Security architect jobs in Saint Peters, MO - 95 jobs

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Seramount, Fair360 and others. If you're as passionate about your future as we are, join our team. KPMG is currently seeking a Director, Tech Engineering to join our Tax Ignition Group. Responsibilities: * Lead the function of responding to clients' security inquires * Meet with clients to answer their security questions and negotiate compensating controls when there are gaps between client requirements and our product offerings * Drive innovation and improvement in the client security inquiry process such incorporating Artificial Intelligence into the process, creating additional collateral such as whitepapers, managing metrics, and improving the tooling and interactions with requestors * Partner with various groups within Tax's technology function and business teams to incorporate trends into product roadmaps; collaborate with other compliance teams, and raise awareness around client security requirements * Review and respond to client security questionnaires and assessments * Build and maintain a knowledge base of common client questions Qualifications: * Minimum ten years of recent experience in Information Technology (IT) security compliance, risk management or related IT security within a large IT organization, preferably within a professional services firm, software product, or other highly regulated environment * Bachelor's degree from an accredited college or university is preferred * Deep understanding of cloud architecture, modern software development, and technical security controls is required; Azure experience is preferred * Strong executive presence, negotiation, presentation, and communication skills are required; excellent analytical and problem-solving skills to assess complex security issues and develop effective solutions; capability to work effectively in a global environment, understanding diverse cultural perspectives and international client needs * Proven experience in client-facing roles, particularly in handling security inquiries, negotiations, and managing client relationships; demonstrated ability to drive innovation and continuous process improvement, particularly in integrating new technologies and methodologies into existing processes * Demonstrated knowledge of industry authoritative sources such as COBIT, NIST, ISO standards; CISM, CISA, ISO 27001 Auditor, LSS Green Belt, CRISC, CIPP, CGEIT or ITIL preferred * Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa KPMG LLP and its affiliates and subsidiaries ("KPMG") complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, KPMG is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year KPMG publishes a calendar of holidays to be observed during the year and provides eligible employees two breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at Benefits & How We Work. Follow this link to obtain salary ranges by city outside of CA: ********************************************************************** KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please. KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them. Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

We Are: Navisite, part of Accenture, has evolved to become a trusted digital transformation partner for growing and established global brands. We provide global capabilities, customer-centric solutions, and flexible approaches that are specifically rightsized for the needs of mid-market and small enterprise customers. This team specializes in digital transformation and managed services with deep expertise in cloud, infrastructure and application services dedicated to assisting clients in building a strong digital core. With experience across multiple cloud providers, enterprise applications and digital technologies, Navisite serves clients in the health and industrial, life sciences, technology, consumer goods and retail industries. Given their customer-centric solutions and flexible approaches, this team is adept at scaling our services for clients seeking to modernize and build more agile, resilient, and scalable businesses. The Navisite team of more than 1,400 members globally joined Accenture in January 2024. As part of Accenture, you will be working with an ambitious, collaborative team more empowered than ever to help customers modernize their IT for the AI era. You Are: An Enterprise Solution Architect with deep expertise in network architecture and cybersecurity who can translate complex requirements into clear, value‑led solutions. You engage confidently with C‑level executives and technical stakeholders, simplify risk and resilience decisions, and shape architectures that are secure, scalable, and compliant. As a Presales Solution Architect specializing in Security and Network, you will serve as the technical expert and trusted advisor during the sales process, designing secure, scalable, and compliant network and cybersecurity solutions tailored to customer needs and business objectives. You will collaborate closely with sales, engineering, product management, and customers (including C‑suite) to qualify opportunities, develop solution architectures, lead technical presentations/demonstrations, and ensure successful transition to delivery. The Work: You operate as a Solution Architect across opportunities from targeted upgrades to large multi‑tower managed services deals spanning enterprise networking (LAN/WAN/WLAN, SD‑WAN, cloud networking) and security stacks (NGFW, VPN/ZTNA/SASE, IDS/IPS, SIEM/XDR/SOAR, identity‑centric and Zero‑Trust models). You will co‑create solutions with clients; define operating models, SLAs, and KPIs; and align proposals to compliance frameworks and enterprise governance. Lead Pre‑Sales Architecture & Solutioning: * Design and articulate high‑level network and cybersecurity architectures that align with customer requirements, compliance standards, and enterprise IT strategies. * Define reference designs for SD‑WAN/SASE/Zero‑Trust, cloud networking (Azure/AWS/GCP), segmentation, firewalls, and secure remote access. * Build delivery models (operate, enhance, transform) with clear SLAs, KPIs, RACI, and transition plans. Qualify & Propose: * Collaborate with sales stakeholders to qualify opportunities and craft compelling technical proposals addressing risk, security posture, and network resilience. * Shape solution scope, assumptions, dependencies, and pricing inputs; contribute to SOWs and commercial terms with Legal/Commercial. Client Engagements & Demonstrations: * Lead client engagements, including technical demonstrations, proofs of concept, pilots, and security assessments to evidence value and feasibility. * Present architecture rationale, trade‑offs, and value realization to IT leadership, CISOs, and business executives. Trusted Advisory & Best Practices: * Advise customers on security best practices, emerging threats, network modernization, and resilience improvements. * Recommend controls and operating models aligned to ITIL, Zero‑Trust, and defense‑in‑depth principles. Technology Mastery: * Develop and maintain deep understanding of technologies such as firewalls, VPN/ZTNA, IDS/IPS, SIEM, XDR, SOAR, cloud security platforms, network observability, and automation. Compliance, Governance & Risk: * Ensure proposals meet enterprise security governance and regulatory compliance, including risk‑management frameworks and certifications relevant to customer environments (NIST, ISO 27001, PCI, SOC 2, FedRAMP, GDPR, etc.). * Lead internal Technology Delivery sign‑off aligning scope, risks, commercials, and feasibility. Cross‑Functional Handover & Delivery Readiness: * Partner with engineering, delivery, and product teams to ensure smooth handover, readiness, and successful implementation. * Where appropriate, support early deal stabilization to de‑risk transition. Thought Leadership: * Stay updated on industry trends, threat landscapes, and vendor roadmaps to continuously innovate offerings. * Support technical training, marketing presentations, and participation in industry events. Travel may range from 0% to 100% depending on deal stage, client discussions, and business need Qualification Here's what you need: * Minimum 8 years in a technology environment, specifically in a Network and Cybersecurity capacity * Minimum 5 years in solution planning, deal shaping, presales engineering, or enterprise solution architecture. * Minimum of 2 years of hands‑on experience and knowledge of network architectures (LAN/WAN, SD‑WAN/SDN, cloud networking) and security technologies: firewalls (Palo Alto, Cisco, Fortinet, Check Point), endpoint protection, IDS/IPS, SIEM/XDR/SOAR, ZTNA/SASE, VPN, and cloud security controls. * Understanding and familiarity with security frameworks and compliance standards (e.g., NIST, ISO 27001, FedRAMP, GDPR) and experience navigating customer accreditation processes. * Bachelor's degree or equivalent (12 years of work experience). If Associate's Degree: 6 years minimum relevant experience required Bonus Points if: * You have relevant certifications (one or more preferred): CISSP, CCNP Security/CCIE Security, PCNSE, NSE, AZ‑500/AZ‑700, AWS Security/Specialty, GSEC/GCIH/GCIA. * You have experience designing Zero‑Trust, SASE, micro‑segmentation, and cloud‑native security architectures; familiarity with automation/orchestration (Terraform, Ansible, Python). * You have strong understanding of ITIL service operations and managed‑service delivery models. Compensation at Accenture varies depending on a wide array of factors, which may include but are not limited to the specific office location, role, skill set, and level of experience. As required by local law, Accenture provides a reasonable range of compensation for roles that may be hired as set forth below. We accept applications on an on-going basis and there is no fixed deadline to apply. Information on benefits is here. Role Location Annual Salary Range California $73,800 to $218,800 Cleveland $68,300 to $175,000 Colorado $73,800 to $189,000 District of Columbia $78,500 to $201,300 Illinois $68,300 to $189,000 Maryland $73,800 to $189,000 Massachusetts $73,800 to $201,300 Minnesota $73,800 to $189,000 New York/New Jersey $68,300 to $218,800 Washington $78,500 to $201,300 Locations

