Security architect jobs in Winston-Salem, NC - 31 jobs

Do your Best Work in Mooresville This position is based at our headquarters in Mooresville, North Carolina. Our corporate office is a space where you can collaborate and do your best work. Take a walk, grab a bite (or a cup of coffee), work out or get a check-up - we invest in you so you can find your inspiration. Your Impact The primary purpose of this role is to lead the implementation and ongoing delivery of information security tools and processes. This includes responsibility for creating, executing, and improving processes and procedures with limited direct guidance from more senior-level security associates. This role solves complex problems while creating and optimizing processes and often takes a lead role in implementing new services and technologies. This role requires a strong understanding of most tools and processes supported by the team, including many of the key integration points with other parts of technology, works mostly independently, and provides coaching and direction to more junior-level associates. As a Senior Analyst of Offensive Security, you will conduct advanced penetration tests and red team assessments across our applications, networks, and systems. You will collaborate with cross-functional teams to analyze security vulnerabilities and provide actionable recommendations for remediation. This role solves complex problems while creating and optimizing processes and often takes a lead role in implementing new services and technologies. What You Will Do Analyze data to detect trends, determine metrics, assess adherence to processes, and make recommendations. And present results to information security and business leaders and/or vendors. Serve as an escalation point and mentor for junior staff. Maintain an awareness of information security news and trends and research current technologies to assist in the development of new capabilities. Consolidate security-related findings, track OKRs, and present results to information security and business leaders and/or vendors. Translate and document business needs into technical requirements and solutions. Advise users and team members on the execution of processes, interpret standards and regulations, and assist with solutions. Design, develop, and maintain custom offensive tooling, including loaders, droppers, malware implants, in-memory execution frameworks, and covert initial access payloads across Windows, Linux, mac OS, and cloud-native platforms. Engineer advanced evasion techniques in code, such as syscall stealth, ntdll unhooking, memory laundering, behavioral model evasion, encrypted tasking channels, and dynamic API resolution to defeat modern AI-driven EDR/EDX systems. Plan and execute full-scope red team and adversary emulation engagements, targeting on-prem, cloud, and hybrid environments while maintaining strong operational security and stealth. Reverse engineer defensive mechanisms and modify offensive code to adapt to new detection models, platform protections, and telemetry changes-ensuring tooling remains effective across diverse modern environments. Create reusable internal offensive libraries, including process injection modules, PE/ELF parsing routines, shellcode loaders, encryption wrappers, and cloud identity attack primitives. Prototype, test, and validate new malware techniques in isolated research environments; document behaviors, measure detection surfaces, and integrate promising approaches into operational tooling. Manage and maintain resilient C2 infrastructures-including redirectors, covert channels, and multi-transport communication layers-to emulate sophisticated APT frameworks and tradecraft. Develop, enhance, and standardize offensive testing methodologies, ensuring alignment with current threat landscapes, evolving attacker TTPs, and industry-leading best practices (MITRE ATT&CK, NIST, etc.). Analyze engagement results and produce clear, actionable reporting, effectively communicating technical findings, attack paths, and remediation recommendations to both technical stakeholders and executive leadership. Promote a culture of collaboration, knowledge sharing, and continuous skill development within the offensive security team. Continuously research emerging threats, attack vectors, and defensive advancements, integrating relevant discoveries into future red team operations and tooling. Support improvements to security posture by contributing insights to security policy updates, defensive control enhancements, and incident response strategies based on observed weaknesses and real-world attack patterns Minimum Qualifications Bachelor's degree in computer science, computer information systems, engineering, business administration, cybersecurity, or related field, or equivalent years of experience in lieu of education requirement, if applicable 4 years of experience in information security 2-4 years of experience developing malware techniques and designing preventative measures. Preferred Skills/Education IT experience in the retail industry Hands-on experience on GRC applications & TPRM tools (e.g., Archer, LogicGate, SAP GRC, OneTrust, ProcessUnity, ServiceNow, BitSight, Prevalent, Black Kite, etc.) Experience with vulnerability identification & penetration testing tools Experience with vulnerability management in public/hybrid cloud environments. Experience with IAM technology implementation and operations (e.g., CA, SailPoint, OKTA, SSO, MFA, IGA, Microsoft AD) (specific to IAM role) Experience developing cybersecurity or information assurance policies, standards, awareness training, or equivalent issuances (specific to Security GRC role) Payment Card Industry Internal Security Assessor (PCI ISA) Certified in Risk and Information Systems Control (CRISC) Offensive Security Certified Professional (OSCP) GIAC Penetration Tester Certification (GPEN) Practical Network Penetration Tester (PNPT) eLearnSecurity Certified Professional Penetration Tester (eCPPT) Certified Third-Party Risk Professional (CTPRP) Certified Third Party Risk Assessor (CTPRA) CompTIA PenTest+ Certification Or other relevant information security certifications Where You'll Be Associates are required to relocate to the Charlotte region to foster collaboration and facilitate improved testing and support. Lowe's supports a Flex Office concept where in-person work is required three days per week at the Charlotte Tech Hub Most business meetings are planned around the Eastern time zone. About Lowe's Lowe's Companies, Inc. (NYSE: LOW) is a FORTUNE 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2024 sales of more than $83 billion, Lowe's operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing, improving community spaces, helping to develop the next generation of skilled trade experts, and providing disaster relief to communities in need. For more information, visit ************* Lowe's is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.

