observance, please call us toll free at ****************, send us an email (************************************************* or speak with your recruiter.
Other Employment Statements
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.
Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.
Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.
The Company will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Additionally, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company's legal duty to furnish information.
Information Systems Security Manager (ISSM)
Security Architect Job In Pittsburgh, PA
Top Secret Clearance Jobs is dedicated to helping those with the most exclusive security clearance find their next career opportunity and get interviews within 48 hours. Job Type Regular Information Systems Security Manager (ISSM) The Information Systems Security Manager (ISSM) functionally manages the process to protect RAND's classified information. The ISSM's primary function is implementation of all classified security policy, procedures and government security requirements as required by the United States Government. The ISSM outlines classified security policies and procedures and assures staff compliance with all applicable government regulations. The ISSM serves as the subject matter expert for classified systems security questions and problem solving within the classified security team. The ISSM reports directly to the Manager, Security Operations.
Duties
Performs the Information Systems Security Manager (ISSM) responsibilities and role for RAND's classified network, TS/SCI, and SAP/SAR activities; performs oversight administration of classified systems activities.
Supports the FSO as related to classified processing for maintaining secure facility accreditations and joint and co-use agreements with applicable government agencies.
Writes, coordinates, and conducts classified systems security education briefings (SAP, SCI and CLAN) and the User Acknowledgment statement as required.
Supports the Corporate Information System Security Manager, in maintaining detailed records of Security & Classified Operations department functions and activities for monthly reports to RAND management regarding classified systems; conducts classified security investigations as required by the Corporate Information Systems Security Manager.
Performs computer systems security activities, implementing security controls for RAND systems processing classified information including initial approval, re-approval, decertification and audits.
Coordinates with the Defense Intelligence Agency and other elements of the U.S. intelligence community on inspections, reviews, investigations, and other reportable issues; coordinates with the Defense Counterintelligence and Security Service (DCSA) and Department of Defense sponsors on inspections, reviews, investigations, and other reportable issues.
Responsible for the classified computing protection program at the collateral, TS/SCI, and SAP/SAR levels, as well as the classified computing hardware/software and voice/data communication audits.
Other duties and special projects as assigned.
Education
Experience
High school diploma or GED required. BS/BA degree preferred.
At least 6 years relevant experience required. At least 9 years relevant experience preferred.
Basic Qualifications
In-depth working knowledge of Industrial Security and the regulations associated with classified programs, NISPOM, DAAPM, ICD's, JSIG and NIST 800 Series documents and applicable government security regulation experience in classified security government programs. Must be familiar with Systems accreditation processes with multiple government agencies.
Established relationships and a positive reputation with industrial and government security counterparts.
An understanding of principles and methods used in developing, establishing, and maintaining a local, state and federal government compliant program in classified security.
Thorough knowledge of information security systems and the classified network.
Ability to obtain and maintain a DoD 8570.01-M (Information Assurance Workforce) IAM level 2 certification (e.g. GSLC, CISM, or CISSP) within the first 6 months of employment.
Excellent written and verbal communication skills.
Proficient in MS Office Applications.
Must be able to pass a background check.
Location
Pittsburgh
Security Clearance
Must meet eligibility requirements for access to U.S. government classified information
Positions Open
One
Salary Range: $117,700 - $179,700
RAND considers a variety of factors when formulating an offer, including but not limited to, the specific role and associated responsibilities; a candidate's work experience, education/training, skills, expertise; and internal equity. The salary range includes base pay plus RAND's sabbatic pay (which provides additional compensation above base pay when vacation is taken). In addition, RAND provides strong benefits including health insurance coverage, life and disability insurance, savings plan, paid time-off and more.
Equal Opportunity Employer: race/color/religion/sex/sexual orientation/gender identity/national origin/disability/vet
Sr. Information Security Manager
Security Architect Job In Murrysville, PA
Job TitleSr. Information Security ManagerJob Description
Sr. Information Security Manager - Murrysville, PA
The Integrated Supply Chain (ISC) Information Security Manager will be responsible for developing, implementing and monitoring a strategic and comprehensive IT security plans across multiple geographies and driving security in manufacturing sites, Distribution Centers, and warehouses across the US.
Your role:
Develop and implement robust OT (Operational Technology), Cloud, Network, IoT (Internet of Things) security strategies on ISC (Integrated Supply Chain) manufacturing process aligned with industry standards, such as establishing security architecture compliance with regulations (e.g., HIPAA, FDA) and deploy technologies like firewalls and OT IDS (Operational Tech. Intrusion Detection System) solutions for system segmentation and protection.
Leverage experience with OT technologies (e.g., Nozomi Guardian, Armis, Claroty) and perform vulnerability assessments by applying frameworks like MITRE ATT&CK and STRIDE for threat modeling and attack simulations, driving solutions to address security threats.
Identify, assess, and mitigate: Operational Tachnology (OT) Cloud, Network, IoT (Internet of Things) risk and/or threats on Integraged Supply Chain (ISC) manufacturing security through cross-functional collaboration, develop incident response plans, lead investigations, and implement corrective actions to address root causes of security breaches.
Secure supply chain systems by collaborating with vendors, conducting assessments, and enforcing compliance with security standards.
Build a culture of security through targeted training programs and stakeholder education.
You're the right fit if:
You have +10 years experience on developing and implementing cybersecurity strategies on manufacturing/ supply chain/ logistics environment.
Bachelor's in Computer Science, Information Technology and/or an equivalent academic field. Master's degree in a similar academic field is preferred.
You have a Cybers Security Certification such as CISSP, CISM, CISA, CIPP etc. preferred. Knowledge on MITRE Framework, IEC 62443/NIST 800:23 is preferred.
Your skills a thorough understanding of Security Management and Governance principles, along being able to deliver cross-cultural etiquette, customer-centric and collaborative mindset.
You must be able to successfully perform the following minimum Physical, Cognitive and Environmental job requirements with or without accommodation for this position.
