Security architect jobs in Smyrna, TN

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations. Technical Implementation: Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points. Configure, administer, and secure Active Directory and Azure AD environments. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture. Security Operations: Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts. Lead technical response efforts during security incidents or breaches in coordination with the incident response team. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access. Conduct routine vulnerability assessments and threat analysis to support continual improvement. Perform digital forensics and incident response activities as needed. Compliance: Ensure adherence to HIPAA and all applicable regulatory and security standards. Design and implement technical safeguards that protect sensitive information and support organizational objectives. Collaboration: Partner with IT and business teams to embed security controls into systems, applications, and workflows. Educate and support staff on cybersecurity awareness, best practices, and evolving threats. Documentation: Create and maintain accurate documentation for security configurations, procedures, and incident activity. Remain informed on current cybersecurity trends and recommend enhancements to existing controls. Security Audits: Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards. Security Standards and Policies: Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements. Security Infrastructure Maintenance and Monitoring: Configure, troubleshoot, and maintain security-related hardware and software. Implement and manage monitoring tools to detect intrusions and potential security breaches. Security Strategy Development: Support the planning, execution, and ongoing refinement of the organization's information security strategy. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives. Perform additional duties as assigned. Minimum Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required. Minimum Experience: Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment. Certifications: Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.

Knoxville, TN | Cybersecurity Engineer | Full-time We are actively recruiting a Cybersecurity Engineer for our client in Knoxville, TN. This is a hybrid direct placement opportunity that will require some onsite work in Knoxville. The successful candidate will be responsible for the design, implementation, and ongoing management of advanced cybersecurity measures to protect sensitive data, systems, and networks. This role involves hands-on work with a wide range of security technologies, development and enforcement of security protocols, and proactive risk mitigation. The engineer collaborates with cross-functional IT teams to integrate security solutions into enterprise projects and ensure compliance with applicable regulatory requirements, including HIPAA. Must have a minimum of five years' experience in cybersecurity engineering, with a proven track record in designing and implementing security solutions within an enterprise environment. Due to client request, candidates must be eligible to work in the United States without sponsorship. Equal Opportunity Employer/Veterans/Disabled

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** The Principal Information Security Architect provides subject matter expertise for multiple, complex security systems, including developing security architectures and roadmaps, and evaluating, planning and designing security solutions. Additionally, the Principal Architect provides subject matter expertise to Product, IT, Network, and Security teams in the implementation of recommended solutions for identified technical security issues; ensures the implementation of security solutions utilizing advanced technical expertise; serves as architecture lead on major projects with the ability and expertise to develop overall architectural direction; initiates and executes advanced research and development activities of significance to future business security strategies. **The Main Responsibilities** + Drives beneficial security change into the business through the development or review of architectures to ensure that they fit business requirements for security, mitigate risks, conform to the relevant security standards, and balance information risk against the cost of appropriate countermeasures. + Develops and designs new security solutions to reduce risk and align business requirements with security standards. Supports vendor relationships; leads vendor reviews through RFx process, working with Procurement and appropriate business partners on requirements and success criteria. Supports development of business case and approval process. + Delivers guidelines, best practices, and direction on security standards/policies and roadmaps. Provides subject matter expertise, consultation, and escalation support. + Provides support to Security Review process by assisting with complex questions and projects. Work with business units and partners as needed. + Acts as liaison between the business and technology from a security perspective, maintains an overview of the environment as a whole and its security aspects, understands business strategy and how it relates to security strategy, acts as a liaison between appropriate regulatory bodies, IT auditors, and business stakeholders, educates IT and enterprise roles on the need for (and consequences of) reducing information-related risk, and ultimately drives organizational change at all levels of the business. **What We Look For in a Candidate** Required: + Bachelor's degree in computer science, engineering, or related field with 15+ years of relevant experience or + Master's degree in computer science, engineering, or related field with 12+ years of relevant experience. + Applicable professional/technical certifications must be in place, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA. + Knowledge of information security industry and regulatory obligations (ISO 27001/27002, NIST Framework, FISMA, FedRAMP, and GDPR). + Software development experience. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure \#LI-Remote **What to Expect Next** Requisition #: 340981 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name.

Role OverviewThe Principal Cloud Security Architect evaluates cloud architectures, identity models, permissions, and security controls across large-scale environments. This role focuses on identifying architectural risks, misconfigurations, and long-term security design gaps. What You'll Do- Assess cloud architectures (AWS, Azure, GCP) for security gaps - Review IAM configurations, network segmentation, and resource policies - Identify misconfigurations, privilege risks, and insecure patterns - Summarize architectural flaws and provide structured mitigation guidance - Validate alignment with security frameworks and best practices - Support recurring assessments of cloud environments and deployment patterns What You BringMust-Have:- Deep experience in cloud security architecture - Strong understanding of IAM, network design, and cloud service models - Ability to document complex architectures in clear, structured form Nice-to-Have:- Experience with multi-cloud, zero-trust, or high-compliance environments

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies As a Consultant or Senior Consultant, you will collaborate with cross-functional teams, including IT, security, and business units, to design and implement Google Cloud-based application innovation solutions. You will work alongside experienced cloud architects, data scientists, and other specialists, ensuring the successful delivery of scalable, cloud-native applications and AI-powered solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. For this position the base salary pay ranges are listed below. In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. East Bay, San Francisco, Silicon Valley: * Consultant: $120,000-$177,000 * Senior Consultant: $140,000-$203,000 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Consultant: $110,000-$162,000 * Senior Consultant: $130,000-$186,000 All other locations: * Consultant: $105,000-$148,000 * Senior Consultant: $115,000-$171,000 EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process. We are accepting applications until 12/31.

