Security architect jobs in Springfield, OH

Job Posting Title: Cloud Security Engineer - SRE We are seeking a skilled and motivated Cloud Security Engineer - SRE to join our dynamic team. The ideal candidate will possess a strong technical background in systems administration, cloud computing, and infrastructure as code, with a particular focus on solution engineering/site reliability. This role will involve collaborating with cross-functional teams to enhance our security posture and streamline processes through automation. Technical Skills • Programming and Scripting: Strong proficiency in languages like Python, Go, Bash, or Ruby. SREs often need to write automation scripts and build tooling. • Systems Administration: Deep understanding of operating systems (Linux/Unix), file systems, processes, and system configurations. • Infrastructure as Code (IaC): Experience with IaC tools like Terraform, Ansible, or Chef to manage infrastructure. • Cloud Computing: Knowledge of cloud platforms such as AWS, Azure, or Google Cloud Platform, including services like EC2, S3, Kubernetes, and serverless functions. • Containers and Orchestration: Expertise in containerization (Docker) and container orchestration (Kubernetes, OpenShift). • Networking: Understanding of networking concepts, including DNS, firewalls, load balancing, and VPNs. • Monitoring and Observability: Experience with monitoring and observability tools like Prometheus, Grafana, Datadog, or New Relic. Ability to set up and maintain monitoring dashboards, alerts, and logs. • Continuous Integration/Continuous Deployment (CI/CD): Familiarity with CI/CD tools like Jenkins, GitLab CI, GitHub Actions, or CircleCI. • A strong understanding of HashiCorp Vault and Terraform will make you stand out. 2. Problem-Solving and Troubleshooting • Incident Management: Ability to manage and respond to incidents, perform root cause analysis, and implement post-mortem reviews. • Automation: Focus on automating repetitive tasks to improve efficiency and reduce human error. • Performance Tuning: Skills in identifying and resolving performance bottlenecks in systems and applications. 3. Collaboration and Communication • Teamwork: Ability to work closely with cross-functional teams, including software engineers, product managers, and DevOps teams. • Documentation: Skill in creating clear and comprehensive documentation for systems, processes, and incident reports. • Communication: Effective communication skills for interacting with stakeholders and explaining technical concepts to non-technical audiences. 4. Reliability and Scalability • Service-Level Objectives (SLOs) and Service-Level Agreements (SLAs): Understanding of setting, monitoring, and maintaining SLOs and SLAs for system reliability. • Scalability: Knowledge of best practices for designing and scaling systems to handle increased loads and demands. • Redundancy and Resilience: Experience in designing systems with redundancy and fault tolerance to minimize downtime. 5. Security and Compliance • Security Best Practices: Understanding of security principles, such as access control, data encryption, and secure coding practices. • Compliance: Familiarity with compliance standards like GDPR, HIPAA, or PCI-DSS, depending on the industry. Minimum Job Qualifications: • Bachelor degree in business or equivalent work experience • 10 years of previous program leadership and/or relevant consulting experience • Knowledge of and demonstrated experience in program management framework, knowledge groups & life cycle • 5+ years' experience in driving large scale data center consolidation efforts • Minimum 5 years' experience with matrix management of cross-functional processes and teams • Proficient with Project Management tools

Design and implement advanced security architectures across cloud, on-prem, and hybrid environments while driving Zero Trust, SASE, and cloud-native security initiatives. Lead global strategic programs, network modernization efforts, and rapid tactical responses to critical incidents, converting gaps into standards and governance. Develop security reference architectures, HLD/LLD solution packages, and Infra-as-Code-driven delivery models aligned with enterprise transformation goals. Conduct threat modeling, risk assessments, and gap analysis across applications, infrastructure, APIs, containers, and third-party integrations. Implement cloud and DevSecOps security controls, integrating tooling into CI/CD pipelines and enforcing secure coding and IaC policies. Build security automation, SOAR playbooks, and SIEM integrations to streamline detection, vulnerability management, compliance, and response workflows. Enhance detection engineering through custom rules, behavioral analytics, log enrichment, and purple-team/adversary emulation exercises. Provide cross-functional leadership for initiatives involving cloud migration, AI/ML, M&A, and digital modernization, presenting strategies and risk posture to executive stakeholders.

What Makes a Honda, is Who makes a Honda Honda has a clear vision for the future, and it's a joyful one. We are looking for individuals with the skills, courage, persistence, and dreams that will help us reach our future-focused goals. At our core is innovation. Honda is constantly innovating and developing solutions to drive our business with record success. We strive to be a company that serves as a source of “power” that supports people around the world who are trying to do things based on their own initiative and that helps people expand their own potential. To this end, Honda strives to realize “the joy and freedom of mobility” by developing new technologies and an innovative approach to achieve a “zero environmental footprint.” We are looking for qualified individuals with diverse backgrounds, experiences, continuous improvement values, and a strong work ethic to join our team. If your goals and values align with Honda's, we want you to join our team to Bring the Future! The Honda Development and Manufacturing Production Engineering team is responsible for the operational technology security of the manufacturing environment. The OT Security Cyber Prevention Engineer works across multiple technical and business areas to develop, implement, and maintain procedures, standards, and controls to prevent the risk or impact of a cyber incident. The scope of this function covers manufacturing equipment hardware/firmware/ software, OT enterprise systems, data analysis and reporting, and collaboration with IT/business users to ensure secure operation across all HDMA locations and equipment. New equipment introduction - set OT standards for new equipment, integrate equipment into the OT network, confirm vulnerabilities, perform risk assessments, and visibility of equipment within the asset management system. Training - support the creation, administration and maintenance of OT specific training material. Policies/procedures/auditing - create, issue, maintain, and audit OT specific policies and procedures. Access control (physical + logical) - set and implement technical standards for equipment level physical access and control access to OT related systems and equipment. OT standard creation - support the development, implementation, and maintenance of technical standards for the OT equipment and networks Risk metric management/assessments - establish company OT risk metrics and corresponding assessments to determine OT risk, perform risk assessments, and establish tools for visibility and reporting. Sensing/industry benchmarking - research technical and business OT security industry benchmarks and generate recommendations for adjustments to internal tools or practices to stay in alignment. What differentiates Honda and makes us an employer of choice? Total Rewards: Competitive Base Salary (pay will be based on several variables that include, but not limited to geographic location, work experience, etc.) Regional Bonus (when applicable) Manager Lease Car Program (No Cost - Car, Maintenance, and Insurance included) Industry-leading Benefit Plans (Medical, Dental, Vision, Rx) Paid time off, including vacation, holidays, shutdown Company Paid Short-Term and Long-Term Disability 401K Plan with company match + additional contribution Relocation assistance (if eligible) Career Growth: Advancement Opportunities Career Mobility Education Reimbursement for Continued learning Training and Development Programs Additional Offerings: Lifestyle Account Childcare Reimbursement Account Elder Care Support Tuition Assistance & Student Loan Repayment Wellbeing Program Community Service and Engagement Programs Product Programs Honda is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, veteran status, or any other protected factor.