How we work together
We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company's facilities. Field roles are most effectively done outside of the company's main facilities, generally at the customers' or suppliers' locations.
This is an in office role.
About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help improve the lives of others.
Learn more about our business.
Discover our rich and exciting history.
Learn more about our purpose.
Learn more about our commitment to diversity and inclusion.
Philips Transparency Details
The pay range for this position in Murrysville, PA is from $ 107,000. 00 to $154,000.00
The actual base pay offered may vary within the posted ranges depending on multiple factors including job-related knowledge/skills, experience, business needs, geographical location, and internal equity.
In addition, other compensation, such as an annual incentive bonus, sales commission or long-term incentives may be offered. Employees are eligible to participate in our comprehensive Philips Total Rewards benefits program, which includes a generous PTO, 401k (up to 7% match), HSA (with company contribution), stock purchase plan, education reimbursement and much more. Details about our benefits can be found here.
At Philips, it is not typical for an individual to be hired at or near the top end of the range for their role and compensation decisions are dependent upon the facts and circumstances of each case.
Additional Information
US work authorization is a precondition of employment. The company will not consider candidates who require sponsorship for a work-authorized visa, now or in the future.
Company relocation benefits
will not
be provided for this position. For this position, you must reside in
or
within commuting distance to Murrysville, PA.
#LI-PH1
#LI-OFFICE
This requisition is expected to stay active for 45 days but may close earlier if a successful candidate is selected or business necessity dictates. Interested candidates are encouraged to apply as soon as possible to ensure consideration.
Philips is an Equal Employment and Opportunity Employer/Disabled/Veteran and maintains a drug-free workplace.
Cyber Security Analyst (2728)
Security Architect Job In West Mifflin, PA
Navarro Research and Engineering is recruiting for a Cyber Security Analyst in West Mifflin, Pennsylvania. Navarro is a premier contractor providing high-quality technical services to DOE, NASA, and DOD. Navarro's success is based on our customer service focus and our well-known responsiveness and innovation. In all we do, either in corporate management or in our services to our clients, we seek for the most effective and efficient approaches to provide best value to our clients.
The Naval Nuclear Laboratory develops advanced naval nuclear propulsion technology for the safety and reliability of our Navy's submarine and aircraft fleet. Our company is looking for a Cybersecurity subcontractor professional to join our team. The subcontractor will be responsible for execution of all aspects of the National Institute of Standards and Technology (NIST) directives to support the Risk Management Framework (RMF). This includes assisting information system owners with development of System Security Plans (SSPs) and Security Assessment Reports (SARs) using the existing RSA Archer application on the Naval Nuclear Propulsion Network (NNPP Net) to support information system authorization. Additionally, the subcontractor will assist in the development of Plans of Action and Milestone (POA&Ms) and Risk Based Decisions (RBDs) for deficiencies found during the information system authorization process.
Requirements
+ An active DOE Q or DoD Top Secret clearance.
+ At least four years of combined experience in the following roles; security control validator, security control assessor, Information System Security Officer (ISSO), or Information System Security Manager (ISSM)
+ At least two years of experience supporting development of information system security authorization packages in accordance with Risk Management Framework (NIST 800-37, 800-53, 800-53a)
+ At least two years of experience working with Federal Risk and Authorization Management Program (FedRAMP)
+ Security+ Certification
+ Experience with the RSA Archer application\
+ At least two years of experience working on IT security project teams.
+ At least one year of experience managing IT projects.
+ Knowledge of IT infrastructure and services (Data Centers, physical and virtual servers, local and wide area networking components, cloud Infrastructure/Platform/Software as a Service, etc.)
+ Knowledge of security policies such as NIST Special Publications, Security Technical Implementation Guides (STIGs), DOD Cloud Computing Security Resource Guide (SRG)
+ Knowledge of infrastructure security, endpoint protection, vulnerability management tools
+ Previous work authorizing information systems within a classified DoE or DoD environment.
+ Familiarity with NIST 800-171
+ Certified Information Systems Security Professional (CISSP) certification- Certificate of Cloud Security Knowledge (CCSK) certification
Benefits
+ Health Care Plan (Medical, Dental & Vision)
+ Retirement Plan (401k, IRA)
+ Life Insurance (Basic, Voluntary & AD&D)
+ Paid Time Off (Vacation, Sick & Public Holidays)
+ Short Term & Long-Term Disability
Annual Salary Range (based on full-time 40 hours per week)
Salary Range: $85,000 - $160,000 depending on education and years of experience.
In accordance with the Navarro Research and Engineering, Inc (Navarro) salary determination process, Navarro takes into consideration the level of assigned job duties and responsibilities and the candidate's education, training, and/or experience relative to internal peers and the external labor market. A candidate's salary history will not be used in compensation decisions.
Security Engineer - Test/Deploy Cloud Controls
Security Architect Job In Pittsburgh, PA
Position OverviewAt PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company's success. As a Software Engineer within PNC's Technology organization, you will be based in Pittsburgh, PA; Cleveland, OH; Birmingham, AL or Dallas, TX. The position is primarily based in a PNC location. Responsibilities require time in the office or in the field on a regular basis. Some responsibilities may be performed remotely, at the manager's discretion.
**PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position**
As a Senior Security Engineer, you will be embedded in the Cloud Security Team and will build and deploy innovative security controls that protect public cloud workloads that are in alignment with regulatory standards. You will work on a highly innovative/collaborative team that works diligently to automate and bake security into public cloud workloads. You will utilize Cloud Service Provider's native Cloud Native Application Protection Platform (CNAPP) tools as well as Palo Alto Prisma Cloud to posture assess PNC's public cloud workloads. Familiarity and willingness to develop expertise in utilizing Prisma Cloud as the source of truth for public cloud resource compliance is a must for this position.
Having a strong ability to collaborate and problem solve within the Cloud Security team and with our partners and stakeholders is critical. You will work closely with Prisma Cloud and PNC's Security as Code (SAC) pipeline to test and deploy security controls that ensure PNC workloads are secure by default. You will interact and engage with PNC's Fusion Center, which is our SOC, to understand potential vulnerabilities and work to codify these controls.