Precision Resources, a division of the Trimarc Group Inc., is currently assisting a client with their search for an experienced AWS Security Architect. An AWS Security Architect is a specialized cybersecurity professional who designs, implements, and manages security strategies for cloud-based systems. They ensure that cloud environments and applications are secure, compliant, and resilient against threats. This involves defining security policies, implementing security controls, and continuously monitoring and improving the overall cloud security posture. Key Responsibilities: Designing Secure Cloud Architectures - Creating secure blueprints for cloud infrastructure, encompassing network security, access controls, data encryption, and more. Implementing Security Controls - Setting up and configuring security tools and technologies like firewalls, intrusion detection systems, and identity and access management solutions. Developing Security Policies - Creating and enforcing policies that govern how data and resources are accessed and used within the cloud environment. Conducting Security Assessments - Regularly evaluating the security of cloud systems, identifying vulnerabilities, and recommending remediation steps. Incident Response - Participating in the investigation and resolution of security incidents that may occur in the cloud environment. Staying Updated - Keeping abreast of the latest cloud security threats, vulnerabilities, and best practices. Collaboration - Working with other teams, like developers and operations, to integrate security into the entire cloud lifecycle. Essential Skills: Cloud Platform Expertise - Deep knowledge of AWS it's respective security services. Security Principles - Strong understanding of core security concepts such as encryption, authentication, authorization, and network security. Risk Management - Ability to assess and mitigate security risks within the cloud environment. Scripting and Automation - Proficiency in scripting languages (e.g., Python, PowerShell) for automating security tasks and building security tools. Communication and Collaboration - Excellent communication and interpersonal skills to effectively work with various teams and stakeholders. To upload your resume and apply directly, please visit: https://evoportalus.tracker-rms.com/PrecisionResources/apply?jobcode=1273

Your Work Shapes the World at Caterpillar Inc. When you join Caterpillar, you're joining a global team who cares not just about the work we do - but also about each other. We are the makers, problem solvers, and future world builders who are creating stronger, more sustainable communities. We don't just talk about progress and innovation here - we make it happen, with our customers, where we work and live. Together, we are building a better world, so we can all enjoy living in it. ERP SAP Application Security Analyst The Caterpillar Information Technology ERP SAP Application Security team is seeking a Senior IT Applications Analyst. As a member of the ERP Application Security team, you will be responsible for safeguarding the integrity, confidentiality, and availability of ERP systems by designing, implementing, and managing security policies and procedures. This role involves analyzing business requirements, configuring ERP roles and authorizations, monitoring user access, and ensuring compliance with internal and external regulations. What You Will Do: * Design, implement, and maintain SAP ERP security roles and authorizations to meet business and compliance requirements. * Use established ERP change and transport management methodology to promote approved changes to production. * Monitor and manage user access, segregation of duties (SoD), and privileged accounts within the ERP environment. * Track and resolve incidents, service requests, and system changes, ensuring proper documentation and compliance with change control processes. * Identify opportunities to optimize current processes, enhance system performance, and improve user experience. * Support technical and operational go-lives for deployments and software upgrades. * Participate in regular security audits, risk assessments, and vulnerability analyses to identify and address potential issues. * Collaborate with business stakeholders, IT teams, and auditors to ensure security controls align with organizational policies and regulatory standards. * Provide support for request and incident response, troubleshooting, and resolution of security-related ERP issues. * Maintain documentation of security policies, procedures, and changes within the ERP landscape. * Drive internal projects as needed to maintain client integrity. Top Candidates Will Have: * Excellent analytical, problem-solving, and communication skills. * AI skills for automation of manual team tasks * Expertise with audit processes, SOX compliance, and risk management principles. * Ability to support Sap Governance Risk and Control AC/PC * ECC to S4 conversion knowledge Skills Descriptors: * Core Application Systems: Knowledge of major production application systems used for delivery services to internal and external clients; ability to leverage major production application systems in diverse situations. * IT Standards, Procedures & Policies: Knowledge of Information Technology (IT) standards and policies; ability to utilize a variety of administrative skills sets and technical knowledge to manage organizational IT policies, standards, and procedures. * Business Process Improvement: Knowledge of business process improvement best practices and ability to use methods for identifying, evaluating, introducing, and implementing more efficient approaches to performing business related activities. * Accuracy and Attention to Detail: Understanding the necessity and value of accuracy; ability to complete tasks with elevated levels of precision. * Problem Solving: Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply knowledge of problem solving appropriately to diverse situations. * Application Design, Architecture: Knowledge of basic activities and deliverables of application design; ability to utilize application design methodologies, tools and techniques to convert business requirements and logical models into a technical application design. Implementation: Knowledge of how to run applications for organizations; ability to implement application software within an organization and help end-users perform specific tasks (ex: accounting or graphic design). * Requirements Analysis: Knowledge of tools, methods, and techniques of requirement analysis; ability to elicit, analyze and record required business functionality and non-functionality requirements to ensure the success of a system or software development project. * System Testing: Knowledge of system and software testing; ability to design, plan and execute system testing strategies and tactics to ensure the quality of software at all stages of the system life cycle. * Technical Troubleshooting: Knowledge of technical troubleshooting approaches, tools, and techniques; ability to anticipate, recognize, and resolve technical issues on hardware, software, application or operation. Additional Information: * Location for this role is Peoria, IL, Dallas, TX or Nashville, TN * This role requires 5 days onsite. * SPONSORSHIP IS NOT AVAILABLE. * This position may require 10% travel. * Relocation is not available. What You Will Get: * Our goal at Caterpillar is for you to have a rewarding career. Our teams are critical to the success of our customers who build a better world. * Here you earn more than just a salary because we value your performance. We offer a total rewards package that provides benefits on day one (medical, dental, vision, RX, and 401K) along with the potential of an annual bonus. Additional benefits include paid vacation days and paid holidays. * All qualified individuals - Including minorities, females, veterans, and individuals with disabilities - are encouraged to apply. About Caterpillar - Caterpillar Inc. is the world's leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. For nearly 100 years, we've been helping customers build a better, more sustainable world and are committed and contributing to a reduced-carbon future. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed. Summary Pay Range: $110,520.00 - $165,840.00 Compensation and benefits offered may vary depending on multiple individualized factors, job level, market location, job-related knowledge, skills, individual performance and experience. Please note that salary is only one component of total compensation at Caterpillar. Benefits: Subject to plan eligibility, terms, and guidelines. This is a summary list of benefits. * Medical, dental, and vision benefits* * Paid time off plan (Vacation, Holidays, Volunteer, etc.)* * 401(k) savings plans* * Health Savings Account (HSA)* * Flexible Spending Accounts (FSAs)* * Health Lifestyle Programs* * Employee Assistance Program* * Voluntary Benefits and Employee Discounts* * Career Development* * Incentive bonus* * Disability benefits * Life Insurance * Parental leave * Adoption benefits * Tuition Reimbursement * These benefits also apply to part-time employees This position requires working onsite five days a week. Visa Sponsorship is not available for this position. This employer is not currently hiring foreign national applicants that require or will require sponsorship tied to a specific employer, such as, H, L, TN, F, J, E, O. As a global company, Caterpillar offers many job opportunities outside of the U.S which can be found through our employment website at **************************** Posting Dates: December 18, 2025 - December 30, 2025 Any offer of employment is conditioned upon the successful completion of a drug screen. Caterpillar is an Equal Opportunity Employer, Including Veterans and Individuals with Disabilities. Qualified applicants of any age are encouraged to apply. Not ready to apply? Join our Talent Community.