Why Stifel Stifel strives for a culture that puts its clients and associates first: a culture where everyone belongs, everyone is welcome, and everyone contributes to the success of our clients, their careers, and the firm as a whole. Let's talk about how you can find your place here at Stifel, where success meets success. What You'll Be Doing The Sr Information Security Analyst plays a critical role in supporting the information security strategy. Reporting directly to the Chief Information Security Officer (CISO), this role is responsible for proactively assessing and mitigating security risks, monitoring for threats, developing security policies and procedures, regulatory reporting, metrics/KPIs, security risk management, security process integration, and collaborating with multiple departments to ensure the protection of sensitive data. The ideal candidate will possess a strategic mindset, advanced technical skills, and a deep understanding of cybersecurity trends and regulatory requirements. What We're Looking For • Develop, maintain, and enforce information security policies, standards, and guidelines. Ensure security practices align with regulatory requirements and industry best practices. • Work with IT, legal, compliance, and business units to integrate security measures into all aspects of the organization's operations. • Provide guidance on security practices and assist in awareness training. • Identify, assess, and mitigate security risks. Develop remediation plans to address identified risks. • Maintain in-depth knowledge of regulatory compliance requirements, such as FINRA, SEC, PCI-DSS, and applicable laws. • Assist in audits and ensure compliance with relevant regulations. • Evaluate, recommend, and implement security technologies and solutions to enhance the security posture. Provide strategic input on the selection and deployment of security tools and technologies. • Stay current on the latest cybersecurity threats, trends, and technologies. Continuously evaluate the threat landscape and recommend improvements. • Gather and analyze information security KPIs. What You'll Bring • Proven ability in information security principles, processes, tools, and the latest industry awareness and current knowledge. • Strong knowledge of NIST (800-53, CSF) and other information security frameworks. • Understanding of financial services regulatory environment • Experience with formal risk management. • Excellent analytical skills, logical thinking, and diagramming capability. • Strong and confident interpersonal and customer service skills; ability to interface with personnel from various departments and levels, both technical and non-technical. • Excellent organizational skills. Ability to prioritize multiple tasks and meet deadlines. Attention to detail and commitment to excellence. • Experience working in an ITIL-focused support organization with incident/request tickets. • Ability to work flexible schedules, including availability outside of normal working hours. • Knowledge of data privacy regulations is preferred. Education & Experience • Required: Bachelor's degree in information technology, Computer Science, or equivalent combination of cybersecurity certifications and experience. • Required: 6+ years of experience in information security. Licenses & Credentials • Certifications: CISSP, CISM, CISA, or similar are strongly preferred. Systems & Technology • Experience using industry-standard event logging platforms. • Solid understanding of information security tools and best practices. • Proficient with Windows 365. #LI-LL1 About Stifel Stifel is more than 130 years old and still thinking like a start-up. We are a global wealth management and investment banking firm serious about innovation and fresh ideas. Built on a simple premise of safeguarding our clients' money as if it were our own, coined by our namesake, Herman Stifel, our success is intimately tied to our commitment to helping families, companies, and municipalities find their own success. While our headquarters is in St. Louis, we have offices in New York, San Francisco, Baltimore, London, Frankfurt, Toronto, and more than 400 other locations. Stifel is home to approximately 9,000 individuals who are currently building their careers as financial advisors, research analysts, project managers, marketing specialists, developers, bankers, operations associates, among hundreds more. Let's talk about how you can find your place here at Stifel, where success meets success. At Stifel we offer an entrepreneurial environment, comprehensive benefits package to include health, dental and vision care, 401k, wellness initiatives, life insurance, and paid time off. Stifel is an Equal Opportunity Employer.

RiVidium Inc, (dba TripleCyber) is seeking an individiual to be responsible for the cybersecurity of a program, organization, system, or enclave. Responsibilites and abilites for this position shall include, but not limited to: Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk. Acquire necessary resources, including financial resources, to conduct an effective enterprise continuity of operations program. Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. Advise senior management (e.g., CIO) on cost/benefit analysis of information security programs, policies, processes, systems, and elements. Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture. Collect and maintain data needed to meet system cybersecurity reporting Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders. Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance. Ensure that security improvement actions are evaluated, validated, and implemented as required. Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment. Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s). Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture. Establish overall enterprise information security architecture (EISA) with the organization's overall security strategy. Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed. Evaluate cost/benefit, economic, and risk analysis in decision-making process. Identify alternative information security strategies to address organizational security objectives. Identify information technology (IT) security program implications of new technologies or technology upgrades. Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information. Interpret and/or approve security requirements relative to the capabilities of new information technologies. Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program. Lead and align information technology (IT) security priorities with the security strategy. Lead and oversee information security budget, staffing, and contracting. Manage the monitoring of information security data sources to maintain organizational situational awareness. Manage the publishing of Computer Network Defense guidance (e.g., TCNOs, Concept of Operations, Net Analyst Reports, NTSM, MTOs) for the enterprise constituency. Manage threat or target analysis of cyber defense information and production of threat information within the enterprise. Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection. Oversee the information security training and awareness program. Participate in an information security risk assessment during the Security Assessment and Authorization process. Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations. Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans. Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities. Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Ability to integrate information security requirements into the acquisition process; using applicable baseline security controls as one of the sources for security requirements; ensuring a robust software quality control process; and establishing multiple sources (e.g., delivery routes, for critical system elements). Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations. Requirements for this position shall include: Associate's degree or higher from an accredited college or university (Prefer an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree, or a degree in a Mathematics or Engineering field.) CISSP-ISSMP or GSLC - IAT, IAM, or IASAE Level 3 Certification

Company: The Boeing Company Boeing Classified Cybersecurity is currently seeking a highly motivated Cybersecurity - Information System Security Manager (ISSM) to join the team in Berkeley, MO. The selected candidate will rely on cybersecurity and Information Assurance (IA) background to be a technical leader and support Enterprise activities and Boeing customers throughout multiple classified computing domains. The ISSM is responsible for ensuring all Information System Security policies, standards, and directives are enforced to support assessment, authorization and continued operation of information systems processing classified information. Position Responsibilities: Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards Lead and implement the Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF) for new and existing information systems Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acknowledgement Letters (RAL) and support Continuous Monitoring (CONMON) Supervise configuration management of assigned systems; auditing systems to ensure security posture integrity Lead staff with assessments and test/analysis data to document state of compliance with security requirements Conduct risk assessments and investigations, implement appropriate risk mitigations, and coordinate incident response activities Conduct periodic hardware/software inventory assessments Serve as organization spokesperson on sophisticated projects and programs Act as advisor to management and customers on sophisticated technical research studies Collaborate with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements Additional Responsibilities: Supervise the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures Handle assigned team to facilitate effective execution of Risk Management Framework (RMF) Provide guidance and mentor to support team within Information Security Lead and perform security compliance continuous monitoring Coordinate and participate in security assessments and audits Prepare, review, and present technical reports and briefings Identify root causes, prioritize threats and recommend and/or implement corrective action Explore the enterprise and industry for evolving state of industry knowledge and methods regarding information security best practices Lead development of enterprise-wide information security policies, standards, guidelines and procedures that may reach across multiple partner organizations Basic Qualifications (Required Skills/Experience): Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC, or CISM) 5+ years of experience and/or education in IT, cybersecurity, or related fields 5+ years of experience with the Risk Management Framework (RMF), cybersecurity policies, and RMF implementation (e.g., DAAG, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series) 5+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS 3+ years of experience with cybersecurity leadership overseeing programs and teams, authorizing risk decisions, coordinating stakeholders, and improving security and compliance 3+ years of experience communicating complex technical risks, translating impact, and advising senior leaders Preferred Qualifications (Desired Skills/Experience): 5+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs 5+ years of experience assessing and documenting test or analysis data to show cyber security compliance Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies . Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary pay range: $130,900 - $177,100 Language Requirements: Not Applicable Education: Not Applicable Relocation: Relocation assistance is not a negotiable benefit for this position. Export Control Requirement: This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee. Safety Sensitive: This is not a Safety Sensitive Position. Security Clearance: This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) Visa Sponsorship: Employer will not sponsor applicants for employment visa status. Contingent Upon Award Program This position is not contingent upon program award Shift: Shift 1 (United States of America) Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. EEO is the law Boeing EEO Policy Request an Accommodation Applicant Privacy Boeing Participates in E - Verify E-Verify (English) E-Verify (Spanish) Right to Work Statement Right to Work (English) Right to Work (Spanish)