As a Product Security architect, you will be performing security reviews and providing hands-on help to development teams to address security issues systematically. We're looking for passionate engineer who is able to consider business impact and risk to Oracle and its customers while dealing with any security issues. You will work a trusted partner with one or more SaaS product development teams, while simultaneously collaborating with your peers in evolving or creating new security patterns or standards to address any security issues/gaps in an efficient way. You will research the product security landscape and help steer product security architecture for solutions that will provide a competitive edge for Oracle SaaS. This position requires strong product security and application security experience. It will be highly valuable to have past experience in working in or with product development teams. **Responsibilities** **Key responsibilities:** + Evaluate existing and proposed SaaS Service architectures and perform security architecture reviews, threat modeling, risk assessment and provide guidance on mitigating the security risks. + Partner and collaborate with development teams for SaaS products and provide security expertise to product design conversations and implementation decisions. + Work with product teams and peers in security operations to analyze and triage security issues in production and deploy any mitigation such as WAF policies + Review and assess security posture and CVEs in third party libraries or products. + May perform source code review for vulnerability fixes by development teams. + Keep up to date on emerging threats and standards and translate into actionable guidance including but not limited to crypto, AI Security, Identity, Web security, multi-tenant deployment + Evolve security processes and integrate security architecture into SDLC leveraging AI and automation, as appropriate. + Engage in technical discussions, as needed and serve as a subject matter expert for security architecture and trusted advisor to executive leadership and key stakeholders. + Define and influence secure-by-design architecture standards, security patterns, and reference implementations for SaaS Services + May train and mentor team members **Qualifications:** + 7+ years of information security experience including product security, application security, security testing/offensive security, security tools and security architecture. + Experience in helping or leading a product security architecture and assurance effort in a large-scale IaaS/PaaS/SaaS Cloud Service Provider, or Fortune 500 company. + Expert knowledge of modern vulnerability types and threats including intelligence, discovery, mitigation, remediation, and root cause. + Understanding of security risks in AI based solutions including AI Agents, MCP, Generative AI and ML. + Hands-on experience with at-least one programming languages such as Java, Python. + Hands-on experience and knowledge of product development lifecycle in a large enterprise software company. + Understanding of industry standard frameworks such as OWASP, MITRE, NIST, PCI, FedRAMP, etc. + Ability to guide and engage individuals and development teams located across multiple geographies and or cultures. + Knowledge of Oracle Cloud Infrastructure or Oracle SaaS Services is a plus. + Excellent written and verbal communication skills, strong analytical and problem-solving skills. Disclaimer: **Certain US customer or client-facing roles may be required to comply with applicable requirements, such as immunization and occupational health mandates.** **Range and benefit information provided in this posting are specific to the stated locations only** US: Hiring Range in USD from: $96,800 to $251,600 per annum. May be eligible for bonus, equity, and compensation deferral. Oracle maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect Oracle's differing products, industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. Oracle US offers a comprehensive benefits package which includes the following: 1. Medical, dental, and vision insurance, including expert medical opinion 2. Short term disability and long term disability 3. Life insurance and AD&D 4. Supplemental life insurance (Employee/Spouse/Child) 5. Health care and dependent care Flexible Spending Accounts 6. Pre-tax commuter and parking benefits 7. 401(k) Savings and Investment Plan with company match 8. Paid time off: Flexible Vacation is provided to all eligible employees assigned to a salaried (non-overtime eligible) position. Accrued Vacation is provided to all other employees eligible for vacation benefits. For employees working at least 35 hours per week, the vacation accrual rate is 13 days annually for the first three years of employment and 18 days annually for subsequent years of employment. Vacation accrual is prorated for employees working between 20 and 34 hours per week. Employees working fewer than 20 hours per week are not eligible for vacation. 9. 11 paid holidays 10. Paid sick leave: 72 hours of paid sick leave upon date of hire. Refreshes each calendar year. Unused balance will carry over each year up to a maximum cap of 112 hours. 11. Paid parental leave 12. Adoption assistance 13. Employee Stock Purchase Plan 14. Financial planning and group legal 15. Voluntary benefits including auto, homeowner and pet insurance The role will generally accept applications for at least three calendar days from the posting date or as long as the job remains posted. Career Level - IC5 **About Us** As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's challenges. We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity. We know that true innovation starts when everyone is empowered to contribute. That's why we're committed to growing an inclusive workforce that promotes opportunities for all. Oracle careers open the door to global opportunities where work-life balance flourishes. We offer competitive benefits based on parity and consistency and support our people with flexible medical, life insurance, and retirement options. We also encourage employees to give back to their communities through our volunteer programs. We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by emailing accommodation-request_************* or by calling *************** in the United States. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

*****CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***** **To foster collaboration and team synergy, this position follows a hybrid model. Employees within a 50-mile radius of our Pittsburgh, Buffalo, or Camp Hill locations will be required to work from the office on Tuesdays, Wednesdays, and Thursdays.** Execute a process to develop a security architecture that processes information of various levels of sensitivity. The security architecture must be compliant with existing enterprise technical security control requirements models. Produce gap analysis documentation to identify any gaps between specific technical security requirements and the architecture of the system and provide detailed technical recommendations on appropriate mitigation measures. Advise and consult clients responsible for the architecture, design, implementation, and deployment of technical security controls on appropriate application of existing security services to solve their problems or enable new business opportunities. Research and evaluate new security technologies to be used as point solutions to gaps where the project is unable to take advantage of or needing greater functionality than reusable enterprise security services. The security architecture work will include network security, network defense, operating system security identity, authentication and authorization, data protection, application security, activity audit and monitoring, mobile computing security, and partner/vendor access to corporate systems/data. **ESSENTIAL RESPONSIBILITIES** + Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members. + Determine security requirements by evaluating business strategies and requirements; conducting system security and vulnerability analyses and risk assessments; identifying integration issues; preparing cost estimates. + Plan security systems by evaluating network and security technologies. + Implement security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures. + Enhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments. + May begin to provide leadership and mentoring in the areas of expertise and architecture to peers, developers, management and business users including technical expertise, coaching, and ad-hoc training. + Support assurance compliance to required standards, procedures, guidelines and processes. + Other duties as assigned or requested. **REQUIRED EDUCATION** + Bachelor's degree in Information Systems, Computer Science, Information Security, or Engineering, or relevant experience and/or education as determined by the company in lieu of bachelor's degree **PREFERRED EDUCATION** + Master's degree in Computer Science, Information Security or related field **EXPERIENCE** **_Minimum:_** + 5 - 7 years' experience architecting solutions + 5 - 7 years' experience in Information Security + Experience communicating with business partners **_Preferred:_** + 7 - 10 years' experience architecting solutions **SKILLS** + Business communication skills, both written and verbal and able to solve unconventional problems + Understanding of the TCP/IP protocol stack, application protocols such as SNMP, SMTP, DNS, and DHCP; IPSec and SSL VPNs; SSL/TLS protocol knowledge + Understanding of the information technology and information security industries, their current developments, trends, issues, and fundamental concepts + In-depth expertise in analyzing a wide spectrum of technical systems and services robustness and needs, and making practical recommendations to address them + Detailed knowledge of web, mobile, and client application security vulnerabilities, attack methods, and countermeasures + Experience with common information security management frameworks, such as HITRUST, ISO 27001, CobiT, ITIL + Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common protocols (RADIUS, LDAP, KERBEROS, SAML, etc.) + Participate in evaluations and recommend solutions to support enterprises security controls including: networking, firewalls, IDS/IPS, data loss prevention, application security, infrastructure security, and data security **REQUIRED LICENSURE** None **PREFERRED LICENSURE** Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), etc. **TRAVEL REQUIREMENT:** 0%- 25% **LANGUAGE REQUIREMENT (** **_other than English_** **)?** None **PHYSICAL, MENTAL DEMANDS AND WORKING CONDITIONS** ( _The physical, mental demands and working conditions described here are representative of those that must be met by an employee to successfully perform the essential function of their job. Reasonable accommodations will be made when necessary to enable individuals with disabilities to perform the essential duties of the position, to the extent that they do not cause undue hardship._ **_Position Type:_** Office-Based **_Office-Based Positions_** An employee in this position works in an office environment. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. Teaches/Trains others regularly Occasionally Travels regularly from the office to various work sites or from site-to-site Occasionally Works primarily out-of-the office selling products/services (Sales employees) Never Physical Work Site Required Yes **_Most On-The-Road Positions_** An employee in this position may work in a home or company office environment but is also frequently driving to and from various locations to perform the work off-site. The position frequently requires the employee to communicate effectively with others both inside and outside the workplace (e.g., in person, via telephone, via email). The employee must be able to understand, interpret and analyze data, solve problems, concentrate, and research, use available technological resources and systems (e.g., computers and computer programs), multi-task, prioritize, and meet multiple deadlines to complete essential tasks. The employee generally works in a fast-paced and frequently stressful environment, must attend work on a regular and reliable basis as well as adhere to all workplace policies, and may be called upon to work outside regular business hours. **_Non-Office-Based Positions_** An employee in this position is frequently required to move throughout the workplace, sit, stand and walk, use hands and fingers to hold objects, tools or controls, possess fine motor skills (e.g., to write and operate a computer or to steer transportation equipment), possess gross motor skills (e.g., to carry items), reach with hands and arms, climb stairs and ladders, balance, stoop, kneel crouch and crawl, communicate effectively, and talk and hear. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus. The employee must be able to work in a busy environment where decisions often must be made quickly, must attend work on a regular and reliable basis, must adhere to all workplace policies, and may be called upon to work outside regular business hours. This work occurs in a [example: warehouse, hospital or provider's office or mailroom]. Lifting: up to 10 pounds Does Not Apply Lifting: 10 to 25 pounds Does Not Apply Lifting: 25 to 50 pounds Does Not Apply **ADDITIONAL INFORMATION** **Changes Approved By:** Kathleen Thompson **_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._ **_Compliance Requirement:_** _This position adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies_ As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements. **Pay Range Minimum:** $78,900.00 **Pay Range Maximum:** $147,500.00 _Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._ Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at ***************************** California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J272809

