Security architect jobs in Spring Hill, TN

Clearance Required: Top Secret/SCI We are seeking an experienced Information Systems Security Officer (ISSO) to support classified environments and mission-critical programs and initiatives. This role provides day-to-day cybersecurity, accreditation, and compliance support for Collateral and SCI systems within secure areas. The ISSO will play a key role in maintaining the security posture of classified information systems, ensuring compliance with DoD, Intelligence Community directives, and the Risk Management Framework (RMF). Key Responsibilities Security & Policy Support Apply knowledge of security policies, ICDs, DoD manuals, JAFANs, and related guidance. Work effectively across a dynamic environment with DoD personnel, military/civilian stakeholders, and industry partners. Operate with minimal supervision while demonstrating initiative, independence, and strong problem-solving capabilities. RMF Responsibilities Review, prepare, update, and maintain RMF accreditation packages. Perform RMF self-inspections and support compliance reviews. Track changes affecting system accreditation and notify appropriate stakeholders. Identify vulnerabilities and recommend/implement mitigation strategies. Conduct security surveys and coordinate documentation for accreditation packages. Prepare and track RMF inspections, findings, and corrective action responses. Maintain RMF security documentation and system records. System Operations & Continuous Monitoring Ensure all authorized systems are operated, maintained, and disposed of in accordance with RMF and security policies. Assist with Cyber Test & Evaluation (CT&E) activities for government partners. Collect, review, and analyze security scans, audit logs, and system alerts. Perform vulnerability management and apply continuous monitoring processes for classified systems. Customer & Mission Support Support both internal and external customers as part of ISSO duties. Maintain strong communication and coordination with stakeholders regarding system security posture. Required Qualifications 5-9 years of related ISSO, cybersecurity, or information assurance experience. ACAS (Assured Compliance Assessment Solution) Splunk Background in Systems Administration. Strong understanding of RMF processes, documentation, and compliance requirements. Education Bachelor's degree or an additional 4 years of relevant experience in lieu of a degree. Certifications Must meet DoD 8570.01-M requirements Must posess/obtain IAT Level II certification within 6 months of hire (e.g., Security+ CE, CCNA Security, CySA+, etc.). Security Clearance Active Top Secret/SCI required.

Large Domestic Distribution and MFG company who has implemented Oracle Cloud Financials and currently implementing Oracle Cloud SCM and MFG is looking for a full time Oracle Cloud Architect with experience ideally around Supply Chain. The person will provide high level guidance around Integration and Configuration and technical overall architecture of the system and the applications. Looking for someone with at least 10 years of Architecture experience. Role is ideally a hybrid or remote with minimal travel to client site as needed in Tennessee. Ideal consultant will be a GC or USC however client will consider an H1 transfer for right resource.

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations. Technical Implementation: Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points. Configure, administer, and secure Active Directory and Azure AD environments. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture. Security Operations: Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts. Lead technical response efforts during security incidents or breaches in coordination with the incident response team. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access. Conduct routine vulnerability assessments and threat analysis to support continual improvement. Perform digital forensics and incident response activities as needed. Compliance: Ensure adherence to HIPAA and all applicable regulatory and security standards. Design and implement technical safeguards that protect sensitive information and support organizational objectives. Collaboration: Partner with IT and business teams to embed security controls into systems, applications, and workflows. Educate and support staff on cybersecurity awareness, best practices, and evolving threats. Documentation: Create and maintain accurate documentation for security configurations, procedures, and incident activity. Remain informed on current cybersecurity trends and recommend enhancements to existing controls. Security Audits: Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards. Security Standards and Policies: Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements. Security Infrastructure Maintenance and Monitoring: Configure, troubleshoot, and maintain security-related hardware and software. Implement and manage monitoring tools to detect intrusions and potential security breaches. Security Strategy Development: Support the planning, execution, and ongoing refinement of the organization's information security strategy. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives. Perform additional duties as assigned. Minimum Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required. Minimum Experience: Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment. Certifications: Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.

Are you ready to take on a pivotal role that will shape the future of security architecture in a leading financial institution? We are seeking three seasoned and visionary Distinguished Enterprise Architects to join our dynamic security organization, each aligned to one of our key business areas: Commercial Banking, Consumer Banking, and Private Banking. In this highly strategic role, you will have the opportunity to drive architecture across these domains, partnering closely with technical and business leaders to make a lasting impact. While the role resides within the security function, this is far from a narrow security engineering position. You will leverage core enterprise architecture principles to ensure secure, scalable, and resilient design across all technology layers including cloud, infrastructure, applications, and data, grounded in frameworks such as TOGAF, Zachman, and NIST. Your expertise will be instrumental in transforming our security landscape and empowering our business units to achieve their strategic goals with confidence. Key Responsibilities + Champion customer protection on the front lines of delivering strategic initiatives for the company. + Define and evolve enterprise-wide architecture strategies aligning with both business goals and cybersecurity objectives. + Partner with line-of-business architects, ensuring cohesive integration of business, application, data, and technology architecture domains. + Lead the development of architecture standards, creating reference models and reusable patterns that promote consistency across cloud platforms, DevOps, and software development efforts. + Champion secure-by-design principles, applying these principles across the full SDLC without being prescriptive to specific languages, stacks, or front-end design. + Serve as a senior advisor, translating regulatory requirements and risk posture into actionable architectural guidance across technology and security teams. + Collaborate with Infrastructure, DevOps, SRE, and Engineering leaders to embed architectural controls into CI/CD pipelines, runtime environments, and operational workflows. + Evaluate and guide the adoption of emerging technologies focusing on cloud-native platforms, identity frameworks, API security, secure data exchange, and container orchestration with an emphasis on innovation and risk reduction Qualifications + 15+ years of experience in senior technical roles with demonstrated leadership at the enterprise or divisional level. + Ability to drive security-focused initiatives, unifying technical security, enterprise architecture, application architecture, and business outcomes. + Ability to align security priorities with the broader business context, tailoring security policies and measures to meet the organization's evolving needs. + Strong communication and presentation skills with the ability to distill complex architecture topics for both technical and executive audiences. + Experience embedding security into key business initiatives such as digital transformation, customer experience enhancement, and operational efficiency. + Strong grounding in enterprise architecture concepts with practical application across multiple architecture domains. + Demonstrated success achieving results within tight budgetary constraints. + A passion for coaching junior team members. + Deep experience in cloud (AWS, Azure, or GCP), DevOps and infrastructure automation, and modern application architectures (microservices, APIs, containers). + Hands-on experience with Enterprise application development, including expertise in multiple programming languages and database technologies. + Solid understanding of cybersecurity architecture, including identity, access, encryption, secure network design, and threat modeling. + Proactive security design experience, ensuring security concerns are proactively designed (shift-left) to enable the organization to pursue its strategic goals with confidence. + Experience fostering a security-driven culture, promoting security as a business enabler, driving secure scalability, protecting sensitive data, and maintaining regulatory compliance, all while accelerating business value and supporting long-term growth. + Ability to work across a matrixed environment, influencing without direct authority. + This is not a management position, but experience is a plus. + Experience working with regulatory agencies is a plus. Education and Certifications + Required: Bachelor's degree in Software Engineering, Computer Science, Computer Engineering, related discipline, or equivalent experience. + Preferred: Master's degree in Software Engineering, Computer Science, Engineering, Mathematics, or related discipline. Pay Transparency The salary range for this position is $170,000 - $230,000 per year plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience. We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens' paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit *************************************** #LI-Citizens1 Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance. Equal Employment Opportunity Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability. Why Work for Us At Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth Background Check Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information. 12/31/2025

Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** The Principal Information Security Architect provides subject matter expertise for multiple, complex security systems, including developing security architectures and roadmaps, and evaluating, planning and designing security solutions. Additionally, the Principal Architect provides subject matter expertise to Product, IT, Network, and Security teams in the implementation of recommended solutions for identified technical security issues; ensures the implementation of security solutions utilizing advanced technical expertise; serves as architecture lead on major projects with the ability and expertise to develop overall architectural direction; initiates and executes advanced research and development activities of significance to future business security strategies. **The Main Responsibilities** + Drives beneficial security change into the business through the development or review of architectures to ensure that they fit business requirements for security, mitigate risks, conform to the relevant security standards, and balance information risk against the cost of appropriate countermeasures. + Develops and designs new security solutions to reduce risk and align business requirements with security standards. Supports vendor relationships; leads vendor reviews through RFx process, working with Procurement and appropriate business partners on requirements and success criteria. Supports development of business case and approval process. + Delivers guidelines, best practices, and direction on security standards/policies and roadmaps. Provides subject matter expertise, consultation, and escalation support. + Provides support to Security Review process by assisting with complex questions and projects. Work with business units and partners as needed. + Acts as liaison between the business and technology from a security perspective, maintains an overview of the environment as a whole and its security aspects, understands business strategy and how it relates to security strategy, acts as a liaison between appropriate regulatory bodies, IT auditors, and business stakeholders, educates IT and enterprise roles on the need for (and consequences of) reducing information-related risk, and ultimately drives organizational change at all levels of the business. **What We Look For in a Candidate** Required: + Bachelor's degree in computer science, engineering, or related field with 15+ years of relevant experience or + Master's degree in computer science, engineering, or related field with 12+ years of relevant experience. + Applicable professional/technical certifications must be in place, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA. + Knowledge of information security industry and regulatory obligations (ISO 27001/27002, NIST Framework, FISMA, FedRAMP, and GDPR). + Software development experience. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $149,084 - $198,779 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $156,539 - $208,718 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $163,993 - $218,657 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (**************************************************** + Bonus Structure \#LI-Remote **What to Expect Next** Requisition #: 340981 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (************************************* . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name.

Role OverviewThe Principal Cloud Security Architect evaluates cloud architectures, identity models, permissions, and security controls across large-scale environments. This role focuses on identifying architectural risks, misconfigurations, and long-term security design gaps. What You'll Do- Assess cloud architectures (AWS, Azure, GCP) for security gaps - Review IAM configurations, network segmentation, and resource policies - Identify misconfigurations, privilege risks, and insecure patterns - Summarize architectural flaws and provide structured mitigation guidance - Validate alignment with security frameworks and best practices - Support recurring assessments of cloud environments and deployment patterns What You BringMust-Have:- Deep experience in cloud security architecture - Strong understanding of IAM, network design, and cloud service models - Ability to document complex architectures in clear, structured form Nice-to-Have:- Experience with multi-cloud, zero-trust, or high-compliance environments

Who You'll Work With As a modern technology company, our Slalom Technologists are disrupting the market and bringing to life the art of the possible for our clients. We have passion for building strategies, solutions, and creative products to help our clients solve their most complex and interesting business problems. We surround our technologists with interesting challenges, innovative minds, and emerging technologies. Join the Slalom Cloud Team -a team of trailblazers ensuring we achieve our strategic goals through innovation and investment in the future. You'll collaborate with local market teams, niche experts, and global partners to drive cloud solution sales and empower clients on their cloud transformation journey. As a key member of Slalom's Google Cloud Center of Excellence, you'll leverage our award-winning partnerships and multidisciplinary teams to deliver business value and technical excellence for high-impact security and infrastructure solutions. What You'll Do * Stay current with security trends, technologies, and best practices around Google Cloud solutions, leveraging tools like Cloud IAM, Cloud Security Command Center, BeyondCorp, and Cloud Armor. * Define and guide transformational security strategies for Google Cloud environments, ensuring alignment with Google's Zero Trust and BeyondCorp principles. * Translate complex regulatory requirements (e.g., GDPR, SOC 2, HIPAA) and technology standards into actionable functional and technical requirements for cloud and hybrid environments, ensuring security and compliance. * Lead teams through various phases of gap analyses, including security assessments, remediation planning, roadmap development, and implementation of remediation actions using Google Cloud-native tools. * Deliver on the vision, architecture, execution, and quality assurance of security projects on Google Cloud, driving initiatives that secure enterprise workloads and data. * Guide stakeholders and senior leaders on aligning security solutions with broader business goals, ensuring the architecture follows Google Cloud's security best practices and roadmap. * Establish security architecture patterns based on Google Cloud security frameworks and industry standards to meet the unique needs of enterprise clients. * Collaborate with other Google Cloud architects and security teams to continuously improve security knowledge assets and best practices, ensuring the most effective security solutions for clients. * Design and architect solutions to secure Generative AI models and applications against adversarial attacks, prompt injection, and their potential misuse for malicious cyber activities. What You'll Bring * Proven experience with Google Cloud security architecture, with hands-on experience in tools like Cloud IAM, VPC Service Controls, Cloud DLP, and Cloud Armor. * Strong background in defining and implementing Zero Trust and BeyondCorp security models within Google Cloud environments. * Familiarity or direct experience with Identity and Access Management (IAM), Data Protection, Vulnerability Management, and Cloud Security solutions in Google Cloud. * Extensive experience with security design patterns specific to Google Cloud, as well as hybrid and multi-cloud security architecture. * Experience in security and risk advisory consulting, particularly related to cloud security transformations. * Ability to lead the development and implementation of cloud security roadmaps aligned with business goals and compliance needs. * Familiarity with Google Cloud's Artificial Intelligence (AI) capabilities (e.g., Vertex AI, Generative AI services, Model Armor) including their applications, associated security risks (e.g., prompt injection, data poisoning, privacy concerns), and proven strategies for implementing security controls, governance, and responsible AI practices. * Relevant certifications are strongly desired but not required, including (but not limited to): * GCP Professional Security Engineer * GCP Professional Cloud Architect * CISSP * Security+ About Us Slalom is a fiercely human business and technology consulting company that leads with outcomes to bring more value, in all ways, always. From strategy through delivery, our agile teams across 52 offices in 12 countries collaborate with clients to bring powerful customer experiences, innovative ways of working, and new products and services to life. We are trusted by leaders across the Global 1000, many successful enterprise and mid-market companies, and 500+ public sector organizations to improve operations, drive growth, and create value. At Slalom, we believe that together, we can move faster, dream bigger, and build better tomorrows for all. Compensation and Benefits Slalom prides itself on helping team members thrive in their work and life. As a result, Slalom is proud to invest in benefits that include meaningful time off and paid holidays, parental leave, 401(k) with a match, a range of choices for highly subsidized health, dental, & vision coverage, adoption and fertility assistance, and short/long-term disability. We also offer yearly $350 reimbursement account for any well-being-related expenses, as well as discounted home, auto, and pet insurance. Slalom is committed to fair and equitable compensation practices. Slalom is committed to fair and equitable compensation practices. For this role, we are targeting the following levels and salary ranges: East Bay, San Francisco, Silicon Valley: * Senior Consultant: $131,000-$196,500 San Diego, Los Angeles, Orange County, Seattle, Houston, New Jersey, New York City, Westchester, Boston, Washington DC: * Senior Consultant: $120,000-$180,000 All other locations: * Senior Consultant: $110,000-$165,000 In addition, individuals may be eligible for an annual discretionary bonus. Actual compensation will depend upon an individual's skills, experience, qualifications, location, and other relevant factors. The salary pay range is subject to change and may be modified at any time. EEO and Accommodations Slalom is an equal opportunity employer and is committed to inclusion, diversity, and equity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veterans' status, or any other characteristic protected by federal, state, or local laws. Slalom will also consider qualified applications with criminal histories, consistent with legal requirements. Slalom welcomes and encourages applications from individuals with disabilities. Reasonable accommodations are available for candidates during all aspects of the selection process. Please advise the talent acquisition team if you require accommodations during the interview process.