The Cyber Security Audit Engineer will manage a variety of technical security auditing capabilities, including a holistic auditing approach of applications, databases, servers, networking devices, and software. Responsible for demonstrating skills in assessing IT process and technology risks, identifying and evaluating the design of IT controls, designing, executing and documenting IT audit tests, and making initial determination of reportable issues. Assist with HIPAA / HITECH assessments, and data breach preparedness. Will work in close coordination with team members and other business owner's partners to carry our customer requirements. Job Description: ROLES and RESPONSIBILITIES: Design, build, implement and monitor a holistic audit program across the enterprise. Develop understanding of appropriate business aspects, IT risks, IT control requirements, processes and systems under review. Perform process and technology risk analysis with a cybersecurity mindset and focus, prepare process maps and flowcharts, prepare effective and efficient compliance and substantive technical approach; and execute in depth IT audit review. Perform assessment of IT process and security controls within information systems environment. Evaluate test results: accurately identify symptoms, root cause, problems, identify alternative controls and develop recommendations. Perform audit reviews of technology such as applications, databases, servers, networking devices (i.e., firewalls and routers), and security tools such as IDS/IPS, anti-malware, and authentication systems (e.g., Active Directory). Performing technology assessments in a wide variety of business environments, including: Information Technology Operational and Cyber Security Assessments in accordance with industry frameworks, such as COBIT 5, ISO 27001, ISO 27005, and NIST SP 800-30 and Cybersecurity Framework HIPAA Security Rule and HITECH Act Compliance Cloud Security Compliance Assisting clients with the performance of Business Impact Analyses (BIAs) along with the development of business continuity and disaster recovery plans (BCPs and DRPs); Assisting organizations with all aspects of data breach and information security Incident Response preparation and management Performing Service Organization Control Examinations in accordance with AICPA requirements (SOC 1 SSAE 16, SOC 2 AT 101, SOC 3 AT 101) Providing data classification services Developing information technology and security policies and procedures Providing trusted advisory services and guidance to clients that will reduce organizational risk and improve their overall cyber security posture Preparing reports and other deliverables that contain strategy, technical analysis, and findings in connection with our advisory and assessment engagements and communicating those results to client management Excellent technical and interpersonal skills required. Experience with Qualys / Nessus Vulnerability scanning tools. Cloud Experience a plus EXPERIENCE, QUALIFICATION AND EDUCATION Minimum of 5 of experience with Enterprise Network, DMZ, and Security infrastructure, including design, implementation, and ongoing management and troubleshooting required. Minimum of 5 years' experience in designing, developing, implementing, and managing solutions across cybersecurity domains (Cyber Defense, Threat and Vulnerability Management. Advanced Security Analytics, Data Security, Identity Management, Security Operations and Managed Security Services etc.) Three years or more of professional experience or job-related experience in Information Security, or Information Technology Extensive knowledge and skill of IT analysis which includes expertise in analyzing confidentiality, integrity, availability of complex IT systems. Familiarity with Secure Software Development practices Hands On experience with various programming languages or scripting languages and tools. Effective oral and written communication skills. Strong interpersonal skills and demonstrable leadership ability. Certifications in one or more of the following: CISSP, CWSP, CCNP, ACE, CCNP Security, Security+, or related. Familiarity with various operating system platforms (Linux, Windows) and databases security best practices for each. Strong analytical and problem-solving ability. Ability to work independently.

Seeking a Java / Node.js Engineer focused on application security remediation, technical debt reduction, and automated vulnerability fixes across multiple platforms. This role partners closely with InfoSec, QA, DevOps, and engineering teams to improve security posture using automation and GenAI-driven solutions. Key Responsibilities • Triage and remediate vulnerabilities from SAST, DAST, and SCA tools • Secure Java, Node.js, Ruby on Rails, and WordPress applications against common OWASP risks • Patch and upgrade third-party dependencies and harden application configurations • Validate fixes through regression testing and user flow checks • Integrate automated security and remediation into CI/CD pipelines • Build GenAI-assisted remediation workflows using AWS Bedrock or similar tools • Reduce technical debt, modernize legacy components, and harden cloud, container, and OS environments • Collaborate with InfoSec and QA teams to close security findings and rescans Required Skills & Experience • Strong hands-on experience with Java, Spring Boot, REST APIs, and secure coding • Proficiency in Node.js, Express.js, JavaScript/TypeScript • Working knowledge of Ruby on Rails and WordPress security • Experience with Veracode, Checkmarx, SonarQube, Snyk, or similar tools • Strong understanding of OWASP vulnerabilities and mitigation techniques • Experience with OAuth2/JWT, API security, Docker, Kubernetes, Linux, and AWS • Hands-on experience integrating security into CI/CD pipelines • Exposure to GenAI tools such as AWS Bedrock or CodeWhisperer Preferred Qualifications • Experience with microservices, cloud-native security, and DevSecOps • Familiarity with OWASP ASVS and threat modeling • Security certifications (CEH, CSSLP, OSCP) a plus

Compunnel Software Group is a New Jersey based premier information technology consulting & services company into this market for nearly two decades now; with close to two decades of experience in IT Industry which includes consulting, development, e-learning etc. Our company is going through a tremendous growth spurt and we are now interested in personnel like you to augment the work force in the company. We have several projects starting that we are staffing for. If you think you would like to become a consultant for Compunnel Software Group Inc ., please send me an updated copy of your resume along with a detailed summary of your work experience. I need a phone number to contact you. I look forward to possibly working with you on these positions. We offer specialized services to our clients to meet their business objectives. Successful solutions that are valued by our clients are in industry areas such as pharmaceuticals, telecommunications, banking, finance, manufacturing, publishing and consumer products. Job Description Position: Cloud Security Engineer Duration: 6+ months Location: St. Louis, MO, 63167 Must Have: Cloud Security Security Patches Cloud Security Automation Engineer Client is seeking a Cloud Security Automation Engineer with deep technical experience in securing cloud technologies. The successful candidate possesses out of the box thinking, the ability to collaboration with development team members, and experience with automation and solving end to end application/infrastructure security problems. Our mission is to design and build a highly secure cloud environment without sacrificing our developers' ability to quickly innovate and deliver world class software solutions. Responsibilities: • Define security best practices for our cloud platform and provide guidance to development teams. • Build tools to monitor for compliance of security policy and automate the resolution process. • Evangelize security throughout the enterprise and collaborate to help architect secure applications. • Research emerging technologies and build proof of concepts to investigate better ways of meeting our control objectives. • Collaborate with incident response, risk and compliance, product security and development teams to solve critical security problems. • Develop an AppSec pipeline and integrate it into the agile software development process. Required Qualifications: • BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field or equivalent experience. • At least 3 years of experience in Information Security and/or infrastructure engineering. • An accomplished security practitioner with a strong understanding of industry trends in all areas of security. • Experience with building IaaS cloud based solutions including AWS, Azure, etc.. and knowledge of their network security and IAM models. • Experience working with security vendors including evaluating and implementing new products. Desired Qualifications: • Expertise in common AWS services (CloudFormation, Route53, VPC, EC2, Lambda, etc...) and their security best practices. • Programming experience in JavaScript, Java, Scala, Python, Perl, Ruby, etc.. and their use in automating security and compliance. • Strong understanding of security technologies including host and network based protection and detection technologies. • Experience with vulnerability management (including: running vulnerability scans, creating reports, communicating with asset owners and giving remediation guidance). • Experience with continuous integration and automation tools (e.g. Jenkins, Chef, Puppet, Ansible). • Experience writing security white papers and/or presenting security products and technologies to diverse audiences. • CISSP or CSSLP (Certified Secure Software Lifecycle Professional) certification. Qualifications Must Have: Cloud Security Security Patches Additional Information All your information will be kept confidential according to EEO guidelines.