Meta Security is looking for a threat intelligence investigator with extensive experience in investigating cyber threats with an intelligence-driven approach. You will be proactively responding to a broad set of security threats, as well as tracking actor groups with an interest or capability to target Meta and its employees. You will also be identifying the gaps in current detections and preventions by long-term intelligence tracking and research, and working with cross-functional stakeholders to improve Meta's security posture. You will help the team establish, lead and execute multi-year roadmaps that improve research efficiency and quality across the team, and drive improvements to stakeholder management across a broad range of intelligence requirements. **Required Skills:** Detection & Response Security Engineer, Threat Intelligence Responsibilities: 1. Influence and align the team's vision and strategy. Collaboratively prioritize and deliver specific multi-year roadmaps and projects 2. Build, cultivate, and maintain impactful relationships with intelligence stakeholders to identify and facilitate solutions to increase the impact of the team's work 3. Refine operational metrics, key performance indicators, and service level objectives to measure Intelligence research and services 4. Lead cross-functional projects to improve the security posture of Meta's infrastructure, such as red team operations, surface detection coverage expansion and vulnerability management discussions 5. Track threat clusters posing threats to Meta's infrastructure and employees, and identify, develop and implement countermeasures on our corporate network 6. Investigate, mitigate, and forecast emerging technical trends and communicate effectively with actionable suggestions to different types of audiences 7. Work closely with incident responders to provide useful and timely intelligence to enrich ongoing investigations 8. Improve the tooling of threat cluster tracking and intelligence data integration to existing systems **Minimum Qualifications:** Minimum Qualifications: 9. 8+ years threat intelligence experience 10. B.S. or M.S. in Computer Science or related field, or equivalent experience 11. Be a technical and process subject matter expert regarding Security Operations and Threat Intelligence services 12. Experience developing and delivering information on threats, incidents and program status for leadership 13. Expertise with campaign tracking techniques and converting tracking results to long term countermeasures 14. Expertise with threat modeling frameworks, such as Diamond Model or/and MITRE ATT&CK framework 15. Experience intelligence-driven hunting to spot suspicious activities in the network and identify potential risks 16. Proven track record of managing and executing on short term and long term projects 17. Ability to work with a team spanning multiple locations/time zones 18. Ability to prioritize and execute tasks with minimal direction or oversight 19. Ability to think critically and qualify assessments with solid communications skills 20. Coding or scripting experience in one or more scripting languages such as Python or PHP **Preferred Qualifications:** Preferred Qualifications: 21. Experience recruiting, building, and leading technical teams, including performance management 22. Experience close collaborating with incident responders on incident investigations 23. Experience in threat hunting including leveraging intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems 24. Familiarity with malware analysis or network traffic analysis 25. Familiarity with nation-state, sophisticated criminal, or supply chain threats 26. Familiarity with file-based or network-based rules and signatures for detection and tracking of complex threats, such as YARA or Snort 27. Experience in one or more query languages such as SQL 28. Experience authoring production code for threat intelligence tooling 29. Experience conducting large scale data analysis 30. Experience working across the broader security community **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

JobID: 210672620 JobSchedule: Full time JobShift: : Join one of the world's most influential companies and leverage your skills in cybersecurity to have a real impact on the financial industry. As a Lead Cybersecurity Architect at JPMorganChase within Cybersecurity and Technology Controls, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications on modern cloud-based technologies. As a core technical contributor, you are responsible for carrying out critical cybersecurity architecture solutions by identifying, creating, and communicating risk, mitigation options, and solutions across multiple technical areas within various business functions in support of project goals. Job responsibilities * Partnering with the Engineering & Architecture teams to integrate security controls into platforms e.g. AWS, Application architecture, AI Solutions, etc. * Creating and propagating (developing ) security design patterns to support building consistent and secure technology solutions * Assisting and guiding engineering teams in the secure development of infrastructure services and products * Ensure security considerations are delivered in compliance with firm wide technology controls from the start and throughout the Software Development Lifecycle. * Developing extensible security solutions aligned to the product strategy in future developments. * Conduct security assessments, threat modeling, and vulnerability assessments of products and features to identify and prioritize security risks. Required qualifications, capabilities, and skills * Formal training or certification and 5+ years 0f experience in Cybersecurity Architecture or related field. * Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls . Advanced in one or more programming languages * Proficiency in automation and continuous delivery methods . Proficiency in all aspects of the Software Development Life Cycle * Advanced understanding of agile methodologies such as continuous integration and delivery, application resiliency, and security * Demonstrated proficiency in software applications and technical processes within a technical discipline (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.) * Practical cloud native experience . Deep knowledge of one or more software and applications * Ability to evaluate current and emerging technologies to recommend the best solutions for the future state architecture * Experience effectively communicating with senior business leaders Preferred qualifications, capabilities, and skills * Proven experience in a product security role with a track record of driving security initiatives. Strong knowledge of secure software development practices and common vulnerabilities (e.g., OWASP Top Ten). * Experience with threat modeling, risk assessment, and vulnerability management. * Familiarity with security frameworks (e.g., NIST Cybersecurity Framework), ATTACK MITRE and industry regulations (e.g., GDPR, HIPAA) * Certifications such as CISSP, CISSP-ISSAP, AWS Solutions Architect Associate, etc. * Bachelor's or Master's degree in Computer Science, Information Security, or a related field (or equivalent work experience). #CTC

Come on board with an iconic financial institution and take your career to the next level. You have found the perfect place to thrive, develop, and make a real difference. As a Senior Principal Cybersecurity Architect at JPMorganChase within the Cybersecurity and Technology Controls line of business, you provide deep cybersecurity expertise and work across teams to identify, create, and communicate risk, mitigation options, and solutions. Leverage your deep cross-domain expertise to bring together talent that will consistently create solutions, processes, and reusable proof-of-concept models for cybersecurity while remaining at the forefront of best practices for cybersecurity policy and technological advances. Job responsibilities Advises and leads the cybersecurity strategy and development of multiple products, applications, and technologies across a portfolio Translates highly complex technical issues, trends, and approaches to leadership to drive the firm's innovation and enable leaders to make strategic, well-informed decisions about target state architecture Drives the adoption and implementation of new technical methods in cybersecurity in line with the latest product development methodologies Creates durable, reusable cybersecurity frameworks that improves velocity and quality of output across teams and functions Develops architectures that have applicability across businesses and functions Champions the firm's culture of diversity, opportunity, inclusion, and respect Required qualifications, capabilities, and skills 10+ years experience in cybersecurity architecture Practical experience delivering cybersecurity architecture that can be applied and reused across businesses, functions, and systems Fluent in one or more programming languages or applications Demonstrated prior experience influencing across functions and teams to deliver modern cybersecurity architecture Experience applying expertise and new methods to determine solutions for new and complex cybersecurity problems across various disciplines Extensive practical cloud native experience Ability to evaluate current and emerging technologies to recommend the best technology solutions or approach to achieve the future state cybersecurity architecture Experience leading a product as a Product Owner or Product Manager