Precision Resources, a division of the Trimarc Group Inc., is currently assisting a client with their search for an experienced AWS Security Architect. An AWS Security Architect is a specialized cybersecurity professional who designs, implements, and manages security strategies for cloud-based systems. They ensure that cloud environments and applications are secure, compliant, and resilient against threats. This involves defining security policies, implementing security controls, and continuously monitoring and improving the overall cloud security posture. Key Responsibilities: Designing Secure Cloud Architectures - Creating secure blueprints for cloud infrastructure, encompassing network security, access controls, data encryption, and more. Implementing Security Controls - Setting up and configuring security tools and technologies like firewalls, intrusion detection systems, and identity and access management solutions. Developing Security Policies - Creating and enforcing policies that govern how data and resources are accessed and used within the cloud environment. Conducting Security Assessments - Regularly evaluating the security of cloud systems, identifying vulnerabilities, and recommending remediation steps. Incident Response - Participating in the investigation and resolution of security incidents that may occur in the cloud environment. Staying Updated - Keeping abreast of the latest cloud security threats, vulnerabilities, and best practices. Collaboration - Working with other teams, like developers and operations, to integrate security into the entire cloud lifecycle. Essential Skills: Cloud Platform Expertise - Deep knowledge of AWS it's respective security services. Security Principles - Strong understanding of core security concepts such as encryption, authentication, authorization, and network security. Risk Management - Ability to assess and mitigate security risks within the cloud environment. Scripting and Automation - Proficiency in scripting languages (e.g., Python, PowerShell) for automating security tasks and building security tools. Communication and Collaboration - Excellent communication and interpersonal skills to effectively work with various teams and stakeholders. To upload your resume and apply directly, please visit: https://evoportalus.tracker-rms.com/PrecisionResources/apply?jobcode=1273

Weekly Schedule: Monday- Friday: 9am-5pm Primary Responsibilities * Manages solution design from conception, through ARB, to delivery * Primarily responsible for producing architecture documentation for security applications as assigned and as projects and programs of work dictate * Maintains First Horizon's Security Architecture Pattern Inventory (across identity, data, application, network, and cloud) as a member of the Core Enterprise Architecture Team * Leads security design workshops and POC efforts for new (security) capabilities * Validates 3rd Party/Vendor Solutions for security concerns * Aligns Information Security Technology strategy and planning with First Horizon's business goals and objectives * Promotes the use of a shared infrastructure and application roadmap to reduce costs and improve how assets are secured * Builds and maintains technical trusted advisor relationships with influential technical decision makers within Technology * Works with engineers to ensure that technical solutions as delivered align with Information Security Standards and Policies * Works with Portfolio technology leaders to include IT Risk and Security Exception initiatives in portfolio roadmap * Manage Encryption Standards: key management, tokenization for payments, DLP/classification/handling; architect PCI DSS segmentation boundaries and compensating controls. * Manage Network/Zero Trust Standards: microsegmentation across Azure and colocation; secure branch/office connectivity; define workload identity and continuous verification patterns; enforce least privilege. * Detection/telemetry: Publish Splunk logging schema, retention, and correlation strategies; onboard logs from Azure, Colo, API Gateways, IAM, CyberArk, MFaaS, and core platforms; drive ATT&CK‑aligned detections and forensic readiness. * Secure SDLC and supply chain: Operationalize threat modeling; collaboratively define CI/CD control overlays with DevOps; establish artifact signing/SBOM standards; ensure secrets handling and container/Kubernetes baselines where applicable. * Governance and risk: Maintain control overlays mapped to FFIEC/GLBA/PCI/NIST; lead design reviews; manage exceptions with remediation timelines; produce audit-ready decision records in partnership with the CISO team. * Payments and third-party/SaaS: Define intake and security requirements for MFaaS, Salesforce, ServiceNow, FIS/Fiserv/Bottomline integrations-identity, logging, data handling, and PCI scoping. * Physical security integration: Align building access, video, and visitor systems with identity and logging patterns; coordinate incident playbooks with Corporate/Physical Security. * Enablement and influence: Mentor senior architects and engineering associates; lead communities of practice; communicate strategy, benefits, and trade-offs to executives and delivery teams. Requirements * Bachelor's degree in Computer Science, Management Information Systems, or related field * (12+) years of Information Security experience * (7+) years of Security Architecture * Experience in regulated financial services * Experience with Azure security architecture across multi-tenant/region and hybrid environments; strong Zero Trust and network segmentation expertise * Regulatory fluency: FFIEC, GLBA, PCI DSS; practical NIST CSF/800-53 mapping; MITRE ATT&CK‑aligned detection design. * Experience with technical documentation like interaction diagrams, process diagrams, network topologies and other architectural content * Experience with Agile/SAFe methodologies * Experience with Enterprise Architecture Governance: ARB/design councils, exception handling, and audit narratives; ability to set and harmonize enterprise standards. Certifications/Licensures * Strongly preferred: CISSP or CompTIA Security+ * Microsoft Azure Security Engineer or Azure Solutions Architect Expert * Preferred: CCSP; CISM or CRISC; SANS GCSA or GCLD; PCI Professional (PCIP) or equivalent GIAC enterprise defense/IR certifications Skills And Competencies * Ability to adapt to new technologies and learn quickly * Enterprise architectural leadership across identity, cloud, application, data, and network security. * IAM for associates (Entra ID, Active Directory) and clients (Transmit Security, ForgeRock/Ping, or Okta); OAuth/OIDC; phishing-resistant MFA/passkeys; PAM integration and privileged pathway design. * Integration Security: FAPI, OAuth2.0, FDX, mTLS, rate limiting, schema validation, abuse/bot mitigation, CIAM integration, OWASP, and high-quality telemetry to Splunk. * Secure SDLC and supply chain: threat modeling, pipeline security, artifact signing/SBOM, dependency hygiene, and secrets management. * Communication, influence, and enablement: ability to translate risk to business impact, drive adoption, and coach peers and engineers. * Ownership and execution: measurable risk reduction, pattern adoption, and cross‑team collaboration. About Us First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at ********************* Benefit Highlights * Medical with wellness incentives, dental, and vision * HSA with company match * Maternity and parental leave * Tuition reimbursement * Mentor program * 401(k) with 6% match * More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits Follow Us Facebook X formerly Twitter LinkedIn Instagram YouTube