The Managed Service Security Engineer is responsible for monitoring, detecting, and responding to security incidents to protect client environments. This role involves the identification of vulnerabilities, analyzing security risks, responding to security operations service tickets, and implementing protective measures. The Security Engineer will also perform security audits, incident response, compliance-related activities and projects, and provide technical guidance and mentorship to analysts and support staff. PRINCIPAL DUTIES AND RESPONSIBILITIES: Client and Internal Support: Act as a point of contact and escalation to provide security-related support to clients and junior staff, addressing concerns, incidents, and queries in a timely manner. Security Monitoring: Configure and perform continuous security monitoring of client systems, networks, and applications for malicious activities or security breaches. Incident Response: Respond to security incidents, conduct investigations, containment, and remediation efforts to mitigate risks and protect client environments. Vulnerability Management: Identify, assess, and prioritize vulnerabilities in client systems, recommending and implementing mitigation strategies. Threat Intelligence: Utilize threat intelligence tools to identify potential risks and implement proactive defense recommendations. Compliance Support: Ensure client systems adhere to regulatory and compliance standards (e.g., PII, HIPAA, PCI-DSS) as required. Security Audits: Perform internal and external security audits, including the preparation, maintenance, and presentation of audit documentation. Documentation: Assist with the development and maintenance detailed records of security incidents, operational tasks, and system configurations in accordance with best practices. KNOWLEDGE, SKILLS AND ABILITIES: Education: Bachelor's degree in information technology, Computer Science, a related field, or additional years of relevant job experience. Experience: Minimum of 2-3 years of experience in an IT security or service role, preferably in a managed services environment. Certifications: Relevant certifications such as CASP+, CISSP, CEH, CompTIA Security+, or equivalent are preferred. Skills: Strong understanding of security frameworks (e.g., NIST, ISO 27001). Experience with security information and event management (SIEM) tools. Excellent analytical and problem-solving abilities. Strong communication and interpersonal skills for client-facing interactions. Ability to manage multiple security incidents and tasks simultaneously.

We are excited to add a new Senior Security Engineer role to our team and are seeking a local candidate who works best in a collaborative, on-site setting in the St. Louis area. Are you someone who is motivated by investigating security issues and strengthening environments end to end, this role could be for you! Why This Role: Highly technical, hands-on security role Opportunity to influence security strategy, tooling, and processes Close collaboration with infrastructure and architecture teams Newly created position with real influence What You'll Do: Recommend and implement new technologies, processes, and practices to enhance security Design and manage enterprise security platforms Support cloud security initiative Conduct risk and vulnerability assessments and support compliance efforts What You Bring: Over 7 years' experience in IT, including 3 years in security Strong background in systems, infrastructure, networking and security Security Experience (Azure, Microsoft 365, AD,) DevOps experience Python, Scripting, Powershell, etc. Critical thinking, problem-solving (find out root cause of issues/breaches, understands incident response), and strong communication skills If you are looking to work in a collaborative environment where security is a top priority and your expertise makes a direct impact, this offers that opportunity!