Job Title: Cybersecurity Engineer Labor Category: Exempt Clearance Requirement: Secret - As required Salary: $130,000-$175,000 Travel Requirement: 25% At Tlingit Haida Tribal Business Corporation (THTBC), your work goes beyond the job description-it becomes part of a purpose-driven legacy. Our continuous commitment to growth directly contributes to the strength, resilience, and future of the communities we support. Our growth fuels programs, services, and lasting value for the Tribe, making every success a shared one. For over 35 years THTBC and its subsidiaries has delivered essential services to federal clients across the globe. Whether supporting logistics, information technology, cyber security, or facilities operations, we are united by a shared mission: to create meaningful economic opportunity and growth of the Tlingit & Haida Tribes of Alaska. Together We Grow - One Mission, One Team - With a Commitment to Serve Scope of Work: This position is in support of the sustainment and modification of the United States Air Force (USAF) Electronic Technical Information Management System (ETIMS) program. The primary purpose of this position is to support the ETIMS mission by ensuring all systems, applications, and processes comply with Department of Defense (DoD), Air Force (AF), and federal cybersecurity requirements. The role ensures cybersecurity requirements are integrated into information systems and components through deliberate security design, development, and configuration, in alignment with frameworks such as the Risk Management Framework (RMF) and NIST standards. Responsibilities: Serving as a subject matter expert in security architecture to include providing advice to Program Managers, Customer technical experts, and internal program teams. Ensure all products, deliverables, and activities align with Federal, CNSS, DoD, and AF cybersecurity policies, including: NIST SP 800-37, 800-53, 800-171 CNSSI 1253 DoD 8500-series and DoDI 8510.01 (RMF for DoD IT) AFI 17-series publications and DoD 8140 workforce requirements Integrate cybersecurity considerations into Continuous Integration/Continuous Deployment (CI/CD) methodologies and program management schedules. Identify, manage, verify, and trace security controls across the entire system lifecycle, ensuring alignment with Test & Evaluation (T&E) and overall risk management processes. Implement and document comprehensive cybersecurity assurance measures across all layers of the TCP/IP model (network, transport, application, data link, and physical). Develop and maintain RMF documentation and artifacts, including Security Plans, Vulnerability Assessments, and Test Results, to support system authorization. Ensure compliance with DoDI 8520.02 (PKI and PK Enabling) and DoDI 8520.03 (Identity Authentication), maintaining standardized encryption, digital signature, and authentication mechanisms. Deliver secure applications compliant with DISA STIGs and Cloud One cybersecurity requirements. Conduct static application security testing (SAST) using PMO-approved tools and maintain a Software Bill of Materials (SBOM) for each release (e.g., SPDX, CycloneDX, SWID). Apply secure coding standards (e.g., OWASP Top Ten, CERT) and ensure prompt remediation of vulnerabilities. Generate and provide cybersecurity testing reports, mapping findings to applicable STIG and Cloud One controls. Use automated tools and processes wherever practical, seeking PMO approval for any deviations. Perform other duties as assigned. Minimum Requirements: Seven (7) years of experience supporting DoD or Air Force cybersecurity programs. Compliant with DoDI 8140 Intermediate Level Certifications (Security+, CySA, CAP, CASP CE, CISM, CISSP or Associate) Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field. Strong knowledge of NIST RMF, DoD 8500-series, and DISA STIG compliance. Experience with SAST, SBOM tools, and secure software development practices. Experience supporting AF programs or Cloud One environments. Familiarity with CI/CD security integration and automated compliance tools. Advanced certification (e.g., CASP+, CCSP, or CISSP-ISSAP) preferred. Must be able to satisfactorily obtain and maintain a government security clearance as required by the contract. Must be able to maintain ability to access government worksite. Must possess and maintain a valid state driver's license and a safe driving record, in accordance with company policy, to operate vehicles or equipment as required for the position. Physical Demands / Work Environment: Ability to sit or stand for extended periods while working at a computer or desk. Frequent use of hands for typing, data entry, and handling paperwork. Must be able to work on-call, alternate, and extended shift schedules when necessary to meet the mission requirements, including weekends and holidays. All candidates must successfully complete pre-employment screening, which may include but is not limited to a criminal background check, motor vehicle record review, and a 5-panel drug test, in accordance with company policy and applicable laws. Benefits: We offer a flexible benefits package including medical, dental, and vision plans, TRICARE Supplemental, critical illness coverage, employee discounts, wellness seminars, company-paid life and short-term disability insurance, optional long-term disability, paid leave, a 401(k) plan, and identity theft protection to support your health and financial well-being. For represented positions, the benefits and leave offered will be as defined under the applicable Collective Bargaining Agreement. Equal Employment Opportunity: We are proud to be an equal opportunity employer and comply with all applicable federal, state, and local employment laws. All applicants will be considered for employment without regard to race, color, religion, creed, national origin, gender, gender identity, age, marital status, sexual orientation, veteran status, disability, pregnancy, parental status, or any other characteristic protected by law. Reasonable Accommodation: If you have a disability or medical condition and need reasonable accommodation, please inform the designated recruiter during the hiring process.

: Crown Equipment Corporation is a leading innovator in world-class forklift and material handling equipment and technology. As one of the world's largest lift truck manufacturers, we are committed to providing the customer with the safest, most efficient and ergonomic lift truck possible to lower their total cost of ownership. **Job Posting External** **Primary Responsibilities** + Define security architecture standards and blueprints for web, mobile, cloud, and Application Programming Interface (API)-based applications. + Review design documents and perform architecture risk assessments for new and existing applications. + Collaborate with DevOps, Engineering, and Infrastructure teams to ensure architectures align with secure design principles. + Integrate automated security testing/scanning tools (Static Application Security Testing (SAST), Software Composition Analysis (SCA)) into Continuous Integration (CI) or Continuous Delivery (CD) pipelines. + Define and enforce secure coding standards and practices across development teams. + Provide training and guidance to developers on secure development principles and vulnerability prevention. + Conduct threat modeling and attack surface reviews for high-risk or critical applications. + Identify potential security flaws and recommend mitigations early in development process. + Track and communicate technical risk to product managers, developers, and leadership teams. + Develop and maintain application security policies, baselines, and architecture frameworks. + Ensure application security practices align with regulations including General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI-DSS). + Support audit and compliance initiatives by providing documentation and evidence of secure development practices. **Minimum Qualifications** + Bachelor's degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience. _Non-degree considered if 12+ years of related experience along with a high school diploma or GED_ **Preferred Qualifications** + 5+ years in cybersecurity with at least 3 years in application security or secure software development experience. + Secure Software Development Life Cycle (SDLC) in development. Deep knowledge of Open Web Application Security Project (OWASP) Top 10, National Institute of Standards and Technology (NIST), and secure coding frameworks. + Experience with Securing Secrets and Service Accounts. + Experience with Web Application Firewall (WAF) implementation/support. + Familiarity with Identity and Access Management and cloud security practices (AWS, Azure). + Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CISSP), Certified Ethical Hacker (CEH) certified. + Familiarity with container security (Docker, Kubernetes). + Experience in Threat Modeling. + Understanding of authentication protocols (Open Authorization (OAuth) and Security Assertion Markup Language (SAML)). + Experience with DEVSECOPStools and container security tools. **Work Authorization:** Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future, are not eligible for hire. No agency calls please. **Compensation and Benefits:** Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and much more. EOE Veterans/Disabilities