Job Requirements & Qualifications: •Designs, put into practice, administers, and supports multiple information security platforms, systems, and applications. Supports a variety of technologies in a hands-on manner. •Performs internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies. (Examples include directory services, database platforms, client and server operating systems, programming languages, web services, firewalls, remote access technologies, messaging platforms, encryption solutions, wireless technologies, internally-hosted applications, externally-hosted applications, and cloud services). •Supports defined Company operating principles via effective, pragmatic information security controls. Analyzes, defines, implements, and administers efficient business processes related to information security programs. Represents the information security function through pragmatic consultation and participation in a defined SDLC. •Maintains knowledge of current and up-and-coming security, compliance, and technical developments. Identifies present and prospective future vulnerabilities and collaborates with suitable leaders to identify, recommend, and develop risk remediation plans, ad to track remediation outcomes and timelines. •Works with the information security management team to administer, maintain, and continuously improve HIPAA, PCI DSS, SOX, and internal controls compliance programs, investigate known or suspected security incidents, support internal and external audits, and assist in the development of appropriate audit response Management Action Plans. •Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements. •Uses project management best practices to initiate, manage, and close projects, often simultaneously across a variety of projects. Creates and maintains a variety of documents related to projects and information security. •Guide and cross-train junior department team members lead meetings construct and uphold strong partnerships with multiple departments coordinate vendor support engagements etc. Knowledge, Skills, and Abilities •Knowledgeable with and ability to apply time-proven, generally-accepted security management concepts, techniques, and methodologies. •Strong understanding of pragmatic implementation of information security controls, holistic defense-in-depth strategies, protocols used to interconnect networks, and publish application resources. •Strong, efficient written and verbal communication skills that enables effective communications to multiple audiences. •Ability to occasionally work unscheduled shifts and in an on-call capacity and be available for occasional travel (up to 25%). •Strong internal (security recommendations) and external (vendor support) negotiation skills. •Ability to influence and encourage others. •Strong understanding of PCI, HIPAA, and SOC regulatory requirements. •Development/analysis proficiency in one or more scripting languages. •Development/analysis proficiency in TSQL. •Capability to learn and preserve new skills required to adapt to growing business and technical environments. •Strong perceptive of present and emergent information security technologies and trends. Qualifications Work Experience and/or Education •Bachelor's and/or Master's degree in information security or computer information systems. •6+ years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives. •Active CISA, CISSP, or CISM certification. •Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AS400, PAN OS, AIX, Cisco IOS, etc.) enterprise services (e.g. directory services, email, web publishing, database, virtualization, etc.) content management, client-server, and collaboration, thin-client, and web-based applications enterprise applications (e.g. Lawson) cloud services (e.g. SaaS, IaaS, etc.) data storage, etc. •Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management. Additional Information

Network Security II (Boundary) at DLS Engineering (on-site) DLS Engineering is seeking a Network Security II (Boundary) professional for a full-time position in support of the Air Force Intranet Control (AFINC) support program at Gunter Annex in Montgomery, Alabama. This is an on-site position. As part of AFINC, the mission of the 26th Network Operations Squadron (26 NOS) is to provide mission assurance to the warfighter through the operation, management, and defense of the Department of Defense Information Network (DODIN). In the execution of its mission, the 26 NOS maintains network infrastructure, to include routers, switches, proxies, firewalls, servers, workstations, printers, Storage Area Networks (SAN) and test labs, to provide maneuverability and defense of both classified and unclassified networks. A day in the life: Install, monitor, configure, troubleshoot, upgrade, patch, harden, maintain, and operate intrusion detection/prevention systems, firewalls, load balancers, and web proxies to protect AFNet resources from both internal and external threats according to Department of Defense security standards Perform complex analytics on boundary protection systems to protect system assets from compromise, data loss, and other requirements. Perform Defense Cyberspace Operations (DCO) and DODIN operations. When I read the below it sounds like me: 5+ years of experience with Enterprise DOD boundary protection and CSSP operations. IAT-II Certification (required) Palo Alto: Network Security Professional OR Cisco Certified Network Administrator (CCNA) OR Palo Alto Networks Certified Network Security Administrator (PCNSA) Palo Alto Networks Certified Network Security Engineer (PCNSE) (preferred) Active Secret Clearance About DLS Engineering: DLS is an engineering firm with 30 years of Federal Government contracting experience. Our small business efficiencies coupled with a commitment to excellence allow us to provide reliable solutions with integrity for our nation's most critical defense and national security priorities. Other information: We offer a competitive salary and a 401k program with company match. We offer a comprehensive benefits package including health, vision, dental, life, and disability insurance. We offer a generous paid time off package. If accommodation is needed with the application and / or the interview process for applicants with disabilities, please contact Human Resources at ************. DLS is an E-Verify company. DLS is an equal employment opportunity employer. Qualified applicants will receive consideration without regard to age, race, religion, sex (pregnancy, sexual orientation, gender identity), national origin, or disability. We encourage all qualified applicants to apply. If you believe you have been discriminated against, please contact Barbara Ellison. You also have the right to file a charge of discrimination with the equal employment opportunity commission. Must be able pass a government background check, which will be completed before employment