In addition, you will engage with our Cloud Product team and Infrastructure as Code (IAC) teams as we shift our security controls to the left into the IAC pipeline and Integrated Developer Environments (IDE). Being able to effectively communicate verbally and in writing is critical to interacting and engaging our stakeholders and internal customers. You will be a vital part of the Cloud Security team's mission to secure PNC's cloud workloads.
Responsibilities
· Test security controls in lower environments for Azure resources and AWS services
· Validate security control effectiveness and promote to production workloads
· Work within agile team and proactively participate in planning sessions
· Engineer and Configure Palo Alto Prisma Cloud to effectively analyze and assess cloud workloads for compliance
· Write RQL queries to implement new policies to check for resource drift.
· Provide technical support to remediate alerts in Prisma Cloud
· Enable key stakeholders with access to Prisma Cloud to utilize licensed components to full effectiveness
· Continuous learning environment - Our team does not stand still, a growth mindset that is continuously seeking new and better ways to solve security challenges is a must.
· Assess, implement, automate, and document security solutions and processes for Microsoft Azure and AWS
· Provide analysis of workloads to ensure alignment with operational security requirements in order to go to production.
· Work closely with Cloud Security Product Owner to refine backlog tickets and define priority and sizing
· Automate and orchestrate the process of Cloud software deployment (CI/CD) to integrate enterprise security standards, policies, configurations, and architectures, for applications, platforms, and infrastructure
· Assist DevOps team members with the development and operationalization of security, and access Cloud requirements
· Ability to work on multiple projects in parallel, ensuring security best practices are utilized across all stages of application development as well as applications deployed to production
Preferred Skills:
· Thorough understanding of AWS and Azure public cloud products & services.
· Experience in applying security controls as code to public cloud workloads in Azure and AWS.
· Experience in automating security controls that respond to misconfigurations of expected cloud resource settings.
· Creating innovative solutions to meet PNC's technical security needs.
· Proficient in one or more scripting languages such as Python, Powershell, Bash, etc.
· Expertise with Git, including branching workflows.
· Experience with testing security controls in non-prod environments to ensure the effectiveness of the control.
· Strong written and verbal communications skills.
· Process and detail oriented.
· Demonstrate willingness to actively participate in planning sessions and take ownership of assigned tasks.
· Ability to “think outside the box” when considering options to address security controls at scale and across multiple cloud service providers.
· Familiarity and understanding of basic SQL or KQL queries.
Preferred Certifications:
· Azure Fundamentals - AZ-900
· Azure Security Engineer Associate - AZ-500
· AWS Cloud Security EngineerJob Description
Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines.
Responsible for working with architecture to take high level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding and operationalization.
Evaluates patches, updates, and ongoing maintenance. Determines impacts to existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions .
Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions.
Works with operational partners to enable transition and day-to-day supportability.
Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise.
PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:
Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.
Qualifications
Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.
Preferred SkillsAccess Control (AC), Building Architecture, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Physical Security, Risk Assessments, Security TechnologiesCompetenciesAnalytical Thinking, Effective Communications, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Network and Internet Security, Problem Solving, Technical TroubleshootingWork ExperienceRoles at this level typically require a university / college degree, with 5+ years of industry-relevant experience. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.EducationBachelorsCertificationsNo Required Certification(s) LicensesNo Required License(s) BenefitsPNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 8 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.
To learn more about these and other programs, including benefits for full time and part-time employees, visit Your PNC Total Rewards.
Disability Accommodations Statement
If an accommodation is required to participate in the application process, please contact us via email at AccommodationRequest@pnc.com. Please include “accommodation request” in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses. Applicants may also call ************ and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
At PNC we foster an inclusive and accessible workplace. We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions.
Equal Employment Opportunity (EEO)
PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.
California Residents
Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.
Zscaler Security Engineer ( experience with Zscaler Private Access )
Security Architect Job In Pittsburgh, PA
For immediate consideration, please connect with me on LinkedIn at ************************************** and then email your resume, work authorization status, current location, availability, and compensation expectations directly to ***************************** - make sure to include the exact job title and job location in your email message.
*** Contract position for 18+ month; contract can be extended; contract to hire is possible.
*** The job is on-site with a HYBRID work schedule. Candidates must be local or willing to relocate within commuting distance of Pittsburgh PA, Cleveland OH, Birmingham AL, Dallas TX, Phoenix AZ
Zscaler Security Engineer :
- Implement and manage Zscaler Private Access (ZPA) solutions across the enterprise environment
- Configure and maintain secure web gateways and remote access systems
- Deployment of zero trust architecture and security frameworks
- Collaborate with CIO engineering team on enterprise-wide ZPA rollout initiatives
Required Qualifications (Skills, Experience, Education, Certifications) :
- Experience with Zscaler Private Access implementation and management
- Experience with secure web gateways and remote access technologies
- Ideally with certifications like : Zscaler Certified Administrator (ZCA) , Zscaler Certified Professional (ZCP), Zscaler Certified Cloud Security Professional (ZCCSP), Certified Zero Trust Security Professional (CZTSP), Zero Trust Certified Architect (ZTCA)
For immediate consideration, please connect with me on LinkedIn at ************************************** and then email your resume, work authorization status, current location, availability, and compensation expectations directly to ***************************** - make sure to include the exact job title and job location in your email message.
.
System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.
Assistant AI Security Researcher
Security Architect Job In Pittsburgh, PA
Are you a cybersecurity and/or AI researcher who enjoys a challenge? Are you excited about pioneering new research areas that will impact academia, industry, and national security? If so, we want you for our team, where you'll collaborate to deliver high-quality results in the emerging area of AI security.