Job Description Want to make an impact? I Am Boundless is hiring for an Information Systems Security Manager! Boundless is a non-profit organization specializing in assisting individuals with I/DD and has been serving Ohio for over 40 years. At I Am Boundless, we're on a mission to build a world that realizes the boundless potential of all people. Join our team, which shares a common passion and purpose in empowering our community. Benefits - Why Join Boundless? Financial & Retirement 401(k) Retirement Plan with 5% Employee Matching after Six Months of Employment - Immediately 100% Vested Annual Increases Paid Time Off 5 Weeks of Paid Time Off 8 Paid Holidays Health & Wellness Medical Insurance Free Dental & Vision Insurance Flexible Spending Account (FSA) Dependent Care Account (DCA) Life Insurance & Supplemental Life Insurance Disability Insurance Professional Support Tuition Discount Opportunities with Schools like Capella University & Franklin University A Qualified Employer for the Federal Public Service Loan Forgiveness (PSLF) Paid Training & Development Opportunities Perks & Discounts Employee Assistance Program (EAP) - Counseling, Therapy, Finance, Legal Discount Programs (Ex: Pet Insurance, Movie Tickets, Theme Parks, Costco Membership, etc.) Wellbeing Resources (Up to $50 off Health Insurance Premium Monthly) What You'll Do: As an Information Systems Security Manager, you'll play a meaningful role in the overall security posture of information systems within an organization. The ISSM ensures that systems comply with all applicable security policies, procedures, and standards, including those mandated by government regulations and cybersecurity strategy. This role involves managing security risk assessments, overseeing the implementation of security controls, and ensuring that systems maintain compliance with cybersecurity frameworks such as NIST, RMF, and others. The ISSM serves as the principal advisor on all matters involving the security of information systems and is a key player in the development and implementation of the organization's cybersecurity strategy. Minimum Qualifications: Bachelor's degree in computer science, systems engineering, or related field of study preferred or equivalent combination of education and progressive, related experience Minimum 3 years' experience in IT management position, managing technology projects, such as security standards and network infrastructure Minimum 8 years' experience in Information Technology Experience in healthcare, particularly in the field of Intellectual Development Disabilities (IDD) preferred Ability to explain technical problems to business users Professional certification preferred in one of more relevant areas (Certified Information Systems Security Professional (CISSP), Information Technology Infrastructure Library (ITIL), Certified in the Governance of Enterprise IT (CGEIT), Lean/Six Sigma, Project Management Professional (PMP), etc Valid driver's license and insurable driving record, if applicable. Ready to make a difference? Apply today and join a company where you can realize your Boundless potential! All candidates selected to undergo the pre-employment process will be required to complete a background check, drug screen, and health screen, as applicable for the role. We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law

Rea is a growing Top 100 business advisory & accounting firm providing our clients services in tax, accounting, and business consulting. We have a ‘People First' culture and we focus on our employees' well-being and professional development. With over 400 professionals and locations throughout Ohio, our firm has a culture that respects a work-life balance for our team. We also provide competitive compensation and a robust benefits plan. The Information Security Manager is responsible for overseeing and improving the firm's information security program to protect systems, data, and infrastructure. This role focuses on managing security risk, compliance, incident response, and continuous improvement of security posture. The Information Security Manager collaborates cross-functionally with IT and other business and practice areas to implement effective security controls and foster a culture of security awareness. Responsibilities Develop, implement, and maintain the firm's information security program and initiatives roadmap Develop, implement, maintain, and monitor security policies, procedures, and standards in alignment with industry best practices and regulatory requirements Conduct regular risk assessments, vulnerability scans, and security reviews to identify and mitigate potential threats and vulnerabilities Identify, build, and implement data protection processes and technologies Work with the firm's third-party service providers to help manage firm information security risk Coordinate the firm's incident response efforts, including investigation, documentation, communication, and post-incident analysis Evaluate and recommend security tools and technologies to enhance protection and visibility Manage the third-party risk program, including vendor security assessments and reviews Maintain compliance with applicable laws, regulations, and contractual obligations by leading audits, gap analyses, and remediation efforts Lead security awareness training initiatives and phishing simulations to educate employees and promote secure behavior Collaborate with IT teams to ensure secure configuration and management of systems, networks, and cloud environments Track, report, and present security metrics to leadership and stakeholders Serve as the internal subject matter expert on cybersecurity, privacy, and data protection Other duties as assigned Knowledge, Skills, and Abilities Expert-level understanding of information security risks and controls, including the zero-trust model Advanced knowledge of information security audit and assessment methodologies and best practices Expert-level knowledge of information security frameworks, risk management, and incident response Strong experience with security tools and platforms (e.g., vulnerability scanners, firewalls, endpoint protection) Strong understanding of security principles in cloud (e.g., Azure, AWS), on-prem, and hybrid environments Thorough understanding of compliance programs (e.g., SOC 2, HIPAA) Ability to stay current with emerging technologies and architectures Solid understanding of IT enterprise architecture in a security context Highly self-motivated Exceptional written, oral, interpersonal, and presentational skills Strong analytical and trouble-shooting abilities Keen attention to detail Ability to effectively prioritize and participate in simultaneous projects of moderate to high complexity Knowledge of analysis, requirements gathering, and industry best practices and tools Ability to effectively communicate between business and IT stakeholders Ability to use discretion and handle confidential information Requirements Post-secondary education in the field of computer science, information systems, networking, information security, or related discipline 5+ years of full-time work experience in cybersecurity, information security, or information technology preferred Preferred: CISSP, CISM, CISA, Security+ certification Benefits Rea offers a wide variety of benefits to help support our employees' health, wellness and financial goals. Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Holidays) Four (4) weeks PTO Twelve (12) paid holidays, of which three (3) are floating holidays Family Leave (Maternity, Paternity) Short Term & Long Term Disability Training & Development Wellness Resources Rea does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies without pre-approval from Rea's Talent team. Pre-approval is required before any external candidate can be submitted. Rea will not be responsible for fees related to unsolicited resumes and for candidates who are sent directly to our hiring managers.