Locus is a nimble, experienced consulting team specializing in information security, cloud computing, networking, and infrastructure. We have extensive experience delivering technology solutions in the Network, Cloud, and Security arenas to some of the largest companies in the world. Candidates are treated like unique individuals, not a commodity, and our career experts are committed to understanding all aspects of a candidate's wants and needs in order to find the best possible fit. We are laser-focused on winning together and supporting both our internal team and clients alike for long-term shared success. We take a full-service approach with our process, understanding our clients and candidates needs to find the right fit from a skillset and a cultural perspective. People are at the cornerstone of what we do, and we'd love to hear from you. Locus is currently searching for an Information Security Engineer for our client. This is a full time perm exempt role. SUMMARY: Responsible for protecting the organization's computers, networks, and data against threats, such as security breaches, computer viruses, or attacks by cyber criminals. This position oversees the planning, development, coordination, implementation, and management of all Information Security functions and measures to regulate access and usage of Customer Information Systems in accordance with established company policies, standards and procedures. The Information Security Manager regularly interfaces with other department heads in matters pertaining to information security awareness and keeps abreast of changes in regulatory and compliance issues, which affect all phases of information security and Customer. This position is also responsible for administration of corporate Business Continuity Program. ESSENTIAL JOB FUNCTIONS: Develops Information Security (IS) architecture/designs, plans, controls, processes, standards, policies, and procedures to ensure alignment with IS standards and overall IS security strategy Develop, implement, and manage security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information Determines user requirements, plans projects, establishes priorities, and monitors progress Manages the evaluation and testing of hardware, firmware, and software for possible impact on systems security Maintains and monitors user access control for bank systems Coordinates with other managers to integrate IS project components with other projects including application delivery, network, server, and hosted solutions Manages and coordinates the enterprise Vendor Risk Management Program Manages and coordinates Corporate Business Continuity Program Communicate best practices and risks to Customer Perform a risk assessment of Customer's vulnerabilities in the cybersecurity landscape and develop Customer's risk appetite for Information Security Develop key risk indicators and dashboard metrics reporting to both the management team and the Board of Directors JOB REQUIREMENTS: Bachelor's Degree from an accredited university in the field of Audit, MIS, Computer Science or related field of study Prior Information Security experience at a Financial Services company Familiarity with Financial Services regulations Familiarity with Federal Financial Institution Examination Council (FFIEC) guidance Prior management experience Certified Secure Software Lifecycle Professional (CSSLP) and/or Certified Information Security Manager (CISM) certification KNOWLEDGE/SKILLS REQUIRED: Knowledge of financial services industry and all applicable regulations and industry standards Advanced ability to engineer security solutions Intermediate relationship management skills Intermediate knowledge of cybersecurity strategy management Advanced cybersecurity monitoring and reporting skills Advanced knowledge of security incident handling Advanced knowledge of security risk assessment methodologies Excellent customer service skills Strong verbal and written communication skills High level of attention to detail, with strong problem solving & organizational skills Ability to perform effectively in fast-paced environment PHYSICAL AND MENTAL QUALIFICATIONS: Standing, walking, bending and stooping required Must be able to sit at a desk for long periods of time and use a computer Must be able to occasionally move or lift up to 10 pounds May be asked to work supplemental hours periodically Limited travel required during and after business hours The above statements are intended to describe the general nature and level of work being performed by the incumbent assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and/or skills required of all personnel so classified. NOT A CONTRACT