Manager of Information Security Why VIVA HEALTH? VIVA HEALTH, part of the renowned University of Alabama at Birmingham (UAB) Health System, is a health maintenance organization providing quality, accessible health care. Our employees are a part of the communities they serve and proudly partner with members on their healthcare journeys. VIVA HEALTH has been recognized by Centers for Medicare & Medicaid Services (CMS) as a high-performing health plan and has been repeatedly ranked as one of the nation's Best Places to Work by Modern Healthcare. Benefits Comprehensive Health, Vision, and Dental Coverage 401(k) Savings Plan with company match and immediate vesting Paid Time Off (PTO) 9 Paid Holidays annually plus a Floating Holiday to use as you choose Tuition Assistance Flexible Spending Accounts Healthcare Reimbursement Account Paid Parental Leave Community Service Time Off Life Insurance and Disability Coverage Employee Wellness Program Training and Development Programs to develop new skills and reach career goals Employee Assistance Program See more about the benefits of working at Viva Health - ******************************************* Job Description The Manager of Information Security oversees and mentors a team of security engineers while remaining hands-on in designing, implementing, and monitoring security measures that safeguard the organization's digital assets. This individual will need a broad and strategic knowledge of principles, practices, and procedures in information security to plan, design, develop, execute, and support critical systems and projects. This role will lead the planning, design, enforcement, and audit of enterprise-wide security policies and procedures which safeguard the integrity of and access to enterprise systems, files, and data elements while actively engaging in tactical execution. This position will continuously assess, refine, and implement data security strategies proactively advising leadership with actionable risk assessments and security briefings. This individual evaluates and deploys emerging technologies, collaborates across IT Operations and Development, and strengthens organizational resilience by championing employee education, security culture, security best practice, and continuous improvement. This role drives value by balancing leadership responsibilities with direct technical contributions, ensuring scalable protection aligned with future business growth. Key Responsibilities Direct and actively contribute to day-to-day security operations. Perform hands on technical work in daily security operations while guiding team performance. Lead the development and enforcement of comprehensive, scalable security policies and frameworks. Recommend, implement, and optimize security protections across enterprise systems. Conduct and oversee vulnerability assessments, mitigation, and remediation strategies. Monitor and interpret threat intelligence using organizational tools. Research, identify, and deploy solutions that strengthen the organizations cyber defense posture. Detect, investigate, and resolve potential security breaches. Participate in the vetting and management of third-party vendors and business associates. Drive enterprise-wide risk assessments with quantifiable, business-aligned outcomes. REQUIRED QUALIFICATIONS: Bachelor's Degree in Information Systems or related field or equivalent work experience 7 years of I.T. environment experience with progressive responsibilities 3+ years management experience in I.T. Expertise in risk assessment tools, methodologies, and data-driven decision-making Proficiency of security platforms such as: endpoint detection and response (EDR), internet traffic for both onsite remote users, and intrusion prevention (IDS/IPS/DLP) Knowledge of databases (MSSQL/MongoDB/MySQL) Advanced skills in Azure cloud including Purview and Defender Hands on experience in penetration testing and vulnerability management Knowledge of firewall and intrusion detection/prevention protocols Proven ability to lead system administration and security across diverse environments (Windows, UNIX, Linux) Skilled in drafting, enforcing, and scaling security policies, standards, and procedures Strong communicator who can translate complex security risks into actionable business terms for executives Ability to read and use the results of mobile code, malicious code, and anti-virus software PREFERRED QUALIFICATIONS: CISSP, CISM, or equivalent advanced certifications Knowledge of disaster recovery, computer forensic tools, technologies, and methods Strong understanding of software development frameworks and code review Knowledge of virtualization technology

Job DescriptionEast Tennessee company is seeking an ISSO to join their growing team. This position requires candidates to currently have or can obtain a federal security clearance so US citizenship is required. This position will be required to work onsite in Oak Ridge Tennessee. Duties and Responsibilities:The ISSO is a primary stakeholder and facilitator of the continuous monitoring efforts that promote RMF compliance throughout the organization. The ISSO provides direction to IT and infrastructure support personnel on the application of security patches and secure configurations. Routine collaboration and consultation with the ISSM regarding the design, development, integration, and analysis of unclassified information systems. Under general supervision, the candidate is responsible for performing a full range of Information Assurance functions in support of the security needs of the ISSM.Primary Responsibilities: Provide assistance to the ISSM and CISO in the certification and accreditation (C&A) of systems/networks and implementation of cybersecurity requirements and procedures across the client site. Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures and as outlined in applicable System Security Plans (SSPs). Perform documented procedures for authorizing users to access information systems. Develop and maintain SSPs for system C&A. Manage Plans of Action and Milestones to closure for information systems under accreditation. Provide guidance on policies and controls to support appropriate levels of risk, facilitate risk tolerance discussions and decisions, and recommend controls based on industry standards and practices. Escalate questions/concerns/issues to more senior-level staff as required. Participate in internal/external compliance audits, reviews, self-assessments, assessments, and data calls. Identify, promote, and make recommendations for process improvements. Assist with annual self-inspections, system certification testing, periodic security testing, and functional testing on systems/networks. Ensure compliance of all network equipment with applicable DOE and ORNL requirements Other duties as assigned for support within the program. Basic Qualifications: Bachelor's degree with 5-7 years of relevant experience (ex. cybersecurity assessments, risk management, cybersecurity policy, and compliance, etc.). An equivalent combination of education and experience may be considered. Ability to obtain and maintain a DOE Q security clearance or equivalent is required. Strong analytical and organizational skills as well as problem solving capabilities to understand Cybersecurity risk and exposure (legal, regulatory violations, etc.) to ORNL. Demonstrated experience implementing compliance frameworks (NIST, etc) Excellent interpersonal, verbal, written, and presentation communication skills. Thorough understanding of industry standards and regulations including NIST 800-53, NIST Risk Management Framework, and NIST Cybersecurity Framework (CSF). Working knowledge of privacy regulations and impacts. Ability to work independently, meet deadlines, and uphold high ethical standards. Preferred Qualifications: Active DOE Q or TS security clearance or equivalent. Master's degree in information assurance or related field with 4-6 years of relevant experience working in an information security, information technology or information risk management related field. Cybersecurity certifications (CISSP, CISA, CISM, CRISC, CCSP, SSCP) and Incident Response Certification Privacy management, cybersecurity, evaluating security controls, identifying control gaps, and mitigating measures along with a strong understanding of business practices and technology concepts. Highly motivated individual with an enthusiasm for governance, risk and compliance who can communicate benefits and drive success. Demonstrated background in governance, risk, and compliance. Experience in obtaining Authority to Operate (ATO) for DOE government systems.