The CERT Division of the Software Engineering Institute (SEI) is seeking applicants for the AI Security Researcher role. Originally created in response to one of the first computer viruses -- the Morris worm - in 1988, CERT has remained a leader in cybersecurity research, improving the robustness of software systems, and in responding to sophisticated cybersecurity threats. Ensuring the robustness and security of AI systems is the next big challenge on the horizon, and we are seeking life-long learners in the fields of cybersecurity, AI/ML, or related areas, who are willing to cross-train to address AI Security.
The Threat Analysis Directorate, is a group of security experts focused on advancing the state of the art in AI security at a national and global scale. Our tasks include vulnerability discovery and assessments, evaluation of the effectiveness and robustness of AI systems, exploit discovery and reverse engineering, and identifying new areas where security research is needed. We participate in communities of network defenders, software developers and vendors, security researchers, AI practitioners, and policymakers.
You'll get a chance to work with elite AI and cybersecurity professionals, university faculty, and government representatives to build new methodologies and technologies that will influence national AI security strategy for decades to come. You will co-author research proposals, execute studies, and present findings and recommendations to our DoD sponsors, decision makers within government and industry, and at academic conferences. The SEI is a non-profit, federally funded research and development center (FFRDC) at Carnegie Mellon University.
What you'll do:
* Develop state of the art approaches for analyzing robustness of AI systems.
* Apply these approaches to understanding vulnerabilities in AI systems and how attackers adapt their tradecraft to exploit those vulnerabilities.
* Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats to AI systems, and effectively participate in the broader security community.
* Study and influence the AI security and vulnerability disclosure ecosystems.
* Evaluate the effectiveness of tools, techniques and processes developed by industry and the AI security research community.
* Uncover and shape some of the fundamental assumptions underlying current best practice in AI security.
* Develop models, tools and data sets that can be used to characterize the threats to, and vulnerabilities in, AI systems, and publish those results. You will also use these results to aid in the testing, evaluation and transition of technologies developed by government-funded research programs.
* Identify opportunities to apply AI to improve existing cybersecurity research.
Who you are:
* You have BS in machine learning, cybersecurity, statistics, or related discipline.
* You have an interest in AI/ML and cybersecurity with a penchant for intellectual curiosity and a desire to make an impact beyond your organization.
* You have practical experience with applying cybersecurity knowledge toward vulnerability research, analysis, disclosure, or mitigation.
* You have experience with advising on a range of security topics based on research and expert opinion.
* You have familiarity with implementing and applying AI/ML techniques to solving practical problems.
* You have familiarity with common AI/ML software packages and tools (e.g., Numpy, Pytorch, Tensorflow, ART).
* You have knowledge or familiarity with reverse engineering tools (e.g. NSA Ghidra, IDA Pro)
* You have experience with Python, C/C++, or low-level programming.
* You have experience developing frameworks, methodologies, or assessments to evaluate effectiveness and robustness of technologies.
* You have superb communication skills (oral and written), particularly regarding technical communications with non-experts.
* You enjoy mentoring and cross-training others and sharing knowledge within the broader community.
* Applicants with a solid technical background in AI/ML or cybersecurity, but not both, are encouraged to apply provided a strong desire to rapidly learn on the job.
Location
Pittsburgh, PA
Job Function
Software/Applications Development/Engineering
Position Type
Staff - Regular
Full time/Part time
Full time
Pay Basis
Salary
More Information:
* Please visit "Why Carnegie Mellon" to learn more about becoming part of an institution inspiring innovations that change the world.
* Click here to view a listing of employee benefits
* Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.
* Statement of Assurance
Lead Security Engineer
Security Architect Job In Pittsburgh, PA
Day-to-Day Insight Global is seeking a Lead Security Engineer to join a higher education client in Pittsburgh. The ideal candidate will be responsible for overseeing and enhancing the security of the infrastructure. You will play a crucial role in managing security threats, evaluating systems, and ensuring effective communication between various teams and directors.
Other responsibilities include
Identify and fix security vulnerabilities within the infrastructure
Integrate and optimize systems to effectively detect and respond to phishing and spam threats
Develop and manage alerts for phishing emails and spam
Recommend and implement improvements to enhance overall security posture
Delegate tasks to appropriate team members and ensure timely resolution of security threats
Act as a liaison between the security team, directors, and other departments
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ******************** .
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: *************************************************** .
Skills and Requirements
Bachelor Degree
5+ years of System or Network Engineering experience
3+ years of Security related experience
o DNS, Palto Alto firewalls, etc
Office 365 Experience null
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to ********************.
Electronic Security Engineer
Security Architect Job In Pittsburgh, PA
Embark on a trailblazing career in Security Technology with Allied Universal Technology Services, a global leader in security technology that's transforming the security industry. We integrate state-of-the-art technology with physical security to protect our clients and communities, harnessing tools like electronic access control, video surveillance, and alarm monitoring, alongside emergent innovations such as robotics, drones, and augmented technology. As a valued team member, you'll be part of a diverse and dynamic workforce that thrives on innovation and inclusivity. We offer a wide spectrum of job opportunities for both stability and growth across various roles, including service and installation technicians, engineers, and project managers. At Allied Universal , we don't just embrace change; we drive it, creating a culture where diversity fosters innovation and forges caring connections. Join us and help set new benchmarks in the security industry while advancing your career. Enjoy comprehensive benefits for most full-time positions, including medical, dental, and vision coverage, life insurance, retirement plans, employee assistance programs, and exclusive perks.
Job Description
Allied Universal Technology Services is looking to hire an Applications Engineer. The Applications Engineer is responsible for software-specific support of our installation team to include the integration / interface of multiple disparate software applications into fully functioning solutions. This position will be responsible for all levels of system head-end commissioning, upgrades, and advanced diagnostics to achieve the defined functionality of systems operation. The Applications Engineer should be capable of utilizing existing SDK's and/or API's to ensure the desired level of integration and should be capable to perform customized integration between software applications. The Applications Engineer's schedule will be coordinated by Operations and Project Managers to be effectively and efficiently utilized.
RESPONSIBILITIES:
Capable of advanced integration between disparate electronic security systems
LAN & Network configurations experience include wireless communications system.