Type: Contract Duration: 3 months Job description: • Conduct dynamic application security testing using both manual and automated testing tools. • Review test results from tools • Ensure that automated tests are completed successfully • Configure tools as required to be successful in evaluating VERA (Vendor remote access) applications • Identify and remove any false positives from automated testing tool reports • Triage & Disposition results and enforce a Bug Bar • Verify/validate defect fixes • Provide application security consulting SME Support to developers • Assist developers with understanding of security defects and risk • Assist in defining acceptable solution to fix defects • Communicate Security risk to ISCs and ORCs to document security issues and controls for security planning purposes • Help maintain Security Coding Standards and Bug Bar as required • Assist in the Development of standards as required • Provide training • Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities • Develop and review malicious use cases/threat models • Maintain a broad understanding of security technologies and products • Actively participate on improving the security culture and education throughout the organization Qualifications Required skills: • 5+ years of experience in security applications and systems • Minimum of 5 years of Information Security Engineer/Consultant experience with application penetration testing. • Minimum of 5 years of demonstrated experience with automated penetration tools • Minimum of 5 years of demonstrated experience with manual penetration testing tools • Demonstrated experience with creating and communication of reports regarding web application vulnerabilities to various level of personnel within a large organization Desired skills: • Advanced Information Security technical skills • Ability to manage complex issues and develop solutions • Excellent verbal and written communication skills • Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis • Knowledge and understanding of banking or financial services industry • Experience working in a large enterprise environment • Strong analytical skills with high attention to detail and accuracy • Knowledge and understanding of information security industry standards and government regulations • Ability to manage multiple and competing priorities • Ability to work with limited supervision • Ability to take on a high level of responsibility, initiative, and accountability • Good attention to detail and accuracy skills • Strong collaboration and partnering skills • Demonstrated experience developing and reviewing malicious use cases/threat models Job expectations • Ability to work weekends and holidays as needed or scheduled Candidate will be required to work onsite at certain facilities in these cities: MN-Minneapolis; AZ-Chandler; NC-Charlotte;NC-Winston Salem; CA - San Francisco Additional Information All your information will be kept confidential according to EEO guidelines. **Please let me know if you might someone to refer or if you are interested for the role. **Please reply with an updated copy of your resume and preferred time for a call. **You can call me back at ************ .

By joining Sedgwick, you'll be part of something truly meaningful. It's what our 33,000 colleagues do every day for people around the world who are facing the unexpected. We invite you to grow your career with us, experience our caring culture, and enjoy work-life balance. Here, there's no limit to what you can achieve. Newsweek Recognizes Sedgwick as America's Greatest Workplaces National Top Companies Certified as a Great Place to Work Fortune Best Workplaces in Financial Services & Insurance Security Engineer - Secure Software Development Security Engineer - Secure Software Development **PRIMARY PURPOSE OF THE ROLE:** To manage the implementation of security measures to protect company data, networks, and computer systems. To focus on executing security fundamentals for threat detection, investigation, and response efforts. **ARE YOU AN IDEAL CANDIDATE?** We are looking for enthusiastic candidates who thrive in a collaborative environment, who are driven to deliver great work, are customer-oriented and are naturally empathetic. **ESSENTIAL RESPONSIBLITIES MAY INCLUDE** + Engineers, implements and monitors security measures for the protection of computer systems, networks and information. + Identifies and defines system security requirements. + Designs computer security architecture and develops detailed cyber security designs. + Prepares and documents standard operating procedures and protocols. + Configures and troubleshoots security infrastructure devices. + Develops technical solutions and new security tools to assist in mitigating security vulnerabilities and automating repeatable tasks. + Leads IT groups and business units as necessary in troubleshooting compatibility issues between security tools and business or productivity programs. + Performs analysis of suspected malicious code and other software or programs and provides written or verbal analysis to management. + Analyzes client and customer needs as required and provides clear and concise reports to leadership. + Works closely with management on assigned projects from inception through implementation ensuring adequate internal communication and user involvement is maintained. **QUALIFICATIONS** Eight (8) years of encryption technologies/algorithms, digital forensics, network topologies, and access controls experience or equivalent combination of educated and experience required. **Skills & Knowledge** + Knowledge of TCP/IP services + Knowledge of audit and compliance + Knowledge of vulnerability management + Knowledge of penetration testing + Knowledge of various operating systems + Knowledge of desktop productivity software + Knowledge of Carbon Black Protection + Knowledge of Symantec Endpoint Protection and host data loss prevention + Knowledge of information technology security frameworks + Excellent oral and written communication skills, including presentation skills + PC literate, including Microsoft Office products + Analytical and interpretive skills + Strong organizational skills + Excellent interpersonal skills + Ability to create and complete comprehensive, accurate