The Security Engineer is responsible for ensuring that technical and procedural security controls are established and maintained within the organization and complies with a variety of security requirements as well as industry best practices. The position works closely with the Information Security Officer, IS leadership, and team members to implement and maintain security and compliance across LBMC. The Security Engineer will assist in managing Security Systems such as various endpoints, network logging, monitoring, physical access methods, and preventive systems as needed. The Security Engineer must focus on continuous improvement of response capabilities through automation and critical thinking. The professional is responsible for scrutinizing malware, targeted attacks, and intrusion detection. The Security Engineer will identify, investigate, and respond to information security alerts. They play an active role in searching through datasets, alerts, and notifications to detect any threats and anomalies. The security engineer will help resolve any issues related to network perimeter and security infrastructure devices. They must help resolve Windows and other security vulnerabilities. The Security Engineer must be able to dissect network, host, memory, and other artifacts that are originating from multiple operating systems and applications. The engineer will perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the security engineer to develop alerting and detection strategies to investigate any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics. The Security professional must be involved in incident response and investigations. The Information Security Engineer may suggest tools and techniques to achieve security goals. The Security Engineer may perform well-researched security enhancement suggestions to the ISO which meet security standards that protect the organization from possible security breaches. Essential Responsibilities * Security Alerts: Review, respond, and remediate where applicable; * Vulnerability remediation (may also be tasked with vulnerability administration, enhancements, scans, and automation development opportunities); * Phish campaign monitoring and resolution; * Analyze security systems and seek improvements on a continuous basis; * Report possible threats or software issues; * Research weaknesses and determine ways to counter them; * Understand software, hardware, and internet needs while adjusting them according to our business environment; * Assist fellow employees with cybersecurity, software, hardware, or IT needs; * Carry out and support information security plans and policies; * Respond to, investigate, and assist in recovery efforts related to a security breach; * Assist in Security Awareness training development and support; * Troubleshoot security and network problems; * Ensure the organization's data and infrastructure are protected by enabling and/or recommending appropriate security controls; * Participate and follow the change management process; * Daily administrative tasks, reporting, and communication within Information Security as well as relevant departments within the organization, as needed or directed; * Administer, configure, and troubleshoot security infrastructure devices such as Varonis; * Test new software and firmware, as needed or directed. Operational Management * Work closely with IS Engineering, Security Engineers/Analysts, and other IS departments on corporate technology development to fully secure information, computer, network, and processing systems; * Recommend and implement changes, where appropriate, related to security policies and practices in accordance with changes in local and federal law; * Creatively provide resolution to security issues/problems in a cost-effective manner; * Collaborate with the Information Security Officer to establish and maintain systems for ensuring security and privacy policies are met. * Other security responsibilities as directed by the Information Security Officer Other Qualifications * Minimum of 1 - 3 years progressive experience in Cybersecurity technology development/engineering, with an emphasis on cybersecurity technology installations projects, administration, development, support, and related security tools/technology implementations; * Position requires a 4-year degree in Information Systems, Computer Science, Information Security or similar. An equivalent combination of education and experience will be considered; * For those not meeting the minimum education, additional work-related experience will be deemed equivalent; * CISSP or related certification is an advantage; * Strong knowledge of core IT and Security infrastructures including Active Directory, Azure AD, Microsoft Windows security controls, SIEM, AV/EDR [specifically Microsoft o365/E5], IPS, PIM, PAM, IAM, Certificate Management, vulnerability scanners, etc.; * Working knowledge and experience in the following areas: * Cloud computing security in Azure/Windows environments, security controls, security capabilities identification; * Experience in working on Microsoft products and can learn new systems quickly; * Experience with Nessus, Sentinel, Log Analytics, M365 Security stack, penetration testing, security patching, AppLocker, etc.; * Strong verbal and written communication skills required; * Must be able to handle multiple, simultaneous tasks effectively and efficiently while maintaining a professional, courteous manner; * Must be able to work well with others; * Must be detail oriented and organized; * High integrity, including maintenance of confidential information; * Must be able to exercise good judgement and positively influence others, including handling confrontations/conflict with poise and efficiency; * Focus on continuously improving skillset to meet security changes and challenges; * Based on business need, ability to work a flexible schedule, including some evenings and weekends as approved in advance or as required to support a security issue; * Regular and reliable attendance required.

Seneca Global Services, LLC is part of the Seneca Nation Group (SNG) portfolio of companies. SNG is Seneca Holdings' federal government contracting business that meets mission-critical needs of federal civilian, defense, and intelligence community customers. Our portfolio comprises multiple subsidiaries that participate in the Small Business Administration 8(a) program. To learn more about SNG, visit the website and follow us on LinkedIn. At Seneca, our team of talented individuals is what makes us successful. To support our team, we provide a balanced mix of benefits and programs. Your total rewards package includes competitive pay, benefits, and perks, flexible work-life balance, professional development opportunities, and performance and recognition programs. We offer a comprehensive benefits package that includes medical, dental, vision, life, and disability, voluntary benefit programs (critical illness, hospital, and accident), health savings and flexible spending accounts, and retirement 401K plan. One of our fundamental principles at Seneca Holdings is to offer competitive health and welfare benefits to our team members, providing coverage and care for you and your family. Full-time employees working at least 30 hours a week on a regular basis are eligible to participate in our benefits and paid leave programs. We pride ourselves on our collaborative work environment and culture, which embraces our mission of providing financial and non-financial benefits back to the members of the Seneca Nation. Seneca Global Services, LLC seeks a highly motivated Information Systems Security Officer (ISSO) to join our technical team supporting the National Cyber Range Complex (NCRC). The NCRC plays a critical role in enhancing the resilience of DoD systems and the effectiveness of U.S. cyber operations by delivering full-spectrum test and evaluation, workforce training, and mission rehearsal events. As the NCRC continues to evolve as a best-of-breed cyber range, the ISSO will contribute directly to ensuring secure facilities, tools, and expertise for some of the most demanding test, training, and mission rehearsal requirements in the Department of Defense. As a key member of the cybersecurity team, the ISSO will act as a security liaison across multiple domains-including physical, personnel, information, cyber, operations, Anti-Terrorism/Force Protection, law enforcement, communications, and technical security-while working closely with the Information Systems Security Manager (ISSM) to ensure compliance, readiness, and secure mission execution. Responsibilities include, but are not limited to: Provide direct support to the ISSM on activities such as Assessment & Authorization (A&A), execution of Continuous Monitoring Plans, and facilitation of Security Controls Assessments. Administer and monitor Risk Management Framework (RMF) steps and activities throughout the system lifecycle to maintain an appropriate security posture. Implement cybersecurity programs, policies, and procedures for assigned systems. Maintain working knowledge of current and upcoming events, system functions, policies, safeguards, and security measures. Serve as a subject matter expert in RMF core concepts and processes. Coordinate with applicable stakeholders across the enterprise to ensure security compliance and readiness. Maintain Authorization to Operate (ATO) packages for assigned systems within the designated A&A System of Record (e.g., eMASS, XACTA 360, Keystone). Review and analyze audit logs (e.g., Splunk, Windows EVTX, Linux syslogs) to detect potential anomalies or threats. Perform validation checks to ensure CM-approved software and antivirus definitions are installed on assigned systems. Conduct compliance/vulnerability scans and manual checks to identify and mitigate risks. Execute ISSO-specific tasks as outlined in program security plans. Deliver cybersecurity education, training, and awareness to system users as required by the ISSM. Basic Qualifications: Active Top Secret clearance with SCI eligibility. Bachelor's degree in Cybersecurity, Information Systems, or related discipline, and/or 8+ years of relevant experience (additional experience may substitute for degree). Minimum of 5 years of extensive experience in cybersecurity, information assurance, and RMF processes. DoDD 8140.01 IAT Level II certification or higher. At least 2 years of experience conducting IT application, system, or network reviews and providing DoD cybersecurity policy and technical guidance. Desired Skills: Certifications aligned to DoDM 8140.03 / DoD Cyberspace Workforce Framework. Familiarity or background with some of the following technologies: CISCO equipment (routing and switching technologies) Zero-trust requirements VMWare (vSphere, vCenter, NSX, ESXi) RHEL (Ansible, Kubernetes, StackRox, OpenShift) AWS / Azure cloud technologies and containerization F5 BIG-IP, Cisco networking, and distributed technologies STIG and IAVA implementation NetApp storage technologies Dell Blade Servers Equal Opportunity Statement: Seneca Holdings provides equal employment opportunities to all employees and applicants without regard to race, color, religion, sex/gender, sexual orientation, national origin, age, disability, marital status, genetic information and/or predisposing genetic characteristics, victim of domestic violence status, veteran status, or other protected class status. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leave of absence, compensation and training. The Company also prohibits retaliation against any employee who exercises his or her rights under applicable anti-discrimination laws. Notwithstanding the foregoing, the Company does give hiring preference to Seneca or Native individuals. Veterans with expertise in these areas are highly encouraged to apply.