**Weekly Schedule:** Monday- Friday: 9am-5pm **Primary Responsibilities** + Manages solution design from conception, through ARB, to delivery + Primarily responsible for producingarchitecture documentation forsecurityapplications as assigned and as projects and programs of work dictate + Maintains First Horizon'sSecurityArchitecture Pattern Inventory (across identity, data, application, network, and cloud) as a member of the Core EnterpriseArchitecture Team + Leadssecuritydesign workshops and POC efforts for new (security) capabilities + Validates 3rd Party/Vendor Solutions forsecurityconcerns + Aligns InformationSecurityTechnology strategy and planning with First Horizon's business goals and objectives + Promotes the use of a shared infrastructure and application roadmap to reduce costs and improve how assets are secured + Builds and maintains technical trusted advisor relationships with influential technical decision makers within Technology + Works with engineers to ensure that technical solutions as delivered align with InformationSecurityStandards and Policies + Works with Portfolio technology leaders to include IT Risk and SecurityException initiatives in portfolio roadmap + Manage Encryption Standards: key management, tokenization for payments, DLP/classification/handling;architect PCI DSS segmentation boundaries and compensating controls. + Manage Network/Zero Trust Standards: microsegmentation across Azure and colocation; secure branch/office connectivity; define workload identity and continuous verification patterns; enforce least privilege. + Detection/telemetry: Publish Splunk logging schema, retention, and correlation strategies; onboard logs from Azure, Colo, API Gateways, IAM, CyberArk, MFaaS, and core platforms; drive ATT&CK‑aligned detections and forensic readiness. + Secure SDLC and supply chain: Operationalize threat modeling; collaboratively define CI/CD control overlays with DevOps; establish artifact signing/SBOM standards; ensure secrets handling and container/Kubernetes baselines where applicable. + Governance and risk: Maintain control overlays mapped to FFIEC/GLBA/PCI/NIST; lead design reviews; manage exceptions with remediation timelines; produce audit-ready decision records in partnership with the CISO team. + Payments and third-party/SaaS: Define intake andsecurityrequirements for MFaaS, Salesforce, ServiceNow, FIS/Fiserv/Bottomline integrations-identity, logging, data handling, and PCI scoping. + Physicalsecurityintegration: Align building access, video, and visitor systems with identity and logging patterns; coordinate incident playbooks with Corporate/PhysicalSecurity. + Enablement and influence: Mentor seniorarchitects and engineering associates; lead communities of practice; communicate strategy, benefits, and trade-offs to executives and delivery teams. **Requirements** + Bachelor's degree in Computer Science, Management Information Systems, or related field + (12+) years of InformationSecurityexperience + (7+) years of SecurityArchitecture + Experience in regulated financial services + Experience with Azuresecurityarchitecture across multi-tenant/region and hybrid environments; strong Zero Trust and network segmentation expertise + Regulatory fluency: FFIEC, GLBA, PCI DSS; practical NIST CSF/800-53 mapping; MITRE ATT&CK‑aligned detection design. + Experience with technical documentation like interaction diagrams, process diagrams, network topologies and otherarchitectural content + Experience with Agile/SAFe methodologies + Experience with EnterpriseArchitecture Governance: ARB/design councils, exception handling, and audit narratives; ability to set and harmonize enterprise standards. **Certifications/Licensures** + Strongly preferred: CISSP or CompTIASecurity+ Microsoft AzureSecurityEngineer or Azure SolutionsArchitectExpert + Preferred: CCSP; CISM or CRISC; SANS GCSA or GCLD; PCI Professional (PCIP) or equivalent GIAC enterprise defense/IR certifications **Skills And Competencies** + Ability to adapt to new technologies and learn quickly + Enterprisearchitectural leadership across identity, cloud, application, data, and networksecurity. + IAM for associates (Entra ID, Active Directory) and clients (TransmitSecurity, ForgeRock/Ping, or Okta); OAuth/OIDC; phishing-resistant MFA/passkeys; PAM integration and privileged pathway design. + IntegrationSecurity: FAPI, OAuth2.0, FDX, mTLS, rate limiting, schema validation, abuse/bot mitigation, CIAM integration, OWASP, and high-quality telemetry to Splunk. + Secure SDLC and supply chain: threat modeling, pipelinesecurity, artifact signing/SBOM, dependency hygiene, and secrets management. + Communication, influence, and enablement: ability to translate risk to business impact, drive adoption, and coach peers and engineers. + Ownership and execution: measurable risk reduction, pattern adoption, and cross‑team collaboration. **About Us** First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ******************** (https://urldefense.com/v3/\_\_https:/********************/\_\_;!!Cz2fjcuE!hpq9hPnrucZCPIAVPojVESItIq-FPzhurNdCrQ3JE8Rkx3gMd70nIk6\_kmPxl66\_oJCEsXs0gNunPowMAMHCmBYPOtUxUGI$) . **Benefit Highlights** - Medical with wellness incentives, dental, and vision - HSA with company match - Maternity and parental leave - Tuition reimbursement - Mentor program - 401(k) with 6% match - More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook (****************************************** X formerly Twitter LinkedIn (*************************************************** Instagram YouTube (********************************************************** Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor.