and constructive written reports + Ability to work in a team environment + Ability to meet or exceed Performance Competencies **Proficient in Snyk for Application Security:** Demonstrated expertise in integrating Snyk into CI/CD pipelines to proactively identify and remediate vulnerabilities in open-source dependencies, container images, and infrastructure as code. Skilled in leveraging Snyk's developer-first tools to maintain secure codebases, enforce security policies, and ensure compliance with industry standards. Experienced in configuring automated scans, interpreting results, and collaborating with development teams to implement effective remediation strategies, contributing to a robust DevSecOps culture. **TAKING CARE OF YOU** + Career development and promotional growth opportunities + A diverse and comprehensive benefits offering including medical, dental vision, 401K, PTO and more \#LI-TS1 Work environment requirements for entry-level opportunities include - Physical: Computer keyboarding Auditory/visual: Hearing, vision and talking Mental: Clear and conceptual thinking ability; excellent judgement and discretion; ability to meet deadlines Travels as required The statements contained in this document are intended to describe the general nature and level of work being performed by a colleague assigned to this description. They are not intended to constitute a comprehensive list of functions, duties, or local variances. Management retains the discretion to add or to change the duties of the position at any time. Sedgwick is an Equal Opportunity Employer and a Drug-Free Workplace. **If you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, consider applying for it anyway! Sedgwick is building a diverse, equitable, and inclusive workplace and recognizes that each person possesses a unique combination of skills, knowledge, and experience. You may be just the right candidate for this or other roles.** **Sedgwick is the world's leading risk and claims administration partner, which helps clients thrive by navigating the unexpected. The company's expertise, combined with the most advanced AI-enabled technology available, sets the standard for solutions in claims administration, loss adjusting, benefits administration, and product recall. With over 33,000 colleagues and 10,000 clients across 80 countries, Sedgwick provides unmatched perspective, caring that counts, and solutions for the rapidly changing and complex risk landscape. For more, see** **sedgwick.com**

Job DescriptionSummit Federal Services, LLC (SFS) with headquarters in Oakland, Maryland, is a fast growing woman owned Small Business and HUBZone company with an outstanding record of performance providing more effective and efficient acquisition, business process, training, IT, administrative and security services to multiple federal agencies. SFS/Merito is looking for a Information Systems Security Manager to spearhead their client organizations information security program. The ISSM will lead the development and implementation of security measures, ensuring compliance with industry regulations, frameworks, and company policies. The ideal candidate will bring expertise in cybersecurity, risk management, and information systems security compliance to protect the organization's critical assets Location: Winston-Salem, NC, hybrid (Remote for first 5 months then reports onsite) Job Type: Contract Reports To: Corporate Compliance Manager & Facility Security Officer Pay: Based on experience Key Responsibilities: • Lead the establishment and maintenance of classified networks and operating systems. • Develop and maintain technical documentation and security policies for IT equipment within open storage areas. • Determine technical Information Assurance (IA) requirements and conduct cyber risk assessments, including vulnerability analysis and implementation of mitigation solutions in alignment with RMF standards. • Author and manage security documentation for system authorization, continuous monitoring, and information systems lifecycle management (e.g., Authorization to Operate (ATO), System Security Plan (SSP), Plans of Action and Milestones (POAM). • Provide guidance and technical expertise in the creation of solutions for complex security problems, requiring deep knowledge of systems security. • Ensure that security controls are implemented effectively and continuously throughout the information systems lifecycle. • Utilize cybersecurity tools to provide ongoing security monitoring for infrastructure in accordance with Department of Defense (DoD) requirements. • Perform system audits, vulnerability risk assessments, and investigations into security incidents or violations related to information assurance. • Conduct regular training and awareness programs on cybersecurity best practices and risk mitigation strategies for all system users. • Other duties as required. Basic Qualifications: • U.S. Citizenship. • Active Secret Clearance. • Prior experience as an ISSM or ISSO, with strong familiarity in establishing classified networks and information systems. • Experience as a COMSEC Custodian and in handling security controls for classified information systems. • Proficiency in cybersecurity frameworks and risk management practices, including the Risk Management Framework (RMF) and DoD compliance requirements. Preferred Qualifications: • Relevant certifications such as CISSP, CISM, or Security+ • Familiarity with cybersecurity tools, auditing processes, and incident response frameworks. Summit Federal Services, LLC is an equal opportunity employer regardless of race, color, religion, creed, sex, marital status, national origin, disability, age, veteran status, on-the-job injury, sexual orientation, political affiliation or belief. Employment decisions are made without consideration of these or any other factors that employers are prohibited by law from considering. Any discriminatory action can be a cause for disciplinary action. Summit Federal Services, LLC also prohibits discrimination against individuals with disabilities and will reasonably accommodate applicants with a disability, upon request, and will also ensure reasonable accommodation for employees with a disability. Powered by JazzHR xz3civbeG0