Who We're Looking For (Position Overview):This role is critical in ensuring the security posture of mission-critical applications and infrastructure across multiple network enclaves (Unclassified, Secret, Top Secret). The ISSO will be responsible for developing, maintaining, and enforcing security policies, implementing cybersecurity controls, managing Authority to Operate (ATO) documentation, and conducting continuous monitoring and risk assessments in compliance with FISMA, NIST, DOJ, and other federal mandates.What Your Day-To-Day Looks Like (Position Responsibilities): Serve as the principal cybersecurity advisor to system owners and stakeholders. Design, analyze, and test of information security systems, products, cloud architectures and cloud solutions. Provide recommendations and/or alternatives to mitigate impact of system security boundary changes as part of any potential re-architecting and/or re-design activities. Develop, implement, and evaluate security controls, measures, and frameworks in cloud-based systems to ensure data integrity, confidentiality, and availability. Perform risk analysis, vulnerability assessments, and security audits to identify and address potential weaknesses in cloud environments. Follow all appropriate security authorization process for requesting and maintaining an Authority to Operate (ATO). Responsible for ensuring operational security is maintained for assigned information systems. Ensure systems are operated, maintained, disposed of in accordance with security policies and practices. Perform Security Incident Reporting and Response. Coordinate with the Office of the Chief Information Officer (OCIO), Security Division, and others to provide documentation to the system Certification and Accreditation process. Ensure audits and reviews are responded to with accurate information. Perform system access control responsibilities. Participate in the change management process for assigned applications. Work with Product Owner, Product Manager, OCIO, Security Division, and other stakeholders to ensure security concerns are addressed during all phases of system lifecycle. Perform continuous system security monitoring. Implement and manage cloud-native and third-party security tools for monitoring, threat detection and vulnerability management. Act as a SME on Cloud Security while applying methods, standards, and approaches for ensuring the baseline security safeguards are appropriately implemented and documented. Provides reports to superiors regarding effectiveness of data security and makes recommendations for the adoption of new procedures. Draft and keep updated information security documentation to include System Security Plan, Information System Contingency Plan, Plan of Actions and Milestones (POA&M), Privacy Threat Assessment, Privacy Impact Assessment, and Configuration Management Plan. Responsible for ensuring the implementation and maintenance of annual security controls assessments. Assist with FISMA System audits as necessary. Leverage necessary vulnerability assessment and scanning tools including Nessus and ACSA to identify vulnerabilities, Splunk tools to monitor, detect and rectify misconfigurations. Working directly with development, platform, and infrastructure teams on security problems. What You Need to Succeed (Minimum Requirements): Top Secret (TS) Clearance with SCI eligibility. 3 - 5 years of experience required. Extensive experience with federal cybersecurity frameworks, including RMF, NIST 800-53, CNSS, and FISMA. Experience supporting cloud security in environments such as AWS GovCloud, C2S, SC2S, and Microsoft Azure. Analyze logs using Splunk and AWS tools. Hands-on experience with vulnerability assessment and configuration tools such as Nessus, ACSA, and Splunk. Work with GRC tools such as Xacta/JCAM Hold at least one of the following security certifications. Example: Security +, CGRC, CASP, CISSP Experience using Atlassian suite tools such as JIRA/CONFLUENCE Experience with Agile Methodologies/SAFe Expertise on Information Security Principles, processes and guidelines Able to obtain and maintain an Authority to Operate (ATO) for Information Systems. Experience with scanning tools such as Tenable Nessus Ability to work on multiple projects with various timelines, at times very short deadlines. Ideally, You Also Have (Preferred Qualifications): Certifications: CISSP, CISM, CAP, Security+, AWS Certified Security - Specialty, or other relevant certifications. Experience in a high-side or multi-enclave (U/S/TS) environment. Experience working with Agile development teams and CI/CD pipelines. Familiarity with Infrastructure as Code (IaC) and cloud configuration management tools (e.g., Terraform, Ansible). Familiarity with NIST 800-53 Rev. 5 #CJ