Job Requirements & Qualifications: •Designs, put into practice, administers, and supports multiple information security platforms, systems, and applications. Supports a variety of technologies in a hands-on manner. •Performs internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies. (Examples include directory services, database platforms, client and server operating systems, programming languages, web services, firewalls, remote access technologies, messaging platforms, encryption solutions, wireless technologies, internally-hosted applications, externally-hosted applications, and cloud services). •Supports defined Company operating principles via effective, pragmatic information security controls. Analyzes, defines, implements, and administers efficient business processes related to information security programs. Represents the information security function through pragmatic consultation and participation in a defined SDLC. •Maintains knowledge of current and up-and-coming security, compliance, and technical developments. Identifies present and prospective future vulnerabilities and collaborates with suitable leaders to identify, recommend, and develop risk remediation plans, ad to track remediation outcomes and timelines. •Works with the information security management team to administer, maintain, and continuously improve HIPAA, PCI DSS, SOX, and internal controls compliance programs, investigate known or suspected security incidents, support internal and external audits, and assist in the development of appropriate audit response Management Action Plans. •Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements. •Uses project management best practices to initiate, manage, and close projects, often simultaneously across a variety of projects. Creates and maintains a variety of documents related to projects and information security. •Guide and cross-train junior department team members lead meetings construct and uphold strong partnerships with multiple departments coordinate vendor support engagements etc. Knowledge, Skills, and Abilities •Knowledgeable with and ability to apply time-proven, generally-accepted security management concepts, techniques, and methodologies. •Strong understanding of pragmatic implementation of information security controls, holistic defense-in-depth strategies, protocols used to interconnect networks, and publish application resources. •Strong, efficient written and verbal communication skills that enables effective communications to multiple audiences. •Ability to occasionally work unscheduled shifts and in an on-call capacity and be available for occasional travel (up to 25%). •Strong internal (security recommendations) and external (vendor support) negotiation skills. •Ability to influence and encourage others. •Strong understanding of PCI, HIPAA, and SOC regulatory requirements. •Development/analysis proficiency in one or more scripting languages. •Development/analysis proficiency in TSQL. •Capability to learn and preserve new skills required to adapt to growing business and technical environments. •Strong perceptive of present and emergent information security technologies and trends. Qualifications Work Experience and/or Education •Bachelor's and/or Master's degree in information security or computer information systems. •6+ years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives. •Active CISA, CISSP, or CISM certification. •Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AS400, PAN OS, AIX, Cisco IOS, etc.) enterprise services (e.g. directory services, email, web publishing, database, virtualization, etc.) content management, client-server, and collaboration, thin-client, and web-based applications enterprise applications (e.g. Lawson) cloud services (e.g. SaaS, IaaS, etc.) data storage, etc. •Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management. Additional Information

Manager of Information Security Why VIVA HEALTH? VIVA HEALTH, part of the renowned University of Alabama at Birmingham (UAB) Health System, is a health maintenance organization providing quality, accessible health care. Our employees are a part of the communities they serve and proudly partner with members on their healthcare journeys. VIVA HEALTH has been recognized by Centers for Medicare & Medicaid Services (CMS) as a high-performing health plan and has been repeatedly ranked as one of the nation's Best Places to Work by Modern Healthcare. Benefits Comprehensive Health, Vision, and Dental Coverage 401(k) Savings Plan with company match and immediate vesting Paid Time Off (PTO) 9 Paid Holidays annually plus a Floating Holiday to use as you choose Tuition Assistance Flexible Spending Accounts Healthcare Reimbursement Account Paid Parental Leave Community Service Time Off Life Insurance and Disability Coverage Employee Wellness Program Training and Development Programs to develop new skills and reach career goals Employee Assistance Program See more about the benefits of working at Viva Health - ******************************************* Job Description The Manager of Information Security oversees and mentors a team of security engineers while remaining hands-on in designing, implementing, and monitoring security measures that safeguard the organization's digital assets. This individual will need a broad and strategic knowledge of principles, practices, and procedures in information security to plan, design, develop, execute, and support critical systems and projects. This role will lead the planning, design, enforcement, and audit of enterprise-wide security policies and procedures which safeguard the integrity of and access to enterprise systems, files, and data elements while actively engaging in tactical execution. This position will continuously assess, refine, and implement data security strategies proactively advising leadership with actionable risk assessments and security briefings. This individual evaluates and deploys emerging technologies, collaborates across IT Operations and Development, and strengthens organizational resilience by championing employee education, security culture, security best practice, and continuous improvement. This role drives value by balancing leadership responsibilities with direct technical contributions, ensuring scalable protection aligned with future business growth. Key Responsibilities Direct and actively contribute to day-to-day security operations. Perform hands on technical work in daily security operations while guiding team performance. Lead the development and enforcement of comprehensive, scalable security policies and frameworks. Recommend, implement, and optimize security protections across enterprise systems. Conduct and oversee vulnerability assessments, mitigation, and remediation strategies. Monitor and interpret threat intelligence using organizational tools. Research, identify, and deploy solutions that strengthen the organizations cyber defense posture. Detect, investigate, and resolve potential security breaches. Participate in the vetting and management of third-party vendors and business associates. Drive enterprise-wide risk assessments with quantifiable, business-aligned outcomes. REQUIRED QUALIFICATIONS: Bachelor's Degree in Information Systems or related field or equivalent work experience 7 years of I.T. environment experience with progressive responsibilities 3+ years management experience in I.T. Expertise in risk assessment tools, methodologies, and data-driven decision-making Proficiency of security platforms such as: endpoint detection and response (EDR), internet traffic for both onsite remote users, and intrusion prevention (IDS/IPS/DLP) Knowledge of databases (MSSQL/MongoDB/MySQL) Advanced skills in Azure cloud including Purview and Defender Hands on experience in penetration testing and vulnerability management Knowledge of firewall and intrusion detection/prevention protocols Proven ability to lead system administration and security across diverse environments (Windows, UNIX, Linux) Skilled in drafting, enforcing, and scaling security policies, standards, and procedures Strong communicator who can translate complex security risks into actionable business terms for executives Ability to read and use the results of mobile code, malicious code, and anti-virus software PREFERRED QUALIFICATIONS: CISSP, CISM, or equivalent advanced certifications Knowledge of disaster recovery, computer forensic tools, technologies, and methods Strong understanding of software development frameworks and code review Knowledge of virtualization technology

Job DescriptionEast Tennessee company is seeking an ISSO to join their growing team. This position requires candidates to currently have or can obtain a federal security clearance so US citizenship is required. This position will be required to work onsite in Oak Ridge Tennessee. Duties and Responsibilities:The ISSO is a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization. The ISSO provides direction to IT and infrastructure support personnel on the application of security patches and secure configurations. Routine collaboration and consultation with the ISSM regarding the design, development, integration, and analysis of unclassified information systems. Under general supervision, the candidate is responsible for performing a full range of Information Assurance functions in support of the security needs of the ISSM.Primary Responsibilities: Provide assistance to the ISSM and CISO in the certification and accreditation (C&A) of systems/networks and implementation of cybersecurity requirements and procedures across the client site. Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures and as outlined in applicable System Security Plans (SSPs). Perform documented procedures for authorizing users to access information systems. Develop and maintain SSPs for system C&A. Manage Plans of Action and Milestones to closure for information systems under accreditation. Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices. Escalate questions/concerns/issues to more senior-level staff as required. Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls. Identify, promote, and make recommendations for process improvements. Assist with annual self-inspections, system certification testing, periodic security testing, and functional testing on systems/networks. Ensure compliance of all network equipment with applicable DOE and ORNL requirements Other duties as assigned for support within the program. Basic Qualifications: Bachelor's degree with 5-7 years of relevant experience (ex. cybersecurity assessments, risk management, cybersecurity policy, and compliance, etc.). An equivalent combination of education and experience may be considered. Ability to obtain and maintain a DOE Q security clearance or equivalent is required. Strong analytical and organizational skills as well as problem solving capabilities to understand Cybersecurity risk and exposure (legal, regulatory violations, etc.) to ORNL. Demonstrated experience implementing compliance frameworks (NIST, etc) Excellent interpersonal, verbal, written, and presentation communication skills. Thorough understanding of industry standards and regulations including NIST 800-53, NIST Risk Management Framework, and NIST Cybersecurity Framework (CSF). Working knowledge of privacy regulations and impacts. Ability to work independently, meet deadlines, and uphold high ethical standards. Preferred Qualifications: Active DOE Q or TS security clearance or equivalent. Master's degree in information assurance or related field with 4-6 years of relevant experience working in an information security, information technology or information risk management related field. Cybersecurity certifications (CISSP, CISA, CISM, CRISC, CCSP, SSCP) and Incident Response Certification Privacy management, cybersecurity, evaluating security controls, identifying control gaps, and mitigating measures along with a strong understanding of business practices and technology concepts. Highly motivated individual with an enthusiasm for governance, risk and compliance who can communicate benefits and drive success. Demonstrated background in governance, risk, and compliance. Experience in obtaining Authority to Operate (ATO) for DOE government systems.