Information Systems Security OfficerJob Category: Information TechnologyTime Type: Full time Minimum Clearance Required to Start: SecretEmployee Type: RegularPercentage of Travel Required: Up to 10%Type of Travel: Continental US* * * Responsibilities: Manage Risk Management Framework (RMF) process Work with system development team to identify needed RMF artifacts and load them into the government's EMASS system. Develop security plans, policies, and designs. Configure and implement security solutions based upon the customer's performance criteria and specifications Conduct systems pre-test and acceptance tests to validate the designed performance criteria Structure mock designs based upon RFP specifications in support of the Bids & Proposal teams Collaborate with government and /or subcontractors at customer site for security solution integration into existing infrastructure Develop and perform technical presentations for customers Mentor junior engineers and technicians Serve as technical lead on projects. Travel to other CACI Locations or Customer Sites as necessary Proactively ensure a safe work environment and adhere to CACI EH&S policies and procedures Perform other duties as required Qualifications: Required: A Bachelors degree is required. Knowledge of risk assessment tools, technologies, and methods including EMASS system Experience designing secure networks, systems, and application architectures Experience planning, researching, and developing security policies, standards, and procedures Ability to communicate network security issues to peers and customers Working knowledge of current Cyber technologies and experience with NIST 800 Series and DoD 8570 regulations and governing DISA STIGs and/or SRGs Understanding of Information Assurance Vulnerability Management (IAVM) and Information Assurance Vulnerability Assessments (IAVAs Prior experience with RMF controls, risk assessments, and POA&M generation Strong working knowledge of Confidentiality, Integrity, and Availability (CIA) concepts, to include 2-factor authentication, Public Key encryption techniques, patch management, end-point security systems, intrusion detection, security event management and defense-in-depth. Well versed in DoD cyber security Assessment and Authorizations (A&A) DoD Implementation, Directives, NIST Special Publications and other government cyber security standards, policies, and directives Experience with Nessus, ACAS, SCAP Experience completing and review DISA Security Technical Implementation Guides (STIGs) Experience conducting risk analysis on products and system components through review of CVEs, plugins, IAVAs Experience onboarding assets to centrally managed Enterprise solutions. Application Security Architecture and Design experience Security Compliance Operations and Application Security Assessment experience DoD 8570.01 IAT level 2 or greater cyber security certification per DoD 8570.01 (such as Security+) Experience designing and implementing Commercial Solutions for Classified (CSfC) Multi-Site Connectivity Capability Package desired Systems integration experience Excellent interpersonal and presentation skills At least five years of continuous recent experience in the field of DoD information systems security and/or cybersecurity. Possess an active Information Assurance Management (IAM) Level III certification. Additional cyber and/or IT certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or CompTIA's Advanced Security Practitioner (CASP) Possess an active DoD Secret clearance. Desired: At least five years of continuous recent experience as an Information System Security Manager (ISSM), Information Systems Security Engineer (ISSE), and/or Information Systems Security Officer (ISSO). At least five years of continuous recent experience performing information systems security and/or cybersecurity roles in IT projects and obtaining ATO/ATC. At least five years of continuous recent experience in DoD enterprise Mission Assurance Support Service (eMASS). At least five years of continuous recent experience in networking and/or system engineering. - ________________________________________________________________________________________ What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy. Your potential is limitless. So is ours. Learn more about CACI here. ________________________________________________________________________________________ Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here. Since this position can be worked in more than one location, the range shown is the national average for the position. The proposed salary range for this position is: $105,100-$231,100 CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.