Ready to be pushed beyond what you think you're capable of? At Coinbase, our mission is to increase economic freedom in the world. It's a massive, ambitious opportunity that demands the best of us, every day, as we build the emerging onchain platform - and with it, the future global financial system. To achieve our mission, we're seeking a very specific candidate. We want someone who is passionate about our mission and who believes in the power of crypto and blockchain technology to update the financial system. We want someone who is eager to leave their mark on the world, who relishes the pressure and privilege of working with high caliber colleagues, and who actively seeks feedback to keep leveling up. We want someone who will run towards, not away from, solving the company's hardest problems. Our ******************************** is intense and isn't for everyone. But if you want to build the future alongside others who excel in their disciplines and expect the same from you, there's no better place to be. While many roles at Coinbase are remote-first, we are not remote-only. In-person participation is required throughout the year. Team and company-wide offsites are held multiple times annually to foster collaboration, connection, and alignment. Attendance is expected and fully supported. The Application Security organization at Coinbase is seeking to hire an experienced Offensive Security Engineer specializing in Web3 penetration testing and Web3 bug bounty program management and optimization. In this role, you will collaborate with the Bug Bounty Program Lead to drive Web3 bug bounty triage, validation, and strategic initiatives aimed at increasing program efficiency, maturity, and hacker engagement. You will work closely with whitehat hackers, security engineers, and cross-functional teams to enhance Coinbase's security posture through an effective bug bounty program. Additionally, you will perform penetration tests on Web3 technologies and applications, ensuring the security of Coinbase's blockchain-based products and services. *What you'll be doing (ie. job duties):* * Conduct security assessments of Web3 products and services, including smart contracts, DeFi protocols, and blockchain infrastructure. * Collaborate with partner teams to enhance detection and response capabilities for Web3 vulnerabilities. * Stay informed on emerging security trends, advisories, and academic research in the Web3 space. * Lead Web3 bug bounty triage and validation, ensuring timely and accurate assessments of reported vulnerabilities. * Develop and implement strategies to incentivize high-quality bug bounty submissions and engage with the hacker community. * Manage the Web3 bug bounty program, including scope updates, researcher communication, and payout disbursements. * Analyze bug bounty data to identify trends, common vulnerabilities, and areas for improvement. * Collaborate with engineering teams to prioritize and remediate vulnerabilities identified through the bug bounty program. * Mentor and train junior security engineers in Web3 bug bounty triage and analysis. * Provide on-call support for critical Web3 bug bounty-related incidents. * Document and report on Web3 bug bounty metrics and program effectiveness. *What we look for in you (ie. job requirements):* * Bachelor's or Master's degree in Computer Science, Cybersecurity, Software Engineering, or a related field. * 3+ years of experience in Web3 application security and penetration testing. * Proven track record of identifying critical vulnerabilities across the blockchain protocol stack, Web2, and Web3 components. * Extensive knowledge of the blockchain ecosystem, including L1/L2 networks, DeFi protocols, and staking mechanisms. * Deep understanding of Web2 security concepts and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). * Strong analytical skills to identify trends and patterns in vulnerabilities. * Excellent communication skills for engaging with internal teams. * Passion for security and a drive to improve Web3 security posture. * Ability to work independently and take ownership of penetration testing initiatives. * Energy and self-drive for continuous learning in the rapidly evolving crypto space. * Excellence in clear, direct, and kind communication with technical and non-technical stakeholders. * Experience building relationships with product, engineering, and security teams. *Nice to haves:* * Participation in CTFs, bug bounty programs, or open-source security research. * Expertise in Application Security, Network Security, or Cloud Security. * Relevant security certifications (e.g., OSCP, GPEN). * Experience developing and implementing security tooling to support bug bounty triage and analysis. * Experience with bug bounty programs and platforms, including triage, validation, and researcher communication. * Strong analytical skills to identify trends and patterns in bug bounty submissions. * Excellent communication skills to effectively engage with bug bounty researchers. Position ID: P69494 \#LI-remote *Pay Transparency Notice:* Depending on your work location, the target annual salary for this position can range as detailed below. Full time offers from Coinbase also include bonus eligibility + equity eligibility**+ benefits (including medical, dental, vision and 401(k)). Pay Range: $152,405-$179,300 USD Please be advised that each candidate may submit a maximum of four applications within any 30-day period. We encourage you to carefully evaluate how your skills and interests align with Coinbase's roles before applying. Commitment to Equal Opportunity Coinbase is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sex, gender expression or identity, sexual orientation or any other basis protected by applicable law. Coinbase will also consider for employment qualified applicants with criminal histories in a manner consistent with applicable federal, state and local law. For US applicants, you may view the *********************************************** in certain locations, as required by law. Coinbase is also committed to providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please contact us at accommodations*********************************** *Global Data Privacy Notice for Job Candidates and Applicants* Depending on your location, the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) may regulate the way we manage the data of job applicants. Our full notice outlining how data will be processed as part of the application procedure for applicable locations is available ********************************************************** By submitting your application, you are agreeing to our use and processing of your data as required. *AI Disclosure* For select roles, Coinbase is piloting an AI tool based on machine learning technologies to conduct initial screening interviews to qualified applicants. The tool simulates realistic interview scenarios and engages in dynamic conversation. A human recruiter will review your interview responses, provided in the form of a voice recording and/or transcript, to assess them against the qualifications and characteristics outlined in the job description. For select roles, Coinbase is also piloting an AI interview intelligence platform to transcribe and summarize interview notes, allowing our interviewers to fully focus on you as the candidate. *The above pilots are for testing purposes and Coinbase will not use AI to make decisions impacting employment*. To request a reasonable accommodation due to disability, please contact accommodations[at]coinbase.com

Network Security Architect - (04W0S) Description At Bath & Body Works, everyone belongs. We are committed to creating a culture of belonging focused on delivering exceptional fragrances and experiences to our customers. We focus on recruiting, retaining, and advancing top talent. In addition, we work to improve our communities and our planet to help the world live more fully. The Network Security Architect ensures the design and implementation of secure network solutions across on-premises, cloud, and hybrid environments. This role will ensure IT security guidelines are coordinated across network infrastructure-including firewalls, WAFs, VPNs, DNS, ASGs/NSGs, SASE, and Zero Trust components-while serving as a strategic advisor in cross-functional projects and architecture review spanning business operations and omni-channel initiatives. The architect will collaborate with Cybersecurity, Infrastructure, Networking, Software/Web Development, and Incident Response teams to protect the organization against evolving threats, support business agility, and maintain compliance with regulatory frameworks. ResponsibilitiesDesign and assist with implementation of secure network architectures across enterprise environments, incorporating Zero Trust, micro-segmentation, and modern security frameworks (e. g. , NIST, PCI-DSS, SOX). Advise on security architecture across all technology projects, participating in project planning sessions and architecture reviews to ensure security is integrated from the design phase. Evaluate, recommend, and assist in deployment of network security technologies to enhance visibility, control, and threat protection. Develop, maintain, and support testing network security policies, diagrams, standards, and documentation to ensure clarity and compliance across teams. Validate data classification and review, design, assess data flow architecture. Partner with software engineering and web development teams to embed security into all network layers. Identify potential threats and associated protections, countermeasures and compensating controls associated with the initiative objectives and affected assets. Ensure data classification is identified and that appropriate controls are documented. Support audits and regulatory compliance by aligning network security strategies with business objectives and frameworks. Conduct threat modeling, vulnerability assessments, and testing to identify and mitigate risks. Review and approve configurations for network components including firewalls, VPN gateways, load balancers, SIEMs, and encryption tools. Mentor and guide junior engineers, contributing to career development and leveling discussions. Monitor global security developments and assess their impact on network security posture, especially in the retail sector. Engage as needed and based on technical expertise to support security incidents and breaches for all hands on deck situations. Qualifications 8+ years of experience in network security architecture, engineering, or administration in an enterprise environment. Advanced knowledge of network security design principles for firewalls, WAFs, VPNs, DNS, ZTNA, IDS/IPS, DLP, SWG, segmentation, and cloud security controls (ASGs/NSGs). Proficiency with security frameworks (NIST, ISO 17799, ITIL, CMMC, PCI-DSS, SOX, HIPAA, GDPR, CCPA, GLBA). Experience with SIEM, security orchestration/automation, DLP, network forensics, and cloud security (SaaS, IaaS, PaaS). Advanced understanding of network protocols, authentication, and continuous integration/deployment pipelines. Familiarity with scripting and/or query languages (KQL) a plus. Effective communication abilities, adept at simplifying intricate technical ideas for both technical and non-technical customers. Ability to articulate and define network security strategy and roadmaps. Relevant certifications (e. g. , CISSP, CCSP, GSEC, GDSA, Network+, Palo Alto Networks, Cisco, SANS/GIAC) EducationBachelor's degree or equivalent experience in engineering, computer science, cybersecurity, or related field Core CompetenciesLead with Curiosity & HumilityBuild High Performing Teams for Today & TomorrowInfluence & Inspire with Vision & PurposeObserve, Engage & ConnectStrive to Achieve Operational ExcellenceDeliver Business ResultsBenefitsBath & Body Works associates are the heart of our business. That's why we're proud to offer benefits that empower you to Dream Bigger & Live Brighter. Benefits for eligible associates include: Robust medical, pharmacy, dental and vision coverage. Plus, access to our onsite wellness center and pharmacy located at the Columbus, OH home office. 401k with company match and Associate Stock Purchase with discount No-cost mental health and wellbeing support through our Employee Assistance Program (EAP) Opportunity for paid time off and paid parental leave. Plus, access to family and lifestyle programs including a family building benefit, childcare discounts, and home, auto and pet insurance. Tuition reimbursement and scholarship opportunities for post-secondary education programs40% merchandise discount and gratis that encourages you to come back to your senses!Visit bbwbenefits. com for more details. The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws. Please see links: Los Angeles Fair Chance In Hiring Ordinance, Philadelphia Fair Chance Law, San Francisco Fair Chance Ordinance. We are an equal opportunity action employer. We do not make employment decisions based on an individual's race, color, religion, gender, gender identity, national origin, citizenship, age, disability, sexual orientation, marital status, pregnancy, genetic information, protected veteran status or any other legally protected status, and we comply with all laws concerning nondiscriminatory employment practices. We are committed to providing reasonable accommodations for associates and job applicants with disabilities. Our management team is dedicated to ensuring fulfillment of this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, associate activities and general treatment during employment. We only hire individuals authorized for employment in the United States. Application window will close when all role(s) are filled. Primary Location: United States-Ohio-ColumbusWork Locations: L Brands Home Office. Three Limited Parkway Columbus 43230Job: IT SecurityOrganization: BBW Home OfficeSchedule: RegularShift: StandardEmployee Status: Individual ContributorJob Type: Full-time Job Level: Day JobJob Posting: Dec 11, 2025, 8:13:00 PMEmployee Referral Bonus: 2,500. 00 US Dollar (USD) Pay Transparency Locations: Refer to careers. bathandbodyworks. com for required wage information Refer a friend for this job Tell us about a friend who might be interested in this job. All privacy rights will be protected. Refer a friend