**About Us:** Proofpoint is a global leader in human- and agent-centric cybersecurity. We protect how people, data, and AI agents connect across email, cloud, and collaboration tools. Over 80 of the Fortune 100, 10,000 large enterprises, and millions of smaller organizations trust Proofpoint to stop threats, prevent data loss, and build resilience across their people and AI workflows. Our mission is simple: safeguard the digital world and empower people to work securely and confidently. Join us in our pursuit to defend data and protect people. **How We Work:** At Proofpoint you'll be part of a global team that breaks barriers to redefine cybersecurity guided by our BRAVE core values: **Bold** in how we dream and innovate **Responsive** to feedback, challenges and opportunities **Accountable** for results and best in class outcomes **Visionary** in future focused problem-solving **Exceptional** in execution and impact **POSITION SUMMARY** The Security Solutions Engineer is an information security expert responsible for assessing and improving the security posture of customer environments. The Security Solutions Engineer manages the technical aspects of customer systems and is primarily responsible for solution uptime, availability, policy development and problem troubleshooting. Security Solutions Engineers are also responsible for the technical development of various clients' security solutions such as: Proofpoint Protection Server, TAP, TRAP, and other Proofpoint products. Platform Engineers serve as an escalation point and mentor for other members of the team. Platform Engineers also help develop internal process, procedure, and drive collaboration across business units to help streamline service delivery. He or she must ensure that all tasks performed adhere to the firm's ISO 27001 Information Security Management System (ISMS). This includes participation in annual information and network security training and acceptance of spot checks on an ad hoc basis to guarantee that Proofpoint is constantly improving upon the organization's ISMS. Each member of our team must understand the importance of the ISMS and the corresponding handling of customer data. **DUTIES & ESSENTIAL JOB FUNCTIONS:** + Serve as an escalation point for other engineers on the team + Optimize security policies to protect against emerging threats and adhere to industry best practices + Create and develop custom solutions for managed security systems + Maximize system uptime, availability, and performance + Utilize internal CRM for problem tracking and project development + Assist the team in meeting all customer SLAs + Unsurpassed attention to detail, analytical problem-solving skills, and ability to diagnose and troubleshoot technical issues + Maintain awareness of industry trends, security news, and best practices + Take on-call rotation after hours and on weekends, serving as a point of escalation as necessary + Provide flexibility with schedule to cover job requirements + Ability to quickly and efficiently resolve client issues while maintaining high levels of client satisfaction + Lead technical discussions with customers and partnering organizations + Research and analyze industry trends and security vulnerabilities, in order to effectively communicate to customers any risk to their + environments and implement solutions to mitigate the risk + Administer and support lab environment to include change request review and approval, maintenance, and design **QUALIFICATIONS:** + Bachelor's Degree in Computer Science, Information Technology, or related discipline. Experience may be considered in lieu of a degree + Experience with Email Security + Corporate computer networking, technical support, system administration, Windows, Unix/Linux Operating System administration and/or + network security experience + Experience and proficiency in Proofpoint email security products, to include certification and training + Experience and proficiency designing and implementing Proofpoint solutions + High Level of critical thinking and proven ability to manage customer expectations high pressure situations + Proficiency in technical writing, diagraming, and communications. + Combine patience, determination, and persistence to troubleshoot client issues + Ability to work effectively with team members and clients + Desire to mentor junior engineers + Self-motivated, with ability to manage and follow up on multiple tasks simultaneously + Strong analytical capabilities, problem solving skills, providing solutions in a systematic and clear manner, and easily understood by + colleagues and customers + Strong time-management skills **PREFERRED** + Experience with Proofpoint email security products - PoD/TAP/TRAP + Expert in information security or network security + SQL or Oracle database experience + Regular expression experience + Scripting knowledge of Perl, Python, Java, or Bash + Proofpoint product certifications + Industry certifications such as CISSP, Network+, Security+, etc. + Experience working in Managed Services. \#LI-Remote **Why Proofpoint?** At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us: + Competitive compensation + Comprehensive benefits + Career success on your terms + Flexible work environment + Annual wellness and community outreach days + Always on recognition for your contributions + Global collaboration and networking opportunities **Our Culture:** Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to accessibility@proofpoint.com . **How to Apply** Interested? Submit your application along with any supporting information- we can't wait to hear from you! Consistent with Proofpoint values and applicable law, we provide the following information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets as set out below. Pay within these ranges varies and depends on job-related knowledge, skills, and experience. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable compensation and/or equity. We offer a competitive benefits package, including flexible time off, a comprehensive well-being program with two paid Wellbeing Days and two paid Volunteer Days per year, plus a three-week Work from Anywhere option. **Base Pay Ranges:** SF Bay Area, New York City Metro Area: Base Pay Range: 98,900.00 - 155,430.00 USD California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska: Base Pay Range: 78,800.00 - 123,805.00 USD All other cities and states excluding those listed above: Base Pay Range: 70,400.00 - 110,605.00 USD Proofpoint has been honored with six Best Places to Work Awards in 2024 by workplace culture leader Comparably, including Best Company Career Growth, Best Company Outlook, Best Global Culture, Best Engineering Teams, Best Sales Teams, and Best HR Teams. We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people. Our BRAVE Values: At Proofpoint, we are BRAVE in everything we do, and our values aren't just words-they shape how we work, collaborate, and grow. We seek people who are bold enough to challenge the status quo, responsive in the face of ever-evolving threats, and accountable for delivering real impact. We value those with a visionary mindset who anticipate what's next and push cybersecurity forward, and we celebrate exceptional execution that ensures we continue to defend data and protect people. Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability. Find your network, your allies, and your biggest fans. We know that work is simply better when you're surrounded by people who inspire you-who share ideas, cheer you on, and genuinely want to see you succeed. That's why we offer social circles, sponsored networks, and connection points across teams and time zones-to help you find your people, build your community, and thrive together. This isn't just a job-it's a mission to protect people and defend data in a world that never slows down. We're building the future of human-centric cybersecurity, and that future belongs to all of us. We take ownership, move fast, and hold ourselves accountable-because that's what it takes to stay ahead. And we do it together, winning as one. Be empowered to reach your full potential through meaningful challenges and personalized support-designed around you and your goals. Whether you're growing as a leader or leveling up from great to exceptional as an individual contributor, we're here to help you get there. Proofpoint is an equal opportunity employer, we hire without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Lead Security EngineerOverview Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Mission First, People Always As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber and physical threats, and it is our people on the frontlines who make this happen every day. By taking care of our people, their wellbeing, and career development, we provide them with the necessary tools and environment to ensure the success of our mission. Role The Business Security Enablement Guild (BSEG) is looking for a Lead Security Engineer to join us working out of our Vancouver office supporting the Next Gen DMP programs and initiatives. The Business Security Enablement Guild is a worldwide team of information security experts focused on helping Mastercard achieve its goals by ensuring security is at the heart of everything we do. The ideal candidate needs a high level of expertise in information security and secure engineering disciplines to advise product and operational teams on how to securely design applications and services following industry best practices. • Apply knowledge of security principles, theories and concepts to business and development life cycle. • Take a Lead Security Position in larger, complex, global and cross functional/cross geographies initiatives. • Work closely with developers to evaluate business requests to determine feasibility. • Provide and recommend optimal solutions to meet security and regulatory requirements in the design of new/enhanced systems. • Ensure established security policies and standards are observed on projects. • Document enhancements to security standards and procedures. • Prepare and present business/technical presentations. All About You • Degree in computer science/information security or work experience equivalent of 7-10 years in information security disciplines • CISSP or Industry recognized security certification desired. • Advanced knowledge of security domains, protocols and standards, experience with software development, security architecture and security designs. • Technical experience with Programming Languages • Security design and implementation of web-based security architecture for secure on-line transactions • Knowledge or technical security experience in Cryptography • Working knowledge of symmetric and asymmetric encryption, Digital Certificates, SSL, VPN, IPSec, development of DMZ's and other security tools and processes such as privileged identity management, file integrity, audit, logging and IDS/IPS. • Experience with automation of content federation and life-cycle management including OS images, binary packages and configuration management. • Intermediate to advanced hands-on scripting experience. • Moderate to extensive hands-on administrative and security experience with Linux systems NICE Framework References This Mastercard role shares knowledge, skills, and abilities with related NICE work roles. • SP-DEV-002, OPM622, Secure Software Assessor • SP-ARC-002, OPM652, Security Architect Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks come with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: • Abide by Mastercard's security policies and practices. • Ensure the confidentiality and integrity of the information being accessed. • Report any suspected information security violation or breach. • Complete all periodic mandatory security training courses in accordance with Mastercard's guidelines.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $140,000 - $231,000 USD