Job Description OneZero Solutions is an employee‑centric cybersecurity and engineering firm supporting federal and defense missions. We value our people and provide competitive benefits, including health coverage, 401(k) match, PTO, paid holidays, referral bonuses, and educational assistance. Position Title: Information System Security Officer (ISSO) - Level III (Senior) Clearance: Secret Location: Elizabeth City, NC (Hybrid - 2-3 days onsite per week) Position Overview The ISSO Level III serves as a senior cybersecurity SME supporting USCG avionics systems, mission electronics, test equipment, and aviation maintenance platforms. This role provides critical senior level cybersecurity expertise and knowledge to projects and tasks related to execution of USCG avionics engineering mission area. Some positions will also provide strategic cybersecurity leadership, and supervision of junior ISSOs and teams Key Responsibilities - Lead and perform DOD RMF A&A lifecycle for multiple aviation systems - Serve as senior cybersecurity advisor to government and engineering leadership - Plan, execute, and manage cybersecurity Security Assessment and Authorization - Supervise and mentor Level I/II ISSOs; assign tasks and review deliverables - Participate in STIG implementation, vulnerability remediation, and compliance validation efforts - Oversee and perform ISCM activities, audit preparation, and continuous monitoring improvements - Support evaluations of avionics software, firmware, and maintenance systems Required Qualifications 7+ years of cybersecurity engineering and RMF A&A experience Expert knowledge of DoD RMF, and related standards and policies Proven experience leading and performing cybersecurity Assessment and Authorization projects through ATO achievement. Strong background in in the use of cybersecurity tools including eMASS, NESSUS, ACAS, HBSS/ESS etc. Experience with aviation systems, avionics, or OT environments preferred Strong communication and leadership skills Required Certifications (one or more) - CISSP - CISM - CISSP-ISSMP - GSLC Education Bachelor's degree or higher in Cybersecurity, Engineering, or related technical field preferred OneZero Solutions, LLC is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws. To request an accommodation, please contact us at ************************* or call **************. Job Posted by ApplicantPro

Apex Systems is looking to hire an ONSITE L2 Cyber Security Analyst for our client based out of Greensboro, NC. This assignment is anticipated to be a 12 Month Contract with potential for extension; however, Apex Systems cannot guarantee the length of this assignment. This will also have a second shift fully onsite Monday-Friday schedule (2 PM - 10 PM EST). Responsibilities: * Monitor SOC alert queue and investigate detections for suspicious events. * Identify and respond to security breaches that may impact sensitive data. * Analyze types of security threats affecting operations and respond effectively. * Implement temporary fixes to eliminate threats and restore data security. * Handle true positive alerts as cybersecurity incidents. * Define, plan, implement, maintain, and upgrade security measures, policies, and controls. * Participate in project-based cybersecurity development work as a subject matter expert. * Collaborate with other departments to implement security procedures and best practices. * Stay updated on the latest security threats. Experience: * 3+ years of relevant cybersecurity experience. * Professional-level knowledge in multiple business domains, systems, or applications. * Deep expertise in core cybersecurity areas. * Ability to work independently and manage complex goals. * Experience contributing to team outcomes requiring cross-functional collaboration. Why Work for Apex Systems: * We offer weekly pay, direct deposit, competitive pay rates * Health/Medical benefits, Life Insurance, 401k, Employee Stock Purchase Program * Discounts to most major certification programs, access to multiple technical training platforms and programs Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. EEO Employer Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or ************. Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click here for more details. Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide. Employee Type: Contract Location: Greensboro, NC, US Job Type: Date Posted: October 24, 2025 Similar Jobs * Senior Cyber Security Analyst * Cyber Security Engineer * Cyber Security Principal * Senior Cyber Security Specialist * Cyber Engineer-Turtle Gut

About Company Founded in 2015, Global Air Logistics and Training, Inc. (GALT Aerospace) a rapid innovator, solving the world's critical security challenges to enable warriors to win...decisively. GALT Aerospace subscribes to Col John Boyd's tenet "Wars are won by people, ideas and equipment, IN THAT ORDER." Warfighters need tools (equipment) that are flexible. GALT Aerospace will always satisfy the warfighter with such tools. GALT Aerospace provides simple, effective information capabilities to support all levels of war and drive information to the lowest levels possible, enabling faster decision cycles and decisive results. GALT Aerospace uniquely focuses on architecture solutions, effective open systems integration, and rapid prototyping, fielding, and operations. At GALT Aerospace, employees have incredible opportunities to work on revolutionary and nationally relevant systems. GALT Aerospace looks for people who align with its Core Values: The Right Thing: We work on important things that we are passionate about and will make a difference for the US National Security. We are ethical and