Perform system diagnostic and troubleshooting duties to ensure a fully functioning system
Work with Project Managers, End Users and Technician team to provide assistance in regards to the software systems
Troubleshoot project issues and engage appropriate resources as needed.
Escalate significant issues to management team as needed.
Work with the Project Management team to coordinate project and work schedules to ensure project efficiencies
Work with Operations Manager to schedule and maintain appropriate licensing and software trainings for professional development
Take the lead in End User Software training
QUALIFICATIONS:
A high school diploma or equivalent required; a BA/BS Degree preferred
In-depth knowledge of industry-leading security system and equipment providers
Certification with major enterprise level security/access control systems preferred
Decision-making and problem-solving ability
Ability to read and understand advanced technical information and documentation
Proficient with MS Office Suite (Excel, Outlook, PowerPoint, Project, SharePoint and Word)
Excellent verbal and written communication skills
Ability to establish and maintain effective working relationships with both internal and external customers
Must be detail-oriented and organized
Strong analytical and problem-solving capabilities
Strong time management skills
Self-motivated with the ability to motivate and influence others
Must be able to manage multiple tasks while meeting strict deadlines
Possess excellent follow-up skills
Certifications in the following Software platforms are preferred
AMAG
Idemia (Biometrics)
BENEFITS:
Medical, dental, vision, basic life, AD&D, and disability insurance
Enrollment in our company's 401 (k) or Supplemental Income Plan, subject to eligibility requirements
Eight paid holidays annually, five sick days, and four personal days
Vacation time offered at an accrual rate of 3.08 hours biweekly. Unused vacation is only paid out where required by law.
Closing
Allied Universal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race/ethnicity, age, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, protected veteran status or relationship/association with a protected veteran, or any other basis or characteristic protected by law. For more information: ***********
If you have any questions regarding Equal Employment Opportunity, Affirmative Action, Diversity and Inclusion, have difficulty using the online system and require an alternate method to apply, or require an accommodation at any time during the recruitment and/or employment process, please contact our local Human Resources department. To find an office near you, please visit: ***********/offices.
Requisition ID 2025-1330811
Cyber Security Analyst with Top Secret Clearance
Security Architect Job In West Mifflin, PA
Opportunity
The Cyber Security Analyst will be responsible for the implementation, administration, and maintenance of automated cyber security tools on the enterprise C-Cure system including vulnerability management (scanning, patching), system firewall/intrusion detection, anti-virus, audit logs, peripheral port security, security hardening, and security compliance. The current cyber security tools being used are Nessus (scanning), IBM BigFix (patching), McAfee (system firewall/intrusion detection), McAfee (anti-virus), IBM QRadar (audit logs), lvanti (peripheral port security), Microsoft Group Policy Management (security hardening), Microsoft SCAP (security compliance), Microsoft Active Directory (account management), and Microsoft Windows System Backups.
Provide cyber security maintenance of the enterprise C-Cure system.
Deploy hardware and software patches to the respective C-Cure test/development servers.
Remediate all vulnerabilities that have been identified by the Nessus scans and update them in RSA Archer.
Deploy system firewall, intrusion detection, and anti-virus to the enterprise C-C re system.
Collect and monitor audit logs on the enterprise C-Cure
Lock down peripheral ports on the enterprise C-Cure
Apply security hardening to the enterprise C-Cure system in accordance with applicable DISA STIGs and vendor hardening guides.
Perform SCAP scans of the enterprise C-Cure system.
Manage and monitor Microsoft Active Directory accounts.
Setup and monitor Microsoft Windows systems backups.
Qualifications
Clearance Required: Top Secret or DOE Q clearance required prior to consideration.
Experience Required:
Have training or knowledge in the following vulnerability management products (or equivalent):
1) Nessus (scanning)
2) IBM BigFix (patching)
3) RSA Archer (remediation tracking tool).
Have training or knowledge in administration and use of Microsoft Windows Server 2016/2019, Microsoft Windows 10, and Microsoft SQL Server 2016/2017
Have training or knowledge in the following cyber security products (or equivalent):
1) McAfee (system firewall, intrusion detection, anti virus)
2) Elasticsearch (audit logs)
3) lvanti (peripheral ports)
4) Microsoft Group Policy Management (security hardening)
5) Microsoft SCAP (security compliance)
Microsoft Active Directory (account management)
and 6) Microsoft Windows system backups.
Have training or knowledge of the following areas (or Buyer approved equivalent):
Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGS)
About IMG
Founded in 1987, IMG is a leading small business that exemplifies competence, integrity and follow-through. We consistently provide customer focused professional services, which ensures our company is recognized for continually exceeding expectations. We believe that at the core of our success stand our people. Our people have provided professional services in the Information Technology field for our customers with a commitment to customer satisfaction for over 35 years.
IMG Benefits:
Health, dental, vision, and life insurance
Short term and long term disability insurance
401(k) with generous company match
Flexible Spending Accounts (FSA) and Health Savings Accounts (HSA)
Personal leave plus paid federal holidays
Professional development and training assistance
IMG is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Information Security Analyst
Security Architect Job In Canonsburg, PA
Job Type: Full-time
Work Authorization: U.S. Citizen or Green Card
The A.C. Coy Company is currently seeking candidates for an Information Security Analyst role. This individual will serve as a main contact for compliance and security initiatives within the company. Our ideal candidate will have 5+ years of experience working in information security and specific experience in GRC and cybersecurity. CISSP is strongly preferred. Occasional travel to other office locations is required, but very rarely overnight.
Our client is offering an excellent salary and benefits package and strong career growth opportunities.
Responsibilities
Lead and manage security initiatives, compliance enforcement, and incident response in accordance with corporate policies and standards
Maintain and improve our ISMP /Process Documents, create and update process documentation, controls, and SOPs
Maintain security policy and procedure documentation, such as ISMP, according to changes in the business and security framework.