Are you interested in working in a dynamic environment that offers opportunities for professional growth and new responsibilities? If so, Deloitte & Touche LLP could be the place for you. Traditional security programs have often been unsuccessful in unifying the need to both secure and support technology innovation required by the business. Join Deloitte's Cloud Cyber Services team and become a member of the largest group of cybersecurity professionals worldwide. Recruiting for this role ends on 03/01/2026 Work You'll Do As a Cloud Security Architect (Manager), you will play an integral role in defining and assessing the client organization's cloud security strategy, architecture and practices. This individual's primary function is to provide cloud security planning, deployment and review expertise to project teams and client organizations in the Cyber space. Responsibilities include: + Lead the overall delivery of Cloud Cyber Risk projects in a project manager and or architect role, overseeing the activities of onsite and offshore engineers and architects across 8 key cyber domains: Governance, Identity, Application Security, PaaS security, Infrastructure security, Security Monitoring, Resilience and Data protection + Assist in business development activities such as defining scope of services, building resource estimates and related pricing, packaging proposals and supporting the delivery of the proposal to the client for AWS, GCP, Azure and/or Oracle Cloud services + Function as the primary client day to day interface building rapport and trust with the client + Function as an expert in CNAPP, CWPP and CSPM technologies and security risk frameworks relevant to cloud as well as the industry leading benchmarks + Review and oversee the generation of all project deliverables such as assessment reports, system designs/ architectures and risk/security recommendations + Assist clients with security frameworks, cloud configuration standards and resolving cloud vulnerabilities + Lead the execution of cloud security engagements during different phases of the lifecycle - assess, design, and implementation. + Lead engagements to perform technical health checks for cloud platforms/environments prior to broader deployments. + Oversee technical support for AWS, GCP, Azure and/or Oracle cyber services and resolve service-related issues through research and troubleshooting and working with vendors. + Conduct cloud security analysis, recommendations and configurations of prospective clients' platforms and environments based on Deloitte's Cloud Cyber Risk Framework. + Perform technical health checks for these cloud platforms/environments prior to broader deployments including DevSecOps and CI/CD pipelines + Assist clients with transitions to using cloud services such as tenant setup and service configuration, focused on cloud cyber risk mitigation. Additional technologies include: MFA, SSO, Conditional Access, PIM, Security Operations tooling and scanning solutions + Assist clients with the deployment of third-party technologies to assist in securing the cloud platform such as firewall, WAF, PAM and cloud workload protection. + Assist clients with configuration and delivery of cloud security and compliance reports. + Provide technical support for AWS, Azure, GCP, Oracle, Wiz, Snyk and third-party security services and resolve service-related issues through research and troubleshooting and working with third-party vendors. + Implementation of industry leading practices around Azure, AWS, GCP, Wiz, Snyk and cloud security services for clients. + Designing and developing cloud-specific security policies, standards and procedures e.g., tenant, management group and subscription management and configuration, identify management and access control, firewall management, auditing and monitoring, security incident and event management, data protection (DLP, encryption), user and administrator account management, SSO, conditional access controls and password/key management. + Troubleshooting system level problems in a multi-vendor, multi-protocol network environment. + Documenting platform technical issues, analysis, client communication, and resolution as part of cyber risk mitigation steps. + Executing on cloud security engagements during different phases of the lifecycle - assess, design, and implementation & post-implementation reviews. + Implementing industry leading practices around cyber risks and cloud security for clients. + Provide internal cloud and DevSecOps security technical training to Advisory personnel as needed. + Acting as a subject matter specialist on cloud cyber risk for the cloud platforms. + Manage to Point-of-Views (PoVs) on providing leading practices to our clients on the cyber challenges they face. + Contribute to eminence activities, such as whitepapers pertaining to cloud security capabilities. + Support talent process in the manager role such as for recruiting and coaching. The team Deloitte's Cloud Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Qualifications: + 6+ years of experience in technical consulting, client problem solving, architecting and designing solutions in a consulting role with project leadership and/or architect experience in AWS, GCP, Azure, Oracle, Wiz and/or Snyk ; with a security focus strongly preferred + 2+ years of hands-on technical experience designing and implementing security solutions for leading Cloud service providers across SPI models and environments (Public, Private, Hybrid) + 2+ years working experience designing cloud security architectures and strategies for enterprises + 2+ years working with Cloud security industry standards such as Cloud Security Alliance (CSA), ISO/IEC 27017 and NIST CSF + 2+ years working experience with Cloud security technologies/vendors (e.g., IAM, SIEM, IDS) and/or providers (e.g., Okta, CipherCloud, AlertLogic), a big plus + 2+ years working with Cloud orchestration and automation (Continuous Integration and Continuous Delivery (CI/CD)) in single and multi-tenant environments + 3+ years working with CNAPP, CSPM or CWPP technologies or planning for large-scale deployments of these technologies + BA/BS Degree preferably in a Technical field (ex. Computer Science, Cyber Security, Information Security, Engineering, Information Technology) + Maintain strong domain knowledge of multi-hyperscaler cloud solutions and security concepts and technologies + Experience with and leading use of leading cyber tooling for cloud such as Wiz and Snyk + Limited sponsorship may be available Required: + Locations include: Houston, Dallas, Cleveland, Detroit, St. Louis, Pittsburgh, Boston, Charlotte, Atlanta, Miami, Memphis, Denver, Phoenix, Salt Lake City, Los Angeles, San Diego, San Franciso, Seattle. Must be within a reasonable commute and willing to work part-time in the Deloitte and/or client offices + Ability to travel up to 80%, on average, based on the work you do and the clients and industries/sectors you serve Preferred: + Previous Consulting or Big 4 experience preferred. + Industry or Vendor Security Certifications such as CCSP or other cloud architect domains + Experience with Virtualization including security for at least one or more of the following: Compute, Network, Storage, End-point, Application + Experience designing IAM technologies and services + Experience or strong working knowledge of managing enterprise security infrastructure and perimeter security appliances - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology + Experience with Azure data, analytics, or AI/ML services (Azure SQL, HDInsight, Databricks, Data Factory, Data Lake Storage, Azure Analysis Services, Synapse Analytics, Azure Machine Learning, etc.) + Understanding of industry security standards, guidelines and regulatory/compliance requirements related to information security and cloud computing such as ISO 27001, ISO 27018, NIST CSF, NIST 800-53, PCI DSS, SOC2, HIPAA, PCI, SOX, GLBA, etc. The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $144,200 to $265,600 You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. 'Information for applicants with a need for accommodation: ************************************************************************************************************ All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Candidates can live within commutable distance to any Slalom office in the US. We have a hybrid and flexible environment. Who You'll Work With As a modern technology company, we've never met a technical challenge we didn't like. We enable our clients to learn from their data, create incredible digital experiences, and make the most of new technologies. We blend design, engineering, and analytics expertise to build the future. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. We are seeking an experienced AWS Security Architect with deep expertise in AWS cloud architecture, native & external security services, and regulatory compliance to provide advisory and delivery services aligned with the standards of a top-tier consulting firm. This role will partner with enterprise clients to design, assess, and implement secure AWS environments that meet business, compliance, and regulatory requirements. This role requires a strong blend of hands-on technical capabilities, architectural leadership, and client-facing advisory skills. As a trusted advisor, you will lead security strategy sessions, assess current cloud security postures, and deliver AWS-native and third-party solutions that align with best practices. You will work across multiple industry verticals, collaborating with engineering, security, risk, and compliance teams, and guiding clients through security transformation journeys and ensuring AWS adoption is secure, compliant, and resilient. This is a strategic technical consulting role suited for individuals who are passionate about cloud security, compliance, and helping clients adopt secure architectures in regulated environments. Key Responsibilities * Serve as a client-facing advisor, providing strategic guidance on cloud security transformation, governance, and operating models. * Lead cloud security assessments, maturity evaluations, and gap analyses, producing recommendations aligned with regulatory frameworks (e.g., NIST, ISO 27001, CIS, PCI DSS, HIPAA). * Design and implement AWS-native security architectures leveraging IAM, KMS, CloudTrail, Security Hub, GuardDuty, Macie, Detective, and Control Tower. * Establish governance, risk, and compliance (GRC) frameworks for AWS adoption, including policy-as-code and automated compliance monitoring. * Define and implement identity and access management (IAM) strategies, including federation, least privilege, and Zero Trust principles. * Guide clients in adopting secure application and data architectures, including encryption, data loss prevention, and secure API integrations. * Support incident response and forensics readiness through AWS-native logging, monitoring, and detection services. * Collaborate with DevOps and platform teams to integrate security into DevOps pipelines (DevSecOps) with automation for vulnerability management, code scanning, and compliance validation. * Collaborate with client executives to articulate cloud security roadmaps, business cases, and investment priorities. * Partner with internal teams to develop accelerators, templates, and reusable security patterns that improve time-to-value for clients. * Author client deliverables such as risk assessments, security architecture design documents, gap analyses, and roadmap plans. * Provide thought leadership via security workshops, executive briefings, and architecture reviews. * Stay current with AWS service releases, regulatory changes, and emerging cyber risks to inform recommendations. Core Qualifications * 8+ years of IT security experience with at least 4+ years focused on AWS security. * Proven consulting experience delivering security assessments, compliance programs, and cloud security roadmaps for enterprise clients. * Strong expertise in AWS security services (i.e. IAM, KMS, CloudTrail, GuardDuty, Macie, Security Hub, Detective, WAF, Shield). * Deep knowledge of cloud governance, risk management, and regulatory compliance frameworks (NIST, ISO, CIS Benchmarks, SOC 2, HIPAA, PCI DSS) and experience designing or assessing AWS environments aligned with these frameworks. * Hands-on experience embedding security into DevOps/DevSecOps pipelines and Infrastructure-as-Code (Terraform, CloudFormation, AWS CDK). * Experience designing ransomware detection, response, and business resilience strategies in AWS including backup, recovery, and isolation patterns. About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position, the target base salary pay range in the following locations: Boston, Houston, Los Angeles, Orange County, Seattle, San Diego, Washington DC, New York, New Jersey, for Consultant level is $119,000-$147,500 and for Senior Consultant level it is $136,500-$169,500 and for Principal level it is $151,000-$187,500. In all other markets, the target base salary pay range for Senior Consultant level it is $125,000-$155,500 and for Principal level it is $138,500-$172,000. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. We will accept applications until 3/31/2026 or until the positions are filled. We are committed to pay transparency and compliance with applicable laws. If you have questions or concerns about the pay range or other compensation information in this posting, please contact us at: ********************. EEO and Accommodations Slalom is an equal opportunity employer and is committed to attracting, developing and retaining highly qualified talent who empower our innovative teams through unique perspectives and experiences. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team or contact ****************************** if you require accommodations during the interview process.