Abacus Technology is seeking an Information Systems Security Officer (ISSO) to provide security and information assurance support for the Air Force Intranet Control (AFINC) III Support program at Maxwell AFB/Gunter Annex. This is a full-time position. Responsibilities Perform security analysis of operational and development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted industry and government standards. Implement the Assessment and Authorization (A&A) processes under the Risk Managed Framework (RMF) for new and existing information systems. Maintain a current authorization to operate (ATO), and approval to connect (ATC) (if required), and in implementing corrective actions identified in the plan of action and milestones. Facilitate development of Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA) and Risk Acceptance Letters. Develop an Information System Continuous Monitoring (ISCM) strategy and monitor any proposed or actual changes to the system and its environment to maintain compliance. Audit systems to ensure security posture integrity. Conduct assessments and test/analysis data to document state of compliance with security requirements. Conduct risk assessments and investigations, recommend implementation of risk mitigations, and coordinate incident response activities. Conduct periodic hardware/software inventory assessments. Supervise the development and deployment of program information security for all program systems to meet the program and enterprise requirements, policies, standards, guidelines and procedures. Manage assigned team to facilitate effective execution of the RMF. Coordinate and participate in security assessments and audits. Prepare, review, and present technical reports and briefings. Register, maintain, verify, submit exceptions, conduct annual review, or decommission systems ports, protocols, and services (PPS) as necessary to ensure compliance with the DoD PPS Category Assurance List (CAL) and DoD PPS Vulnerability Assessment reports. Qualifications 5+ years experience in a cyber security or information assurance role including at least 3 years supporting the RMF. HS diploma or GED. Must be CISM or CISSP certified (or hold an equivalent certification in compliance with DoD 8140/8570 IAM II). Must hold the Certified in Governance, Risk and Compliance (CGRC) certification and have participated in training for DISA ACAS Supervisor and Operator and DISA Enterprise Mission Assurance Support Service (eMASS). Additional certifications such as CCNA or Microsoft Certified: Information Security Administrator Associate preferred. Experience with DoD cybersecurity policies and implementation of Risk Management Framework (RMF): e.g. NIST SP 800 series, CNSSI 1253. Experience as an information system security officer (ISSO) or information system security manager (ISSM) supporting classified programs. Experience in assessing and documenting test or analysis data to show cybersecurity compliance. Experience utilizing security relevant tools, systems, and applications in support of Risk Management Framework (RMF) to include: NESSUS, ACAS, DISA STIGs, Audit Tools, ESS, eMASS, PPS. Outstanding communication skills across all levels of the organization. Must be a US citizen and hold a current Top Secret clearance with SCI Access (TS/SCI). Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information. EOE/M/F/Vet/Disabled

The Security Engineer is responsible for ensuring that technical and procedural security controls are established and maintained within the organization and complies with a variety of security requirements as well as industry best practices. The position works closely with the Information Security Officer, IS leadership, and team members to implement and maintain security and compliance across LBMC. The Security Engineer will assist in managing Security Systems such as various endpoints, network logging, monitoring, physical access methods, and preventive systems as needed. The Security Engineer must focus on continuous improvement of response capabilities through automation and critical thinking. The professional is responsible for scrutinizing malware, targeted attacks, and intrusion detection. The Security Engineer will identify, investigate, and respond to information security alerts. They play an active role in searching through datasets, alerts, and notifications to detect any threats and anomalies. The security engineer will help resolve any issues related to network perimeter and security infrastructure devices. They must help resolve Windows and other security vulnerabilities. The Security Engineer must be able to dissect network, host, memory, and other artifacts that are originating from multiple operating systems and applications. The engineer will perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the security engineer to develop alerting and detection strategies to investigate any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics. The Security professional must be involved in incident response and investigations. The Information Security Engineer may suggest tools and techniques to achieve security goals. The Security Engineer may perform well-researched security enhancement suggestions to the ISO which meet security standards that protect the organization from possible security breaches. Essential Responsibilities * Security Alerts: Review, respond, and remediate where applicable; * Vulnerability remediation (may also be tasked with vulnerability administration, enhancements, scans, and automation development opportunities); * Phish campaign monitoring and resolution; * Analyze security systems and seek improvements on a continuous basis; * Report possible threats or software issues; * Research weaknesses and determine ways to counter them; * Understand software, hardware, and internet needs while adjusting them according to our business environment; * Assist fellow employees with cybersecurity, software, hardware, or IT needs; * Carry out and support information security plans and policies; * Respond to, investigate, and assist in recovery efforts related to a security breach; * Assist in Security Awareness training development and support; * Troubleshoot security and network problems; * Ensure the organization's data and infrastructure are protected by enabling and/or recommending appropriate security controls; * Participate and follow the change management process; * Daily administrative tasks, reporting, and communication within Information Security as well as relevant departments within the organization, as needed or directed; * Administer, configure, and troubleshoot security infrastructure devices such as Varonis; * Test new software and firmware, as needed or directed. Operational Management * Work closely with IS Engineering, Security Engineers/Analysts, and other IS departments on corporate technology development to fully secure information, computer, network, and processing systems; * Recommend and implement changes, where appropriate, related to security policies and practices in accordance with changes in local and federal law; * Creatively provide resolution to security issues/problems in a cost-effective manner; * Collaborate with the Information Security Officer to establish and maintain systems for ensuring security and privacy policies are met. * Other security responsibilities as directed by the Information Security Officer Other Qualifications * Minimum of 1 - 3 years progressive experience in Cybersecurity technology development/engineering, with an emphasis on cybersecurity technology installations projects, administration, development, support, and related security tools/technology implementations; * Position requires a 4-year degree in Information Systems, Computer Science, Information Security or similar. An equivalent combination of education and experience will be considered; * For those not meeting the minimum education, additional work-related experience will be deemed equivalent; * CISSP or related certification is an advantage; * Strong knowledge of core IT and Security infrastructures including Active Directory, Azure AD, Microsoft Windows security controls, SIEM, AV/EDR [specifically Microsoft o365/E5], IPS, PIM, PAM, IAM, Certificate Management, vulnerability scanners, etc.; * Working knowledge and experience in the following areas: * Cloud computing security in Azure/Windows environments, security controls, security capabilities identification; * Experience in working on Microsoft products and can learn new systems quickly; * Experience with Nessus, Sentinel, Log Analytics, M365 Security stack, penetration testing, security patching, AppLocker, etc.; * Strong verbal and written communication skills required; * Must be able to handle multiple, simultaneous tasks effectively and efficiently while maintaining a professional, courteous manner; * Must be able to work well with others; * Must be detail oriented and organized; * High integrity, including maintenance of confidential information; * Must be able to exercise good judgement and positively influence others, including handling confrontations/conflict with poise and efficiency; * Focus on continuously improving skillset to meet security changes and challenges; * Based on business need, ability to work a flexible schedule, including some evenings and weekends as approved in advance or as required to support a security issue; * Regular and reliable attendance required.