Develop and design necessary systems to maintain and improve the organization's security posture
Conduct log reviews and investigations and monitor/report on security systems such as the SIEM, IPS, and VM
Manage third-party risk management and security awareness program
Provide guidance on development and technology security strategy for the IT team
Mentor and grow our high-performing security team
Works closely with Incident Response Team to gather requirements and support their needs
Help maintain Security Operations Center (SOC) to improve incident response time with Network Technician(s)
Support in achieving organizational Objectives and Key Results (OKRs)
Track, analyze, and report threats, risks, vulnerabilities, and incident data as part of our data-driven security operation
Track and improve corporate security Key Performance Indicators (KPIs)
Brief associates and executives at annual reviews, lunch & learns, and training events on security awareness
Develop and sustain long-standing relationships with 3rd party vendors
Assist with RFP and other client requests for security and compliance confirmation documentation
Assist our stakeholders with aligning standard operating procedures, controls, monitoring, and reporting
Qualifications
Required
Bachelor's degree in Computer Science, Information Systems, Information Security or a related field
5+ years experience in the working in information security and technology
Willingness to certify in Security+ and Network+ within first year of role placement is required
Preferred
CISSP certification
Some experience working in networking and server infrastructure
Experience in the commercial print industry preferred
Experience with C# development
Experience with SQL
Cyber Watch Desk Analyst
Security Architect Job In Pittsburgh, PA
Full-time Description
New World. New Problems. New Solutions
.
Edgeworth Security is a full-service security firm, specializing in Interactive Video Surveillance, Security System Integration, Executive Protection and Security Consulting Services. Our security solutions and suite of managed services leverage modern technology and automation to significantly lower theft and crime, as well as improve overall operations for our customers. Edgeworth Security takes a proactive stance on crime prevention and operational enhancement by applying artificial intelligence and military grade analytics used in our Command Center. We combine people, processes, and technology to actively secure, protect and improve the operations of our clients' people, property, and assets.
Position: Cyber Watch Desk Analyst
Location: Pittsburgh, Pennsylvania
Travel: None. This position is onsite, in-office.
Benefits:
Top-tier compensation
Full-time, non-exempt hourly with full benefits (medical, dental, vision, life insurance/AD&D/short-term and long-term disability, 401(k) matching)
Training & Education Assistance
Paid Time Off (PTO)
Overview: As a Cyber Watch Desk Analyst, you will be a crucial part of our cybersecurity operations, working to ensure the security and integrity of our digital infrastructure. You will monitor our systems, identify system faults, detect potential threats, and assist in incident response, playing a pivotal role in safeguarding our organization from cyberattacks.
Essential Job Function and Responsibilities:
Real-Time Monitoring:
Continuously monitor network traffic, security alerts, and event logs to detect suspicious or anomalous activities.
Utilize security information and event management (SIEM) tools to assess the security posture.
Threat Detection and Analysis:
Analyze security alerts and reports to identify potential security incidents and vulnerabilities.
Investigate, document, and categorize security events based on their severity and potential impact.
Incident Triage and Response:
Assist in the initial triage of security incidents by following predefined incident response procedures.
Collaborate with incident response teams to coordinate and execute response efforts.
Reporting and Documentation:
Prepare and maintain detailed incident reports, including a timeline of events, actions taken, and recommendations for improvements.
Maintain accurate records of incidents, investigations, and responses.
Threat Intelligence:
Stay informed about the latest cybersecurity threats, vulnerabilities, and attack methodologies.
Use threat intelligence to enhance threat detection and response capabilities.
Security Awareness and Communication:
Provide timely updates and information to relevant stakeholders, including management and incident response teams.
Foster a culture of security awareness by promoting best practices and sharing threat insights.
Continuous Improvement:
Identify opportunities to enhance the efficiency and effectiveness of monitoring and response processes.
Contribute to the development of playbooks and procedures for different types of incidents.
Compensation is targeted at $25 per hour based on experience and certifications.
What's in it for you? Why work for Edgeworth:
We are growing! We want all candidates and employees to know that we are excited about the positive improvements we're making and our ongoing efforts to enhance our culture and provide an environment that promotes both professional growth and work-life balance. Our expansion brings exciting opportunities for progress and innovation as we adapt to new challenges. By embracing change, implementing effective processes, and exploring new technologies, we're continually improving. Together, with a shared focus on our goals, we're building a successful, dynamic company where everyone can thrive.
We value our employees and are invested in personal and professional growth, learning new skills, challenging yourself, and growing your career while doing meaningful work.
We look forward to the possibility of you joining our team.
Employees are our greatest asset. Here at Edgeworth Security, we embrace diversity, equity, and inclusion, and always strive to be better than we were yesterday.
EOE/Minorities/Females/Vet/Disability/Sexual Orientation/Gender Identity Edgeworth Security is an Equal Opportunity Employer committed to hiring a diverse workforce.
Edgeworth Security utilizes e-Verify to check employment authorization.
Requirements
Bachelor's degree in computer science, Information Security, or a related field is preferred.
Relevant certifications like CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are a plus.
Previous experience in a cybersecurity, incident response, or security operations center (SOC) role is beneficial.
Knowledge of security information and event management (SIEM) tools and security incident response procedures.
Strong analytical skills, attention to detail, and the ability to work under pressure.
Excellent communication and teamwork skills.
Respond swiftly and effectively to tickets/incidents in a high-pressure, fast-paced environment.
Maintain situational awareness in environments with loud sounds, bright lighting, and occasional strobe effects.
Salary Description $25/hour
Associate, Information Security Analyst I
Security Architect Job In Pittsburgh, PA
At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world's financial system we touch nearly 20% of the world's investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere.
We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about.
We're seeking a future team member for the role of Associate, Information Security Analyst I to join our Information Security Division - Cyber Operations. This role is located in Pittsburgh, PA - HYBRID.
Click here to view our Information Security Division Career Brochure.
In this role, you'll make an impact in the following ways:
Support the effectiveness of security-related operations.
Provide programming support for an operational area in information security.
Support the basic operations of a security sub-component.
Execute day-to-day operational security components.