Why Stifel Stifel strives for a culture that puts its clients and associates first: a culture where everyone belongs, everyone is welcome, and everyone contributes to the success of our clients, their careers, and the firm as a whole. Let's talk about how you can find your place here at Stifel, where success meets success. What You'll Be Doing The Security Engineer II - Threat and Vulnerability is responsible for identifying, assessing, and mitigating security risks across Stifel's environments. This role emphasizes detecting vulnerabilities, ensuring secure configurations, and driving remediation efforts to strengthen the firm's overall security posture. The Security Engineer II leverages technical expertise, automation, and programming skills to improve the efficiency and accuracy of vulnerability detection, reporting, and response processes. What We're Looking For • Research, analyze, and evaluate emerging threats, vulnerabilities, and exploits across on-premises and cloud environments. • Monitor and correlate threat intelligence feeds to identify relevant tactics, techniques, and procedures (TTPs). • Apply frameworks such as MITRE ATT&CK, OWASP, and CVSS to assess severity, exploitability, and business impact. • Identify, assess, and manage vulnerabilities across cloud platforms such as AWS, Azure, or GCP, including misconfigurations and exposed services. • Utilize CSPM and CWPP tools like Prisma Cloud, Defender for Cloud, and Wiz to detect, track, and report vulnerabilities. • Collaborate with cloud, DevOps, and IT teams to remediate vulnerabilities and integrate security controls into infrastructure and pipelines. • Implement and maintain secure configuration standards across servers, endpoints, databases, network devices, and cloud resources. • Perform regular configuration audits and compliance checks using frameworks such as CIS Benchmarks, NIST 800-53, and DISA STIGs. • Develop and maintain automation scripts or integrations with Python, PowerShell, Bash, JavaScript to streamline scanning, reporting, and data correlation. • Integrate vulnerability management tools with SIEM, SOAR, and ticketing systems via APIs to improve workflow efficiency. • Create dashboards and data visualizations to enhance threat visibility and remediation tracking. • Track and verify remediation progress, ensuring alignment with defined SLAs, risk priorities, and compliance requirements. • Communicate technical findings, risks, and remediation guidance clearly to both technical and non-technical stakeholders. What You'll Bring • Advanced understanding of security control environment such as access control, logging, authentication, encryption, integrity, etc. • Demonstrated experience managing vulnerabilities in both on-premises and cloud environments. • Experience coordinating corporate-wide initiatives for obtaining security-related assurances. • Familiarity with federal and state legal and regulatory requirements related to information security. • Understand the advanced tenets of security risk management and defense-in-depth practices. • The ability to combine pieces of information to form general rules or conclusions. Education & Experience • Preferred: Bachelor's degree in Cybersecurity, Information Security, Computer Science, Management Information Systems, or equivalent work experience. • Minimum Required: 2+ years' of experience in cybersecurity or IT with exposure to vulnerability management, configuration management, or cloud security. • Preferred: Experience developing automation or integrations via APIs or scripting. • Strong understanding of analyzing and incorporating threat intelligence. • Experience with ticketing systems, office productivity, reporting, and technical documentation software. • Exposure to systems monitoring tools and logging tools Licenses & Credentials • Preferred credentials: CompTIA Security+, CompTIA PenTest+, AWS, Azure, GCP, or equivalent cloud certification. Systems & Technology • Proficient in Microsoft Excel, Word, PowerPoint, and Outlook. • Proficient with programming or scripting languages like Python, PowerShell, Bash, etc., for automation and tool integration. • Proficient with numerous versions of Microsoft Windows, Linux, Mac, and Web Browsers. • Hands-on experience with vulnerability management tools such as Tenable, Qualys, Rapid7. • Familiar with cloud security frameworks and CSPM solutions like Prisma Cloud, Microsoft Defender for Cloud, and Wiz. #LI-LL1 #LI-DL1 About Stifel Stifel is more than 130 years old and still thinking like a start-up. We are a global wealth management and investment banking firm serious about innovation and fresh ideas. Built on a simple premise of safeguarding our clients' money as if it were our own, coined by our namesake, Herman Stifel, our success is intimately tied to our commitment to helping families, companies, and municipalities find their own success. While our headquarters is in St. Louis, we have offices in New York, San Francisco, Baltimore, London, Frankfurt, Toronto, and more than 400 other locations. Stifel is home to approximately 9,000 individuals who are currently building their careers as financial advisors, research analysts, project managers, marketing specialists, developers, bankers, operations associates, among hundreds more. Let's talk about how you can find your place here at Stifel, where success meets success. At Stifel we offer an entrepreneurial environment, comprehensive benefits package to include health, dental and vision care, 401k, wellness initiatives, life insurance, and paid time off. Stifel is an Equal Opportunity Employer.

Company: The Boeing Company The Boeing Defense, Space & Security (BDS) Air Dominance (AD) Product Security Engineering (PSE) organization is seeking an Experienced Product Security Engineer to provide technical support for product cyber security and resiliency engineering for embedded systems through requirements, design, analysis, build, test, production, operations, support and sustainment in the Air Dominance Phantom Works current/future portfolio in Hazelwood, MO You are going to be part of Boeing's AD PSE Organization, which is a growing multi-disciplinary cybersecurity engineering organization, that is responsible for the cyber security and resiliency of our embedded systems within products, platforms, and services. This is your opportunity to shape and influence Product Security Engineering across the BDS AD portfolio of products. The AD PSE team's portfolio spans exciting programs such as F/A-18 Super Hornet/Growlers, F-15 Eagle, MQ-25 Stingray, T-7A Red Hawk, and multiple Phantom Works efforts. The selected candidate must be able to consistently, pro-actively recognize and work through a wide range of challenges and bring to resolution. This position involves implementing appropriate security controls and requirements per JSIG, DoD and ICD 503 RMF, NISPOM, or DoD Overprint to the NISPOM as required by customers. In joining Boeing, you are going to be a part of a diverse multi-disciplined team of engineers, operating in an agile environment, using the latest tools and methodologies! Develop your technical competence as well as your leadership skills at a company with huge potential for long-term career growth. At Boeing, we value your curiosity, your determination, and your imagination. Position Responsibilities: Support the development, implementation, and sustainment of product security for Phantom Works avionics systems, throughout the requirements, design, analysis, build, test, production, operations, support and sustainment lifecycle Coordinate with partners and system-of-systems product security counterparts for requirements, activities, artifacts, and solutions Coordinate with other engineering stakeholders - systems, software, and hardware - advising on the results of security analysis - to develop secure architectures and designs Assist in establishing, and integrating standards and processes for product security engineering for embedded avionics development, and meet applicable program/certification requirements Utilize the Risk Engineering digital thread to inform product requirements surrounding cyber survivability against specified cyber threats - by performing criticality, adversity, threat analysis for avionics systems Assist in risk reduction and technology maturation activities - where appropriate - resulting in innovative solutions in product and services offering Implements appropriate security controls and requirements per JSIG, DoD and ICD 503 RMF, NISPOM, or DoD Overprint to the NISPOM Support inputs for planning, scheduling, risks, issues, and opportunity activities for cyber security Support team building, leading cross-functional teams, motivating and engaging team member, and inspiring work groups through daily interactions. Travel (up to 10%) is required for meetings with customers, suppliers and/or internal meetings. This position is expected to be 100% onsite. The selected candidate will be required to work onsite at the listed location. The role on the team may require obtaining certifications such as Security+ or CISSP to comply with contract requirements. This position requires an ability to obtain and maintain an active Secret U.S. Security Clearance. An interim and/or final U.S. Secret Clearance Post-Start is required. Basic Qualifications (Required Skills/Experience): Bachelor of Science degree from an accredited course of study in engineering, computer science, mathematics, physics or chemistry 1+ years of experience in development of avionics computer systems 3+ years' experience and ability to identify risk, new opportunities and engage with stakeholders to define, plan, resource and deliver solutions 3+ years' experience assisting with the development of cybersecurity philosophies, patterns, requirements, secure architectures and designs 3+ years' experience coordinating and presenting technical content to a diverse audience, as well as preparing technical documentation Knowledge of cyber security incident response protocols (identification, impact assessment, containment, remediation, evidence handling, technical reporting, etc.) and safeguarding information. Preferred Qualifications (Desired Skills/Experience): Master's or higher degree in engineering (e.g., aerospace, mechanical) or material science 5+ years' related work experience or an equivalent combination of education and Experience in product cyber security for avionics systems and component level development Experience performing adversity (threat) analysis, security risk assessments, and maturing the analysis throughout the development lifecycle - to inform requirements, and design Experience generating product cyber security artifacts for customer/certifiers Security certification is desired (e.g. CISSP); Please state/include on resume Typical Education/Experience (Expert Level 3): Education/experience typically acquired through advanced technical education from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), computer science, engineering data science, mathematics, physics or chemistry (e.g. Bachelor) and typically 5 or more years' related work experience or an equivalent combination of technical education and experience or non-US equivalent qualifications. In the USA, ABET accreditation is the preferred, although not required, accreditation standard. Relocation: This position offers relocation based on candidate eligibility. Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies. Shift: This position is for 1st shift. Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Please note that the salary information shown below is a general guideline only. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary pay range: Level 3: $128,350-163,200 Language Requirements: Not Applicable Education: Not Applicable Relocation: This position offers relocation based on candidate eligibility. Export Control Requirement: This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee. Safety Sensitive: This is not a Safety Sensitive Position. Security Clearance: This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret Clearance Post-Start is required. Visa Sponsorship: Employer will not sponsor applicants for employment visa status. Contingent Upon Award Program This position is not contingent upon program award Shift: Shift 1 (United States of America) Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. EEO is the law Boeing EEO Policy Request an Accommodation Applicant Privacy Boeing Participates in E - Verify E-Verify (English) E-Verify (Spanish) Right to Work Statement Right to Work (English) Right to Work (Spanish)