forthright and expect the same from our employees. We operate with integrity in all things; we do the RIGHT THING. Trust and Respect: We always strive to earn and foster trust. We Act and communicate with respect. We foster mutually beneficial relationships. Add Value: We take ownership of our tasks and deliver results to our customers, partners and each other. We champion individual expertise, creativity, and accomplishments. We recognize that collaborative teams achieve even greater results. Job Description GALT Aerospace is seeking a talented, full-time, salaried experienced Joint Data Network Instructor who has experience teaching how to effectively plan and manage a Joint Data Network (JDN) to support the Joint Staff, J7 Joint All Domain Network Operations Officer program (JDNO) at the Joint Interoperability & Data Link Training Center (JID-TC). A qualified instructor must be a team player and collaborator. The ideal candidate will support a full range of functions required to plan, develop, coordinate and manage the JDNO training program to include assisting in courseware development. Responsibilities will include: Provide instruction, develop and/or maintain curriculum, for JDNO courses. Collaborate with ISD's and interface with stakeholders to manage project objectives. Provide course planning and administration, to include development and maintenance of course schedules, administrative documents, and student notification processes. Develop, instruct, revise, and maintain course materials. Conduct curriculum reviews, courseware development, and multimedia enhancements, especially in a virtual classroom. Identify and define current and future Joint Data Network requirements. Understands how to provide instruction of current/future technical aspects of the Joint Data Network and how it will be integrated and synchronized to align with policy, planning, and Combatant Commanders guidance. Other duties as assigned. Required Skills and Experience U.S. Citizenship. Military instructor experience. Multi Tactical Data Link (TDL) experience. Minimum 3 years of experience with equipment that supports the Joint Data Network cell to enable/support Joint All Domain operations. Understanding of Joint Command & Control (C2) Organizations. Knowledge of JDN organizational design. Minimum 3 years of strategic/operational/planning/execution experience. Demonstrated knowledge and expertise in at least one (1) of the five domains. Experience in the Joint Data Network (JDN) operational mission. Understanding of how JDNO will serve as an enabler of CJADC2 principles and support the C2 in CJADC2 by all five domains. Proficiency with Microsoft Office Suite (Excel, Word, and PowerPoint). DoD experience. Eligible for Government Security Clearance. Excellent written and verbal communication skills. Superior organizational and planning skills. Ability to build efficient working relationships with military staff. Education Bachelor's degree with a minimum of 6 years' experience. No degree with a minimum of 8 years operational experience or equivalent combination of education, certification, and related experience. Preferred Skills, Experience and Education Active DoD Secret clearance. Joint Interface Control Officer (JICO) Global Command Control System (GCCS) experience. Joint Training Certifications (JT - 102, 201, and/or 310)

Ahold Delhaize USA, a division of global food retailer Ahold Delhaize, is part of the U.S. family of brands, which includes five leading omnichannel grocery brands - Food Lion, Giant Food, The GIANT Company, Hannaford and Stop & Shop. Our associates support the brands with a wide range of services, including Finance, Legal, Sustainability, Commercial, Digital and E-commerce, Technology and more. Co-op Program Overview: Get an insider view of the fast-changing grocery retail industry while developing relevant business, technical and leadership skills geared towards enhancing your career. This paid Co-op experience is an opportunity to help drive business results in an environment designed to promote and reward diversity, innovation and leadership. Our mission is to create impactful early talent programs that provide cohorts with meaningful project work, learning and development sessions, and mentorship opportunities. Applicants must be currently enrolled in a bachelor's or master's degree program. Applicants must be currently authorized to work in the United States on a full-time basis and be available from July 13, 2026 through December 4, 2026. We have a hybrid work environment that requires a minimum of three days a week in the office. Please submit your resume including your cumulative GPA. Transcripts may be requested at a future date. * Approximate 6-month Co-op session with competitive pay * Impactful project work to develop your skills/knowledge * Career assistance & mentoring in obtaining full time positions within ADUSA * Leadership speaker sessions and development activities * One-on-one mentoring in your area of interest * Involvement in group community service events * Networking and professional engagement opportunities * Access to online career development tools and resources * Opportunity to present project work to company leaders and gain executive visibility Department/Position Description: The Cybersecurity team is responsible for protecting our organization's systems, and data from internal and external threats. The team monitors network activity, manages security tools, responds to incidents, and ensures compliance with regulatory standards. We also implement proactive measures such as vulnerability assessments, threat intelligence, and employee training to reduce risk and maintain