Assist in implementing new versions of security software for existing technologies and architectures.
Review and analyzes basic data and information for business systems security.
Assist in ensuring that security concerns are addressed and mitigated.
Format and provide data needed for information security reports.
Contribute to the achievement of team objectives.
To be successful in this role, we're seeking the following:
Bachelor's degree in computer science or a related discipline, or equivalent work experience required.
Entry level years of experience required, related internship experience is a plus.
At BNY, our culture speaks for itself. Here's a few of our awards:
America's Most Innovative Companies, Fortune, 2024
World's Most Admired Companies, Fortune 2024
Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024
Best Places to Work for Disability Inclusion, Disability: IN - 100% score, 2023-2024
“Most Just Companies”, Just Capital and CNBC, 2024
Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024
Bloomberg's Gender Equality Index (GEI), 2023
Our Benefits and Rewards:
BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.
BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.
Associate, Information Security Analyst I
Security Architect Job In Pittsburgh, PA
At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world's financial system we touch nearly 20% of the world's investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere.
We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about.
We're seeking a future team member for the role of Associate, Information Security Analyst I to join our Information Security Division - Cyber Operations. This role is located in Pittsburgh, PA - HYBRID.
Click here to view our Information Security Division Career Brochure.
In this role, you'll make an impact in the following ways:
Support the effectiveness of security-related operations.
Provide programming support for an operational area in information security.
Support the basic operations of a security sub-component.
Execute day-to-day operational security components.
Assist in implementing new versions of security software for existing technologies and architectures.
Review and analyzes basic data and information for business systems security.
Assist in ensuring that security concerns are addressed and mitigated.
Format and provide data needed for information security reports.
Contribute to the achievement of team objectives.
To be successful in this role, we're seeking the following:
Bachelor's degree in computer science or a related discipline, or equivalent work experience required.
Entry level years of experience required, related internship experience is a plus.
At BNY, our culture speaks for itself. Here's a few of our awards:
America's Most Innovative Companies, Fortune, 2024
World's Most Admired Companies, Fortune 2024
Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024
Best Places to Work for Disability Inclusion, Disability: IN - 100% score, 2023-2024
“Most Just Companies”, Just Capital and CNBC, 2024
Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024
Bloomberg's Gender Equality Index (GEI), 2023
Our Benefits and Rewards:
BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.
BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.
Snowflake Architect
Security Architect Job In Pittsburgh, PA
Job Details
Role : Snowflakes Architect
Architecture Design:
Develop and implement scalable, high-performance data architectures using Snowflake to support payment processing, transaction analytics, and compliance reporting.
Data Modeling:
Design optimized data models tailored to payments data, enabling efficient data ingestion, processing, and retrieval for reporting and analytics.
Integration with Payment Systems: Collaborate with cross-functional teams to integrate Snowflake with payment processing systems (e.g., SWIFT, ACH, SEPA) and ensure smooth data flow across platforms.
Performance Optimization:
Identify and implement best practices for query performance, storage management, and resource optimization specific to payments data volume and complexity.
Compliance and Security:
Ensure data architecture complies with regulatory requirements (e.g., PCI-DSS, AML, KYC), including data encryption, access controls, and audit trails.
Data Governance:
Implement data governance frameworks within Snowflake, including data quality checks, lineage, and metadata management for payment data.
Real-Time Data Processing:
Design solutions to support real-time or near-real-time processing for payment transactions and monitoring, enabling timely insights and fraud detection.
This role requires designing, implementing, and optimizing data solutions using Snowflake for payment processing and analytics.
The ideal candidate will have extensive experience with data warehousing, cloud infrastructure, and payment systems, as well as a strong understanding of transaction data, compliance requirements, and high-performance architecture.
Payments Domain Knowledge:
In-depth understanding of payment processing systems (SWIFT, ACH, SEPA) and transaction data structures.
Data Modeling and Warehousing:
Strong skills in data modeling, data warehousing, and experience with large-scale data environments.
Compliance Knowledge:
Familiarity with regulatory requirements impacting payment data, including PCI-DSS, AML, and KYC.
Mandatory skills
Snowflake
SQL
Cloud platforms (AWS, Azure or Google Cloud Platform)
ETL tools (e.g., Informatica, Talend)
Python or Java is a plus
AI Security Researcher
Security Architect Job In Pittsburgh, PA
Are you a cybersecurity and/or AI researcher who enjoys a challenge? Are you excited about pioneering new research areas that will impact academia, industry, and national security? If so, we want you for our team, where you'll collaborate to deliver high-quality results in the emerging area of AI security.
The CERT Division of the Software Engineering Institute (SEI) is seeking applicants for the AI Security Researcher role. Originally created in response to one of the first computer viruses -- the Morris worm - in 1988, CERT has remained a leader in cybersecurity research, improving the robustness of software systems, and in responding to sophisticated cybersecurity threats. Ensuring the robustness and security of AI systems is the next big challenge on the horizon, and we are seeking life-long learners in the fields of cybersecurity, AI/ML, or related areas, who are willing to cross-train to address AI Security.
The Threat Analysis Directorate, is a group of security experts focused on advancing the state of the art in AI security at a national and global scale. Our tasks include vulnerability discovery and assessments, evaluation of the effectiveness and robustness of AI systems, exploit discovery and reverse engineering, and identifying new areas where security research is needed. We participate in communities of network defenders, software developers and vendors, security researchers, AI practitioners, and policymakers.
You'll get a chance to work with elite AI and cybersecurity professionals, university faculty, and government representatives to build new methodologies and technologies that will influence national AI security strategy for decades to come. You will co-author research proposals, execute studies, and present findings and recommendations to our DoD sponsors, decision makers within government and industry, and at academic conferences. The SEI is a non-profit, federally funded research and development center (FFRDC) at Carnegie Mellon University.
What you'll do:
* Develop state of the art approaches for analyzing robustness of AI systems.
* Apply these approaches to understanding vulnerabilities in AI systems and how attackers adapt their tradecraft to exploit those vulnerabilities.
* Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats to AI systems, and effectively participate in the broader security community.
* Study and influence the AI security and vulnerability disclosure ecosystems.
* Evaluate the effectiveness of tools, techniques and processes developed by industry and the AI security research community.
* Uncover and shape some of the fundamental assumptions underlying current best practice in AI security.
* Develop models, tools and data sets that can be used to characterize the threats to, and vulnerabilities in, AI systems, and publish those results. You will also use these results to aid in the testing, evaluation and transition of technologies developed by government-funded research programs.
* Identify opportunities to apply AI to improve existing cybersecurity research.
Who you are:
* You have a deep interest in AI/ML and cybersecurity with a penchant for intellectual curiosity and a desire to make an impact beyond your organization.
* You have practical experience with applying cybersecurity knowledge toward vulnerability research, analysis, disclosure, or mitigation.
* You have experience with advising on a range of security topics based on research and expert opinion.
* You have familiarity with implementing and applying AI/ML techniques to solving practical problems.
* You have familiarity with common AI/ML software packages and tools (e.g., Numpy, Pytorch, Tensorflow, ART).
* You have knowledge or familiarity with reverse engineering tools (e.g. NSA Ghidra, IDA Pro)
* You have experience with Python, C/C++, or low-level programming.
* You have experience developing frameworks, methodologies, or assessments to evaluate effectiveness and robustness of technologies.
* You have superb communication skills (oral and written), particularly regarding technical communications with non-experts.
* You enjoy mentoring and cross-training others and sharing knowledge within the broader community.
* You have BS in machine learning, cybersecurity, statistics, or related discipline with eight (8) years of experience; OR MS in the same fields with five (5) years of experience; OR PhD in the same fields with two (2) years of experience.
* Applicants with a solid technical background in AI/ML or cybersecurity, but not both, are encouraged to apply provided a strong desire to rapidly learn on the job.
You are able to:
* Travel to various locations to support the SEI's overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion (5%).
* You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance.
Why work here?
* Join a world-class organization that continues to have a significant impact on software.
* Work with cutting-edge technologies and dedicated experts to solve tough problems for the government and the nation.
* Be surrounded by friendly and knowledgeable staff with broad expertise across AI/ML, cybersecurity, software engineering, risk management, and policy creation.
* Get 8% monthly contribution for your retirement, without having to contribute yourself.
* Get tuition benefits to CMU and other institutions for you and your dependent children.
* Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave.
* Get access to university resources including mindfulness programs, childcare and back-up care benefits, a monthly transit benefit on WMATA, free transportation on the Pittsburgh Regional Transit System.
* Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies.
* Qualify for relocation assistance and so much more.
Location
Pittsburgh, PA
Job Function
Software/Applications Development/Engineering
Position Type
Staff - Regular
Full time/Part time
Full time
Pay Basis
Salary
More Information:
* Please visit "Why Carnegie Mellon" to learn more about becoming part of an institution inspiring innovations that change the world.
* Click here to view a listing of employee benefits
* Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.
* Statement of Assurance
Cyber Security Analyst with Top Secret Clearance
Security Architect Job In West Mifflin, PA
Opportunity
The Cyber Security Analyst will be responsible for the implementation, administration, and maintenance of automated cyber security tools on the enterprise C-Cure system including vulnerability management (scanning, patching), system firewall/intrusion detection, anti-virus, audit logs, peripheral port security, security hardening, and security compliance. The current cyber security tools being used are Nessus (scanning), IBM BigFix (patching), McAfee (system firewall/intrusion detection), McAfee (anti-virus), IBM QRadar (audit logs), lvanti (peripheral port security), Microsoft Group Policy Management (security hardening), Microsoft SCAP (security compliance), Microsoft Active Directory (account management), and Microsoft Windows System Backups.
Provide cyber security maintenance of the enterprise C-Cure system.
Deploy hardware and software patches to the respective C-Cure test/development servers.
Remediate all vulnerabilities that have been identified by the Nessus scans and update them in RSA Archer.
Deploy system firewall, intrusion detection, and anti-virus to the enterprise C-C re system.
Collect and monitor audit logs on the enterprise C-Cure
Lock down peripheral ports on the enterprise C-Cure
Apply security hardening to the enterprise C-Cure system in accordance with applicable DISA STIGs and vendor hardening guides.
Perform SCAP scans of the enterprise C-Cure system.
Manage and monitor Microsoft Active Directory accounts.
Setup and monitor Microsoft Windows systems backups.
Qualifications
Clearance Required: Top Secret or DOE Q clearance required prior to consideration.
Experience Required:
Have training or knowledge in the following vulnerability management products (or equivalent):
1) Nessus (scanning)
2) IBM BigFix (patching)
3) RSA Archer (remediation tracking tool).
Have training or knowledge in administration and use of Microsoft Windows Server 2016/2019, Microsoft Windows 10, and Microsoft SQL Server 2016/2017
Have training or knowledge in the following cyber security products (or equivalent):
1) McAfee (system firewall, intrusion detection, anti virus)
2) Elasticsearch (audit logs)
3) lvanti (peripheral ports)
4) Microsoft Group Policy Management (security hardening)
5) Microsoft SCAP (security compliance)
Microsoft Active Directory (account management)
and 6) Microsoft Windows system backups.
Have training or knowledge of the following areas (or Buyer approved equivalent):
Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGS)
About IMG
Founded in 1987, IMG is a leading small business that exemplifies competence, integrity and follow-through. We consistently provide customer focused professional services, which ensures our company is recognized for continually exceeding expectations. We believe that at the core of our success stand our people. Our people have provided professional services in the Information Technology field for our customers with a commitment to customer satisfaction for over 35 years.
IMG Benefits:
Health, dental, vision, and life insurance
Short term and long term disability insurance
401(k) with generous company match
Flexible Spending Accounts (FSA) and Health Savings Accounts (HSA)
Personal leave plus paid federal holidays
Professional development and training assistance
IMG is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.