Job Description Seeking a Java / Node.js Engineer focused on application security remediation, technical debt reduction, and automated vulnerability fixes across multiple platforms. This role partners closely with InfoSec, QA, DevOps, and engineering teams to improve security posture using automation and GenAI-driven solutions. Key Responsibilities • Triage and remediate vulnerabilities from SAST, DAST, and SCA tools • Secure Java, Node.js, Ruby on Rails, and WordPress applications against common OWASP risks • Patch and upgrade third-party dependencies and harden application configurations • Validate fixes through regression testing and user flow checks • Integrate automated security and remediation into CI/CD pipelines • Build GenAI-assisted remediation workflows using AWS Bedrock or similar tools • Reduce technical debt, modernize legacy components, and harden cloud, container, and OS environments • Collaborate with InfoSec and QA teams to close security findings and rescans Required Skills & Experience • Strong hands-on experience with Java, Spring Boot, REST APIs, and secure coding • Proficiency in Node.js, Express.js, JavaScript/TypeScript • Working knowledge of Ruby on Rails and WordPress security • Experience with Veracode, Checkmarx, SonarQube, Snyk, or similar tools • Strong understanding of OWASP vulnerabilities and mitigation techniques • Experience with OAuth2/JWT, API security, Docker, Kubernetes, Linux, and AWS • Hands-on experience integrating security into CI/CD pipelines • Exposure to GenAI tools such as AWS Bedrock or CodeWhisperer Preferred Qualifications • Experience with microservices, cloud-native security, and DevSecOps • Familiarity with OWASP ASVS and threat modeling • Security certifications (CEH, CSSLP, OSCP) a plus

Company: The Boeing Company Boeing Classified Cybersecurity is currently seeking a highly motivated Cybersecurity - Information System Security Officer (ISSO) to join their team in Berkeley, MO, Hazelwood, MO, or Saint Charles, MO. The selected candidate will rely on Cybersecurity and Information Assurance (IA) background to be a technical leader and support Enterprise activities and Boeing customers throughout multiple classified computing domains. The ISSO is responsible for maintaining and implementing all Information System Security policies, standards, and directives to ensure assessment and authorization of information systems processing classified information. Limited telecommuting opportunities may be available. Position Responsibilities: Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards Lead and implement the Assessment and Authorization (A&A) processes under the Risk Management Framework (RMF) for new and existing information systems Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acknowledgement Letters (RAL) and support Continuous Monitoring (CONMON) Oversee configuration management of assigned systems; auditing systems to ensure security posture integrity Lead staff with assessments and test/analysis data to document state of compliance with security requirements Conduct risk assessments and investigations, execute appropriate risk mitigations, and oversee incident response activities Conduct periodic hardware/software inventory assessments Serve as organization spokesperson on advanced projects and programs Act as advisor to management and customers on advanced technical research studies Interface with the appropriate government customers, suppliers, and company personnel to implement protective mechanisms and to ensure understanding of and compliance with cybersecurity requirements Additional Responsibilities: Oversee the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures Manage and perform security compliance continuous monitoring Oversee and participate in security assessments and audits Prepare, review, and present technical reports and briefings Identify root causes, prioritizes threats and recommends and/or implements corrective action Explore the enterprise and industry for evolving state of industry knowledge and methods regarding information security best practices Basic Qualifications (Required Skills/Experience): IAM Level 1 DoD 8140.03 (previously 8570.01) compliant certification (i.e. , Security+ CE, CAP, CISSP, CASP, CISM, GSLC) 3+ years of combined experience and/or education in cybersecurity, IT, or a related field 3+ years of experience with the Risk Management Framework (RMF), cybersecurity policies, and RMF implementation (e.g., DAAG, CNSSI 1253, ICD-503, JSIG, or NIST SP 800 series) 3+ years of experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include NESSUS, ACAS, DISA STIGs, SCAP, Audit Reduction, and HBSS Preferred Qualifications (Desired Skills/Experience): Active Top Secret Security Clearance Currently hold certification in good standing to satisfy IAM Level III (CISSP, GSLC or CISM) 3+ years of experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs 3+ years of experience assessing and documenting test or analysis data to show cyber security compliance Drug Free Workplace: Boeing is a Drug Free Workplace where post offer applicants and employees are subject to testing for marijuana, cocaine, opioids, amphetamines, PCP, and alcohol when criteria is met as outlined in our policies . Pay & Benefits: At Boeing, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities. The Boeing Company also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work. The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements. Pay is based upon candidate experience and qualifications, as well as market and business considerations. Summary pay range: $105,400 - $142,600 Language Requirements: Not Applicable Education: Not Applicable Relocation: Relocation assistance is not a negotiable benefit for this position. Export Control Requirement: This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a “U.S. Person” as defined by 22 C.F.R. §120.62 is required. “U.S. Person” includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee. Safety Sensitive: This is not a Safety Sensitive Position. Security Clearance: This position requires an active U.S. Secret Security Clearance (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active) Visa Sponsorship: Employer will not sponsor applicants for employment visa status. Contingent Upon Award Program This position is not contingent upon program award Shift: Shift 1 (United States of America) Stay safe from recruitment fraud! The only way to apply for a position at Boeing is via our Careers website. Learn how to protect yourself from recruitment fraud - Recruitment Fraud Warning Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law. EEO is the law Boeing EEO Policy Request an Accommodation Applicant Privacy Boeing Participates in E - Verify E-Verify (English) E-Verify (Spanish) Right to Work Statement Right to Work (English) Right to Work (Spanish)