Job Description Seneca Global Services, LLC is part of the Seneca Nation Group (SNG) portfolio of companies. SNG is Seneca Holdings' federal government contracting business that meets mission-critical needs of federal civilian, defense, and intelligence community customers. Our portfolio comprises multiple subsidiaries that participate in the Small Business Administration 8(a) program. To learn more about SNG, visit the website and follow us on LinkedIn. At Seneca, our team of talented individuals is what makes us successful. To support our team, we provide a balanced mix of benefits and programs. Your total rewards package includes competitive pay, benefits, and perks, flexible work-life balance, professional development opportunities, and performance and recognition programs. We offer a comprehensive benefits package that includes medical, dental, vision, life, and disability, voluntary benefit programs (critical illness, hospital, and accident), health savings and flexible spending accounts, and retirement 401K plan. One of our fundamental principles at Seneca Holdings is to offer competitive health and welfare benefits to our team members, providing coverage and care for you and your family. Full-time employees working at least 30 hours a week on a regular basis are eligible to participate in our benefits and paid leave programs. We pride ourselves on our collaborative work environment and culture, which embraces our mission of providing financial and non-financial benefits back to the members of the Seneca Nation. Seneca Global Services, LLC seeks a highly motivated Information Systems Security Officer (ISSO) to join our technical team supporting the National Cyber Range Complex (NCRC). The NCRC plays a critical role in enhancing the resilience of DoD systems and the effectiveness of U.S. cyber operations by delivering full-spectrum test and evaluation, workforce training, and mission rehearsal events. As the NCRC continues to evolve as a best-of-breed cyber range, the ISSO will contribute directly to ensuring secure facilities, tools, and expertise for some of the most demanding test, training, and mission rehearsal requirements in the Department of Defense. As a key member of the cybersecurity team, the ISSO will act as a security liaison across multiple domains-including physical, personnel, information, cyber, operations, Anti-Terrorism/Force Protection, law enforcement, communications, and technical security-while working closely with the Information Systems Security Manager (ISSM) to ensure compliance, readiness, and secure mission execution. Responsibilities include, but are not limited to: Provide direct support to the ISSM on activities such as Assessment & Authorization (A&A), execution of Continuous Monitoring Plans, and facilitation of Security Controls Assessments. Administer and monitor Risk Management Framework (RMF) steps and activities throughout the system lifecycle to maintain an appropriate security posture. Implement cybersecurity programs, policies, and procedures for assigned systems. Maintain working knowledge of current and upcoming events, system functions, policies, safeguards, and security measures. Serve as a subject matter expert in RMF core concepts and processes. Coordinate with applicable stakeholders across the enterprise to ensure security compliance and readiness. Maintain Authorization to Operate (ATO) packages for assigned systems within the designated A&A System of Record (e.g., eMASS, XACTA 360, Keystone). Review and analyze audit logs (e.g., Splunk, Windows EVTX, Linux syslogs) to detect potential anomalies or threats. Perform validation checks to ensure CM-approved software and antivirus definitions are installed on assigned systems. Conduct compliance/vulnerability scans and manual checks to identify and mitigate risks. Execute ISSO-specific tasks as outlined in program security plans. Deliver cybersecurity education, training, and awareness to system users as required by the ISSM. Basic Qualifications: Active Top Secret clearance with SCI eligibility. Bachelor's degree in Cybersecurity, Information Systems, or related discipline, and/or 8+ years of relevant experience (additional experience may substitute for degree). Minimum of 5 years of extensive experience in cybersecurity, information assurance, and RMF processes. DoDD 8140.01 IAT Level II certification or higher. At least 2 years of experience conducting IT application, system, or network reviews and providing DoD cybersecurity policy and technical guidance. Desired Skills: Certifications aligned to DoDM 8140.03 / DoD Cyberspace Workforce Framework. Familiarity or background with some of the following technologies: CISCO equipment (routing and switching technologies) Zero-trust requirements VMWare (vSphere, vCenter, NSX, ESXi) RHEL (Ansible, Kubernetes, StackRox, OpenShift) AWS / Azure cloud technologies and containerization F5 BIG-IP, Cisco networking, and distributed technologies STIG and IAVA implementation NetApp storage technologies Dell Blade Servers Equal Opportunity Statement: Seneca Holdings provides equal employment opportunities to all employees and applicants without regard to race, color, religion, sex/gender, sexual orientation, national origin, age, disability, marital status, genetic information and/or predisposing genetic characteristics, victim of domestic violence status, veteran status, or other protected class status. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation and training. The Company also prohibits retaliation against any employee who exercises his or her rights under applicable anti-discrimination laws. Notwithstanding the foregoing, the Company does give hiring preference to Seneca or Native individuals. Veterans with expertise in these areas are highly encouraged to apply.