Neptune Technology Group Inc. is a technology company serving water utilities across North America. Since 1892, we have continually focused on the evolving needs of water utilities - revenue optimization, operational efficiencies, and improved customer service. With our portfolio of smart water meters, data collection systems and software, we make data actionable for our customers - so they can remain focused on the business of water. For additional information, please visit the company website at ****************** Senior Security Analyst Position Summary As a Senior Security Analyst, you will be a key member of Neptune's 24×7 Security Operations program, supporting incident response, SIEM management, and threat detection across a hybrid environment (on-prem, cloud, SaaS). You'll work closely with the SOC Manager to execute detection, response, and reporting processes that protect Neptune and meet compliance requirements. Responsibilities: Threat Detection & Monitoring * Monitor and analyze security alerts from SIEM and EDR platforms * Investigate anomalies and suspicious activity across endpoints, networks, and cloud environments * Maintain high-fidelity alerting and reduce false positives through tuning Incident Response & Management * Execute playbooks for triage, containment, and remediation of security incidents * Assist in forensic investigations and contribute to post-mortem reports * Participate in tabletop exercises and readiness drills SIEM & Security Logging * Maintain SIEM health and ensure reliable telemetry across all assets * Develop and refine detection rules and correlation logic * Support automation and orchestration workflows for incident handling Identity & Access Management * Monitor identity-related events for anomalies and privilege escalation attempts * Support IAM lifecycle processes and enforce least privilege principles Threat Intelligence & Modeling * Integrate threat intelligence feeds into detection workflows * Assist in threat modeling to identify potential attack paths Reporting & Metrics * Document incidents and provide timely updates to SOC Manager for reporting to parent company * Track and report operational metrics (MTTD, MTTR, alert volumes, etc.) Security Standards & Architecture * Apply secure-by-design principles in collaboration with engineering teams * Support zero trust initiatives and network segmentation projects Relevant Platforms (experience with several is expected): * SIEM/SecOps: e.g. Google SecOps (Chronicle) * EDR & Identity: e.g. CrowdStrike, Microsoft AD/Entra * Network Security: e.g. FortiGate NGFW, FortiSASE * Secure Browsing: e.g. Prisma * Patching & Config: e.g. Automox * Secrets Management: e.g. Keeper * Asset Management: e.g. Axonius, Cyclops * Email & Data Security: e.g. Mimecast, Microsoft Purview Minimum Qualifications: * Bachelor's degree (or equivalent experience) * 3+ years in Security Operations or Incident Response * Hands-on experience with SIEM, EDR, and threat detection * Familiarity with NIST, ISO, MITRE ATT&CK, and zero trust principles * Strong analytical and communication skills Preferred Qualifications: * Security certifications (e.g., GCIH, GCIA, CISSP) * Experience with cloud security (AWS, Azure, GCP) * Exposure to SOAR automation and scripting * Travel Requirements: Typically requires overnight travel less than 10% of the time. Travel Requirements: Typically requires overnight travel less than 10% of the time. Location: Duluth, GA, Tallassee, AL

DESE Research, Inc. is excited for the opportunity to add an Information Systems Security Officer to our existing team. If you feel like you have the skills and qualifications for this position, please apply now! Job Details: The successful candidate will oversee day-to-day information system security operations including auditing hardware, software implementations, and risk assessments. The candidate will upkeep, monitor, analyze, and respond to network and security events. The candidate will ensure configuration management for security relevant IS software, hardware, and firmware are maintained and documented. The candidate will implement Risk Management Framework (RMF) security controls utilizing DISA Security Technical Implementation Guides (STIGs). Required Qualifications: * An active DOD Secret clearance * 5-10 years of experience in cyber security engineering/analysis, supply chain risk management, logistics, product management, program protection planning, or system security engineering * Experience with IS auditing and investigations * Knowledgeable of operating system security requirements * Hands-on experience with industry-standard Information Assurance tools * Security+ Certification * CompTIA CySA+ certification Required Education Qualifications: Bachelor's Degree in Cyber Security, an Engineering Discipline, Logistics, or Supply Chain Desired Qualifications: * Overall knowledge of Information Systems Security and ISSO duties * Working knowledge of system administration and network administration * Working knowledge of classified defense contracts * DoD 8570 IAM Level II Certification Why employee's love working for DESE: At DESE, we are committed to creating a company that is known for its respect and care for employee's. We understand that happy employees are what keeps our business going and we strive to provide the best opportunities for each individual working on our team! Here are a few reasons you will love working here: * Competitive salaries * Annual performance bonuses * Robust 401k profit sharing plan * Competitive health, dental & vision insurance with affordable premiums * Flexible work schedules * Two different flexible spending account options * Company paid life insurance & Accidental Death & Dismemberment * Education reimbursement program * Personal leave for approved philanthropic activities * Vacation, Sick & Holiday leave * Opportunities for internal promotions * Employee referral incentive program * Rewards and gifts for service anniversaries Disability Accommodation for Applicants - DESE Research, Inc. is an Equal Employment Opportunity employer and provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in its job application procedures. If you have any difficulty using our online system and you need an accommodation due to a disability, you may use the following alternative email address or phone number to contact us about your interest in employment with us: ********************** or ************x123.

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All engineers are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates. About the Role As a Physical Security Systems Engineer at xAI, you'll design, implement, and maintain advanced security systems to safeguard our facilities, assets, and personnel. Working onsite in Memphis, Tennessee, you'll tackle complex challenges, leveraging your deep expertise in security technologies to strengthen our infrastructure at a fast-scaling company. Expect to dive into system optimization, ensure robust protection, and travel regularly to xAI sites to support our mission of accelerating human scientific discovery through AI. This is an in-person role based in Memphis, Tennessee, with regular travel required to all xAI sites. Responsibilities Develop detailed design plans for the installation of physical security systems including access control, surveillance cameras, intrusion detection, and alarm systems. Collaborate with InfoSec, IT and facility management teams to integrate security hardware with existing systems across locations. Manage health and configuration of security network infrastructure Regularly assess the performance of installed security systems and make necessary adjustments or upgrades. Conduct preventive maintenance to ensure all security equipment is in optimal working condition. Diagnose and resolve hardware issues promptly to minimize downtime and security risks. Keep detailed records of all service and maintenance activities. Participate in or lead security audits to identify vulnerabilities in physical security measures. Recommend and implement solutions to address identified security gaps. Liaise with vendors for procurement of security hardware, ensuring compliance with organizational standards and budget constraints. Manage relationships with external contractors for installation and maintenance services. Train security and facility staff on the use of new security systems. Ensure all security hardware installations meet local, state, and federal regulations. Maintain up-to-date documentation on system configurations, maintenance schedules, and security incident responses. Required Qualifications Minimum of 5 years in a role focused on physical security systems design. Proven experience with CCTV, access control, and intrusion detection systems. Experience using CAD software and reading architectural drawings Experience using Bluebeam software Preferred Qualifications Bachelor's degree in Electrical Engineering, Computer Science, or related field; or equivalent experience in security systems. Ability to interpret security objectives, develop project schedules and manage adherence to established timetables. Familiarity with Genetec software is a plus. Proficiency in hardware troubleshooting and system diagnostics. Experience configuring security and network architecture in integrated security systems. Familiarity with current security technology trends and innovations. Certifications such as CPP (Certified Protection Professional) or PSP (Physical Security Professional) are highly desirable. Excellent problem-solving abilities and attention to detail. Strong communication skills for effective collaboration with team members and stakeholders. Ability to work under pressure in a dynamic environment on highly condensed timelines. Regular sitting at a desk or computer for extended periods, typing and writing. Occasionally walking, around the facility and standing. xAI is an equal opportunity employer. California Consumer Privacy Act (CCPA) Notice