Radiance Technologies is an employee-owned company with benefits that are unmatched by most companies in the Dayton, OH area. Employee ownership, generous 401K, full health/dental/life/vision insurance benefits, educational reimbursement, competitive salaries, interesting assignments, and a pleasant work environment combine to make Radiance Technologies a great place to work and succeed. We are currently seeking an Information Systems Security Officer (ISSO). Responsibilities include, but are not limited to: Implementation of System Security Plans (SSP), Standard Operating Procedures (SOP), information security policies and the development of information system artifacts, as necessary, to ensure compliance with RMF guidelines. Overseeing the compliance of security settings for operating systems, to include Windows, Unix/Linux, etc. on classified information systems under his / her purview. Ensuring proper measures are taken when an information system incident or vulnerability is discovered. Managing and executing the information security continuous monitoring program. Ensuring configuration management policies and procedures for authorizing the use of hardware / software on an information system is followed and assess changes to the system, its environment, and operational needs that could affect the security authorization for an information system. Conduct risk assessments as required on systems/networks IAW DoD, NSA, DISA, DIA and other agency regulations and policies governing information systems security. Respond to information system incidents, perform initial evaluation of each incident, begin corrective measures, and report incidents to ISSM. Responsible for the auditing and monitoring of information systems to support program operations and required continuous monitoring activities. Maintaining required information security certifications (e.g., Sec+, CISSP, etc.) Experience implementing NISPOM Chapter 8, DAAPM, DoDM 8501.01, JAFAN 6/3, DCID 6/3, ICD 503, DAAPM and/or JSIG IS requirements. Required Experience: Experience with NISPOM, RMF, JSIG, and/or DAAPM certification and accreditation processes. Ability to perform technical certifications for systems being presented to the government for authorization. Excellent written and verbal communication skills and ability to effectively interface with numerous cognizant security agencies, customers, and senior management. Ability to manage multiple projects in a dynamic, demanding environment. Knowledge of other security disciplines and how they impact and interact with information system security. Minimum of a valid Secret clearance with in-scope Background Investigation Date Desired Skills: Bachelor's degree in IT/Cyber Security, Computer Science, or related field plus two (2) years of experience in developing and implementing Risk management Framework (RMF) policies and procedures. Active Security+ CE or equivalent DoD Directive 8570 / 8140 Information Assurance Management Level II or III certification. Previous experience working in an SAP / SCI / Collateral environment. Prior experience as ISSO, or DoD equivalent at an organization of similar size and complexity. Understanding of networking concepts and cybersecurity related tools to include, Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG) and Security Content Automation Protocol (SCAP), and vulnerability scanners. EOE/Minorities/Females/Vet/Disabled

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

ARS is looking for an Information System Security Officer (ISSO). Our desire is to build a team of highly qualified professionals that will provide expertise in Cybersecurity, Cloud, and Systems Engineering, who will support the development and sustainment of unique secure enclaves at the edge, that provide enterprise services and cyber network defense capabilities to customers across the DoD. This team will provide engineering expertise using technologies such as ePO, Splunk, ACAS, Azure Automation, STIG/SCAP, and other enterprise capabilities. The ISSO will have an active role in monitoring a system and its environment of operation to include developing and updating a System Security Plan, managing and controlling changes to the system, and assessing the security impact. Why Work with us?  ​Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.   Responsibilities: Maintain the operational security posture of systems. Monitor systems and environments for security compliance. Develop and update System Security Plans (SSPs). Manage and control system changes and assess their security impact. Handle physical, personnel, and environmental security. Conduct incident response and security awareness training. Assist the ISSM and assume ISSM duties when necessary. Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM; Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package; Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard; Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS; Report all security-related incidents to the ISSM Conduct periodic reviews of information systems to ensure compliance with the security authorization package; Serve as member of the CCB, if designated by the ISSM; Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change; Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization; Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly; Ensure all IS security-related documentation is current and accessible to properly authorized individuals; and Ensure audit records are collected, reviewed, and documented (to include any anomalies). Participate in joint agile backlog planning and provide feedback to the software development team and infrastructure teams around high to medium risk items that require information system owner approval. Responsibilities: Advanced technical competency and experience in one or more of the following areas: Active Directory Domain Services, Active Directory Federated Services, Active Directory Certificate Services, Windows Server Update Services, ePO, Splunk, STIG/SCAP, YUM, ACAS Automation, and Azure Monitor / Log Analytics. Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard 5+ years related experience in SCI/SAP environments. Bachelor's degree in computer science, Engineering, Finance, Business, or related field 5-8 years demonstrated performance in related technology Top Secret w/ SCI eligibility Other duties as assigned All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

Job Title: Senior Security Operations Engineer Employment Type: Contract to Hire About the Role Join a highly collaborative, mission-driven technology team supporting critical statewide systems and users. This group is actively modernizing infrastructure, enhancing security posture, and delivering reliable IT services across a large enterprise environment. You'll step into a role where your expertise directly improves operational stability, cybersecurity resilience, and the technical experience of end users across the organization. If you enjoy meaningful work, hands-on engineering, and continuous learning, this environment is built for you. What You'll Do Lead and support enterprise-wide information security initiatives Implement, manage, and optimize security tools across the organization Remediate vulnerabilities and work closely with cross-functional IT teams Collaborate with other engineers to ensure operational excellence Develop configuration standards, runbooks, and documentation Provide escalation support for complex security and infrastructure issues Influence culture, engineering discipline, and continuous improvement Human Skills We Value Excellent communication skills - able to simplify complex topics Strong problem-solving instincts and high ownership Self-starter with initiative, curiosity, and follow-through Continuous learning mindset Collaborative approach - builds strong partnerships Advocates for modernization and security best practices Comfortable working with technical and business stakeholders Technical Skills & Experience Strong experience with enterprise networks, IDS/IPS, firewalls Expertise in NAC, identity management, authentication & access controls OS hardening experience (Windows, Linux, mobile endpoints) Vulnerability assessment & remediation Security log analysis and threat identification Incident detection, containment, and recovery SIEM configuration and monitoring Cloud security principles (Azure, AWS, or similar) Ability to build, document, and enforce security policies Preferred: CISSP, SSCP, or similar certifications Compensation & Benefits upon Conversion Salary Range: $100,000 - $120,000 (based on experience/interview) Comprehensive medical coverage Free dental, vision, and basic life insurance after eligibility period Vacation, personal, and sick leave 11 paid holidays per year Parental leave, disability leave, and bereavement leave Participation in OPERS with employer contributions Optional 457(b) deferred compensation plan Work Environment Collaborative culture with trust, autonomy, and flexibility Commitment to continuous learning and conference opportunities Business casual dress environment Modern, forward-thinking approach to technology and security Guiding Principles Prioritize reliability, uptime, and secure operations Act as trusted advisors to internal stakeholders Communicate openly and transparently Value teamwork, respect, and input from all contributors Maintain secure systems and protect data integrity Practice fiscally responsible decision-making We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or any other class protected by applicable law. We are proud to be an equal opportunity workplace. Note: At this time, we are not able to offer sponsorship or assume sponsorship for candidates who are not eligible to work in the United States.