Who We're Looking For (Position Overview):This role is critical in ensuring the security posture of mission-critical applications and infrastructure across multiple network enclaves (Unclassified, Secret, Top Secret). The ISSO will be responsible for developing, maintaining, and enforcing security policies, implementing cybersecurity controls, managing Authority to Operate (ATO) documentation, and conducting continuous monitoring and risk assessments in compliance with FISMA, NIST, DOJ, and other federal mandates.What Your Day-To-Day Looks Like (Position Responsibilities): Serve as the principal cybersecurity advisor to system owners and stakeholders. Design, analyze, and test of information security systems, products, cloud architectures and cloud solutions. Provide recommendations and/or alternatives to mitigate impact of system security boundary changes as part of any potential re-architecting and/or re-design activities. Develop, implement, and evaluate security controls, measures, and frameworks in cloud-based systems to ensure data integrity, confidentiality, and availability. Perform risk analysis, vulnerability assessments, and security audits to identify and address potential weaknesses in cloud environments. Follow all appropriate security authorization process for requesting and maintaining an Authority to Operate (ATO). Responsible for ensuring operational security is maintained for assigned information systems. Ensure systems are operated, maintained, disposed of in accordance with security policies and practices. Perform Security Incident Reporting and Response. Coordinate with the Office of the Chief Information Officer (OCIO), Security Division, and others to provide documentation to the system Certification and Accreditation process. Ensure audits and reviews are responded to with accurate information. Perform system access control responsibilities. Participate in the change management process for assigned applications. Work with Product Owner, Product Manager, OCIO, Security Division, and other stakeholders to ensure security concerns are addressed during all phases of system lifecycle. Perform continuous system security monitoring. Implement and manage cloud-native and third-party security tools for monitoring, threat detection and vulnerability management. Act as a SME on Cloud Security while applying methods, standards, and approaches for ensuring the baseline security safeguards are appropriately implemented and documented. Provides reports to superiors regarding effectiveness of data security and makes recommendations for the adoption of new procedures. Draft and keep updated information security documentation to include System Security Plan, Information System Contingency Plan, Plan of Actions and Milestones (POA&M), Privacy Threat Assessment, Privacy Impact Assessment, and Configuration Management Plan. Responsible for ensuring the implementation and maintenance of annual security controls assessments. Assist with FISMA System audits as necessary. Leverage necessary vulnerability assessment and scanning tools including Nessus and ACSA to identify vulnerabilities, Splunk tools to monitor, detect and rectify misconfigurations. Working directly with development, platform, and infrastructure teams on security problems. What You Need to Succeed (Minimum Requirements): Top Secret (TS) Clearance with SCI eligibility. 3 - 5 years of experience required. Extensive experience with federal cybersecurity frameworks, including RMF, NIST 800-53, CNSS, and FISMA. Experience supporting cloud security in environments such as AWS GovCloud, C2S, SC2S, and Microsoft Azure. Analyze logs using Splunk and AWS tools. Hands-on experience with vulnerability assessment and configuration tools such as Nessus, ACSA, and Splunk. Work with GRC tools such as Xacta/JCAM Hold at least one of the following security certifications. Example: Security +, CGRC, CASP, CISSP Experience using Atlassian suite tools such as JIRA/CONFLUENCE Experience with Agile Methodologies/SAFe Expertise on Information Security Principles, processes and guidelines Able to obtain and maintain an Authority to Operate (ATO) for Information Systems. Experience with scanning tools such as Tenable Nessus Ability to work on multiple projects with various timelines, at times very short deadlines. Ideally, You Also Have (Preferred Qualifications): Certifications: CISSP, CISM, CAP, Security+, AWS Certified Security - Specialty, or other relevant certifications. Experience in a high-side or multi-enclave (U/S/TS) environment. Experience working with Agile development teams and CI/CD pipelines. Familiarity with Infrastructure as Code (IaC) and cloud configuration management tools (e.g., Terraform, Ansible). Familiarity with NIST 800-53 Rev. 5 #CJ

Description Summary: This role supports the advancement of the organization's Information Security Program, ensuring robust protection of customer, consumer, and proprietary data against evolving threats. The position is a key player with strategic initiatives, enforces corporate and regulatory compliance, and continuously enhances security posture through proactive risk management and visibility improvements. Essential Duties and Responsibilities: Support the security strategies aligned with organizational goals. Lead or serve as a key participant in audits, regulatory examinations, and vendor assessments. Ensure compliance with industry standards and regulatory requirements. Maintain InfoSec dashboards using Power BI to track key metrics and identify trends. Provide actionable insights to leadership for continuous improvement of security controls. Implement and optimize security measures to reduce network risk and enhance visibility. Continuously improve security controls, policies, and procedures to address emerging threats. Manage and audit intrusion prevention systems, SIEM, antivirus, vulnerability management, and content filtering solutions. Oversee patch management for operating systems, applications, and hardware. Partner with technology and compliance teams to resolve security issues and implement strategic initiatives. Manage Data Security Posture Management (DSPM) and Data Loss Prevention (DLP) tools and associated governance controls. Education and/or Experience Bachelor's degree or equivalent experience 5+ years in Information Security or IT Audit, with demonstrated leadership in security strategy and risk management. CISSP required Skills and Abilities Ability to assess, prioritize, and mitigate risks across complex environments. Strong experience with audit processes, regulatory examinations, and vendor risk assessments. Skilled in translating technical data into actionable insights for leadership Ability to demonstrate the highest level of ethical behavior and confidentiality and maintain confidentiality with sensitive information. Respectful demeanor toward other associates and managers that promotes a positive and professional work environment. FirstBank does not accept unsolicited resumes from agencies and staffing firms. Recruitment agencies and consultants may not submit resumes directly to managers. FirstBank will not pay fees to any third-party agency or company that does not have a signed agreement as an approved vendor. FirstBank in an Equal Opportunity Employer, including disability.

Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities - revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers - so they can remain focused on the business of water. For additional information, please visit the company website at ****************** Senior Security Analyst Position Summary As a Senior Security Analyst, you will be a key member of Neptune's 24×7 Security Operations program, supporting incident response, SIEM management, and threat detection across a hybrid environment (on-prem, cloud, SaaS). You'll work closely with the SOC Manager to execute detection, response, and reporting processes that protect Neptune and meet compliance requirements. Responsibilities: Threat Detection & Monitoring * Monitor and analyze security alerts from SIEM and EDR platforms * Investigate anomalies and suspicious activity across endpoints, networks, and cloud environments * Maintain high-fidelity alerting and reduce false positives through tuning Incident Response & Management * Execute playbooks for triage, containment, and remediation of security incidents * Assist in forensic investigations and contribute to post-mortem reports * Participate in tabletop exercises and readiness drills SIEM & Security Logging * Maintain SIEM health and ensure reliable telemetry across all assets * Develop and refine detection rules and correlation logic * Support automation and orchestration workflows for incident handling Identity & Access Management * Monitor identity-related events for anomalies and privilege escalation attempts * Support IAM lifecycle processes and enforce least privilege principles Threat Intelligence & Modeling * Integrate threat intelligence feeds into detection workflows * Assist in threat modeling to identify potential attack paths Reporting & Metrics * Document incidents and provide timely updates to SOC Manager for reporting to parent company * Track and report operational metrics (MTTD, MTTR, alert volumes, etc.) Security Standards & Architecture * Apply secure-by-design principles in collaboration with engineering teams * Support zero trust initiatives and network segmentation projects Relevant Platforms (experience with several is expected): * SIEM/SecOps: e.g. Google SecOps (Chronicle) * EDR & Identity: e.g. CrowdStrike, Microsoft AD/Entra * Network Security: e.g. FortiGate NGFW, FortiSASE * Secure Browsing: e.g. Prisma * Patching & Config: e.g. Automox * Secrets Management: e.g. Keeper * Asset Management: e.g. Axonius, Cyclops * Email & Data Security: e.g. Mimecast, Microsoft Purview Minimum Qualifications: * Bachelor's degree (or equivalent experience) * 3+ years in Security Operations or Incident Response * Hands-on experience with SIEM, EDR, and threat detection * Familiarity with NIST, ISO, MITRE ATT&CK, and zero trust principles * Strong analytical and communication skills Preferred Qualifications: * Security certifications (e.g., GCIH, GCIA, CISSP) * Experience with cloud security (AWS, Azure, GCP) * Exposure to SOAR automation and scripting * Travel Requirements: Typically requires overnight travel less than 10% of the time. Travel Requirements: Typically requires overnight travel less than 10% of the time. Location: Duluth, GA, Tallassee, AL

Job Description DESE Research, Inc. is excited for the opportunity to add an Information Systems Security Officer to our existing team. If you feel like you have the skills and qualifications for this position, please apply now! Job Details: The successful candidate will oversee day-to-day information system security operations including auditing hardware, software implementations, and risk assessments. The candidate will upkeep, monitor, analyze, and respond to network and security events. The candidate will ensure configuration management for security relevant IS software, hardware, and firmware are maintained and documented. The candidate will implement Risk Management Framework (RMF) security controls utilizing DISA Security Technical Implementation Guides (STIGs). Required Qualifications: An active DOD Secret clearance 5-10 years of experience in cyber security engineering/analysis, supply chain risk management, logistics, product management, program protection planning, or system security engineering Experience with IS auditing and investigations Knowledgeable of operating system security requirements Hands-on experience with industry-standard Information Assurance tools Security+ Certification CompTIA CySA+ certification Required Education Qualifications: Bachelor's Degree in Cyber Security, an Engineering Discipline, Logistics, or Supply Chain Desired Qualifications: Overall knowledge of Information Systems Security and ISSO duties Working knowledge of system administration and network administration Working knowledge of classified defense contracts DoD 8570 IAM Level II Certification Why employee's love working for DESE: At DESE, we are committed to creating a company that is known for its respect and care for employee's. We understand that happy employees are what keeps our business going and we strive to provide the best opportunities for each individual working on our team! Here are a few reasons you will love working here: Competitive salaries Annual performance bonuses Robust 401k profit sharing plan Competitive health, dental & vision insurance with affordable premiums Flexible work schedules Two different flexible spending account options Company paid life insurance & Accidental Death & Dismemberment Education reimbursement program Personal leave for approved philanthropic activities Vacation, Sick & Holiday leave Opportunities for internal promotions Employee referral incentive program Rewards and gifts for service anniversaries Disability Accommodation for Applicants - DESE Research, Inc. is an Equal Employment Opportunity employer and provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in its job application procedures. If you have any difficulty using our online system and you need an accommodation due to a disability, you may use the following alternative email address or phone number to contact us about your interest in employment with us: ********************** or ************x123. Job Posted by ApplicantPro

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role As a Physical Security Systems Engineer at xAI, you'll design, implement, and maintain advanced security systems to safeguard our facilities, assets, and personnel. Working onsite in Memphis, Tennessee, you'll tackle complex challenges, leveraging your deep expertise in security technologies to strengthen our infrastructure at a fast-scaling company. Expect to dive into system optimization, ensure robust protection, and travel regularly to xAI sites to support our mission of accelerating human scientific discovery through AI. This is an in-person role based in Memphis, Tennessee, with regular travel required to all xAI sites. Responsibilities Develop detailed design plans for the installation of physical security systems including access control, surveillance cameras, intrusion detection, and alarm systems. Collaborate with InfoSec, IT and facility management teams to integrate security hardware with existing systems across locations. Manage health and configuration of security network infrastructure Regularly assess the performance of installed security systems and make necessary adjustments or upgrades. Conduct preventive maintenance to ensure all security equipment is in optimal working condition. Diagnose and resolve hardware issues promptly to minimize downtime and security risks. Keep detailed records of all service and maintenance activities. Participate in or lead security audits to identify vulnerabilities in physical security measures. Recommend and implement solutions to address identified security gaps. Liaise with vendors for procurement of security hardware, ensuring compliance with organizational standards and budget constraints. Manage relationships with external contractors for installation and maintenance services. Train security and facility staff on the use of new security systems. Ensure all security hardware installations meet local, state, and federal regulations. Maintain up-to-date documentation on system configurations, maintenance schedules, and security incident responses. Required Qualifications Minimum of 5 years in a role focused on physical security systems design. Proven experience with CCTV, access control, and intrusion detection systems. Experience using CAD software and reading architectural drawings Experience using Bluebeam software Preferred Qualifications Bachelor's degree in Electrical Engineering, Computer Science, or related field; or equivalent experience in security systems. Ability to interpret security objectives, develop project schedules and manage adherence to established timetables. Familiarity with Genetec software is a plus. Proficiency in hardware troubleshooting and system diagnostics. Experience configuring security and network architecture in integrated security systems. Familiarity with current security technology trends and innovations. Certifications such as CPP (Certified Protection Professional) or PSP (Physical Security Professional) are highly desirable. Excellent problem-solving abilities and attention to detail. Strong communication skills for effective collaboration with team members and stakeholders. Ability to work under pressure in a dynamic environment on highly condensed timelines. Regular sitting at a desk or computer for extended periods, typing and writing. Occasionally walking, around the facility and standing. xAI is an equal opportunity employer. California Consumer Privacy Act (CCPA) Notice