Senior Security Operations Engineer (250008T2) Organization: Ohio Legislative Information SystemsAgency Contact Name and Information: Karen Burkey, ************************* Unposting Date: Dec 15, 2025, 11:59:00 PMWork Location: Riffe Tower 24 77 South High Street 24th Floor Columbus 43215Primary Location: United States of America-OHIO-Franklin County-Columbus Compensation: $100,000 - $120,000 annually Schedule: Full-time Work Hours: 8:00 am - 5:00 pm, M - FClassified Indicator: UnclassifiedUnion: Exempt from Union Primary Job Skill: CybersecurityTechnical Skills: Basic Documentation, Cloud computing, Information Technology, CybersecurityProfessional Skills: Adaptability, Attention to Detail, Collaboration, Creativity, Critical Thinking, Innovation, Problem Solving, Teamwork, Time ManagementPrimary Technology: Not Applicable Agency OverviewWHY JOIN LIS?When you join Legislative Information Systems (LIS), you'll be a part of a team working to make an impact serving our state by building and maintaining the IT infrastructure supporting legislative applications and legislative users. We're continuously modernizing our infrastructure and keeping pace with technological changes. Our team encourages continuous learning and career development for all positions.OUR MISSIONLIS serves the Ohio General Assembly and legislative agencies by providing operational efficiency, strategic planning, and innovation in a cost-effective manner for the implementation and advancement of technology across the legislature.COMPENSATIONSalary Range: $100,000 - $120,000 annually Dependent on experience and interview process WELLNESS BENEFITSAt LIS, we strive to offer competitive benefits that support you throughout your career with us so you can plan for today and the future. We offer a competitive state benefits package including: MEDICAL COVERAGEQuality, affordable, and competitive medical beneifts DENTAL, VISION, AND BASIC LIFE INSURANCEDental, vision, and basic life insurance premiums are free after completed eligibility period LEAVEPaid time off, including vacation, personal, and sick leave11 paid holidays per year Childbirth/Adoption leave Disability and bereavement leave OHIO PUBLIC EMPLOYEES RETIREMENT SYSTEMOPERS is the retirement system for State of Ohio employees. The employee contributes 10% of their salary toward their retirement. The employer contributes an amount equal to 14% of the employee's salary.DEFERRED COMPENSATIONThe Ohio Deferred Compensation program is a 457(b) voluntary retirement savings plan.Job DescriptionWORK ENVIRONMENTWhen you join our team, you'll experience the flexibility, autonomy, trust, and collaboration we believe creates a safe, innovative, and thriving environment. After all, we[re hiring you not only for the skills and experiences you possess today, but also where you'll grow tomorrow.Collaborative environment Continuous Learning + education and conference allocation Business casual dress code RESPONSIBILITIESYou'll primarily work with various information security-related technologies as we solve some of the biggest challenges facing the organizations we serve. You will be extected to approach technical decisions pragmatically to ensure the value of the work is the top priority. You'll demonstrate a strong aptitude for learning new skills as well as sharing and teaching your area of expertise. You'll plany an integral role in impacting team culture, practice, and engagement.Serve as lead for Legislature-wide information security initiatives Implement and operate security tools, working closely with Legislative IT teams to ensure timely remediation of vulnerabilities and exposures Collaborate with other LIS engineers to ensure operational excellence Create configuration and troubleshooting documentation Contribute to troubleshooting and technical support Why Work for the State of OhioAt the State of Ohio, we take care of the team that cares for Ohioans. We provide a variety of quality, competitive benefits to eligible full-time and part-time employees*. For a list of all the State of Ohio Benefits, visit our Total Rewards website! Our benefits package includes: Medical Coverage Free Dental, Vision and Basic Life Insurance premiums after completion of eligibility period Paid time off, including vacation, personal, sick leave and 11 paid holidays per year Childbirth, Adoption, and Foster Care leave Education and Development Opportunities (Employee Development Funds, Public Service Loan Forgiveness, and more) Public Retirement Systems (such as OPERS, STRS, SERS, and HPRS) & Optional Deferred Compensation (Ohio Deferred Compensation) *Benefits eligibility is dependent on a number of factors. The Agency Contact listed above will be able to provide specific benefits information for this position.QualificationsQUALIFICATIONSHuman Skills:Strong Communication Skills - written, verbal, listening, and questioning - ability to explain security concepts to both technical and non-technical audiences Problem Solver - understanding the problem, rather than just executing a task Self-starter, initiative, drive, willingness to engage in improving the team Continuous learning mindset - stay updated on the latest security risks and best practices Collaborative - building partnerships with LIS Engineering teams and Legislative agencies Passionate about advocating for improving security practices across the organization Able to work with business systems owners to identify critical assets, security posture Technical skills:Experience with enterprise networks, IDS/IPS, firewalls, and network security.NAC, identity management, authentication, and access management controls Implementing hardening techniques for Windows, Linux, and mobile devices Identifying, assessing, and mitigating vulnerabilities in applications and networks Analyzing security logs to identify malicious activity and potential threats Detecting, analyzing, containing, and recovering from security incidents Experience configuring and using SIEM solutions In-depth understanding of cloud security policies and implement them in an organization Ability to build security policies and implement them in an organization Certifications desired: CISSP or SSCPSupplemental InformationCULTUREOur Vision:LIS consistently provides information technology, strategic direction, and forward-thinking solutions that are vital to the smooth and efficient operation of Ohio's legislative processes serving the citizens of Ohio.Our Guiding Principles:The first responsibility of Legislative Information Systems (LIS) is to the legislative organizations we support. Our work is vital to the smooth and efficient operation of Ohio's governmental processes and to the State's citizens. We work efficiently while reducing risk to our comforters.We prioritize operations and service uptime, minimizing the impact of outages.Our customers consider LIS a trusted advisor and rely on us for knowledgeable assistance on all technical needs.We communicate openly and honestly to build trust and confidence. Our customers and peers understand what we are doing and how it will affect them.We know that our best work comes through teamwork. We show others respect. We invite and encourage input from anyone who can help us do our jobs more effectively and efficiently.Our systems and legislative data are maintained in a safe and secure manner to provide data integrity.We adhere to fiscally responsible principles in IT spending, ensuring the greatest value for taxpayer money.ADA StatementOhio is a Disability Inclusion State and strives to be a model employer of individuals with disabilities. The State of Ohio is committed to providing access and inclusion and reasonable accommodation in its services, activities, programs and employment opportunities in accordance with the Americans with Disabilities Act (ADA) and other applicable laws.Drug-Free WorkplaceThe State of Ohio is a drug-free workplace which prohibits the use of marijuana (recreational marijuana/non-medical cannabis). Please note, this position may be subject to additional restrictions pursuant to the State of Ohio Drug-Free Workplace Policy (HR-39), and as outlined in the posting.