a strong security posture across the enterprise. The Co-op will support the Infrastructure Services team by assisting with day-to-day operations, documentation, and project-related tasks. During their session, they will gain hands-on experience with enterprise systems, collaborate across departments, and develop a deeper understanding of IT service delivery in a large-scale environment. Qualifications: * Currently pursuing a degree in Cybersecurity, Information Technology, Computer Science, or a related field. * Familiarity with basic cybersecurity concepts such as threat detection, network security, and vulnerability management through coursework or labs. * Exposure to tools or platforms like Wireshark, Splunk, or basic scripting for security automation is a plus. * Strong attention to detail and analytical thinking, especially when reviewing logs or identifying anomalies. * Excellent communication skills and a collaborative mindset, with a willingness to learn in a fast-paced, security-focused environment. Individual cohort pay rates vary based on location, academic year, and position. ME/NC/PA/SC Salary Range: $20.90 - $35.70 IL/MA/MD Salary Range: $22.80 - $37.30 #LI-LA1 #LI-hybrid At Ahold Delhaize USA, we provide services to one of the largest portfolios of grocery companies in the nation, and we're actively seeking top talent. Our team shares a common motivation to drive change, take ownership and enable our brands to better care for their customers. We thrive on supporting great local grocery brands and their strategies. Our associates are the heartbeat of our organization. We are committed to offering a welcoming work environment where all associates can succeed and thrive. Guided by our values of courage, care, teamwork, integrity (and even a little humor), we are dedicated to being a great place to work. We believe in collaboration, curiosity, and continuous learning in all that we think, create and do. While building a culture where personal and professional growth are just as important as business growth, we invest in our people, empowering them to learn, grow and deliver at all levels of the business.

The IT Security Manager is an experienced leadership role on the IT team responsible for developing, implementing, maintaining, communicating and auditing the security program to protect network availability and information on the global networks. The strategic security plan should foster confidence in the integrity of the organization and its information assets, assuring management, staff, customers, and trading partners that our information systems are safe and dependable. The role plays as a liaison to the Security Team to ensure that security policies are adopted and adhered to II. Key Responsibilities • Manage enterprise-wide security, policies and systems • Develop, document, implement, monitor and audit information systems security strategies, policies, and procedures • Ensure all mandated security and compliance standards are met • Coordinate with vendors, contractors and consultants to maintain and enhance data security • Provide leadership, guidance, and training to information systems personnel on security practices • Manage security audits, vulnerability and threat assessments by directing remediation activities to network or system security breaches • Ensure fulfillment of legal and contractual information, security and privacy mandates including providing executive management with compliance reports and audit findings • Drive project planning, coordination and delivery of quality IT security solutions on time and within budget • Work with technology administrators to ensure the proper level of security for all computing systems and network connections is implemented • Ensure associates are aware of security policies • Provide recommend changes to improve security using new technologies III. Relationships • Position reports directly to the Director, Global IT Infrastructure • Receives work direction from the Security Lead • Works on cross functional teams across IT • Works with Business Managers on security needs as identified IV. Measures of Performance • Maintain a high security index score (measures effectiveness of our security program) • Quality and thoroughness of security program • Number of security breaches and potential security risks to the business • Define and execute projects on time • Deliver solutions that meet requirements, quality, schedule, budget and cost goals • Provide guidance and support to our companies ensuring 100% compliance to all security policies • Strong oral and written communications skills V. Background and Skill • Bachelor's Degree in Computer Science, Information System Management or equivalent (required) • 8-10 years' experience in IT with a broad range of exposure to infrastructure, systems analysis, and application development • 4-7 years of IT Security experience • Certified Information System Security Professional (CISSP) or equivalent certifications desirable • Strong working knowledge of networking technologies; TCP/IP addressing, Routing, DHCP, DNS, VPN, Next Generation Firewalls, Firewalls, IPS, and DMZ • IT auditor experience including SOX, SSAE16, COBIT, etc. (preferred) • Effective utilization of productivity tools including MS Word, Excel, Outlook, Visio, and PowerPoint • Excellent interpersonal, organizational, and time management skills • Versatile, flexible and proactive when resolving technical issues • Strong project management skills with the ability to multitask and manage multiple projects at one time Additional Information All your information will be kept confidential according to EEO guidelines. Direct Staffing Inc

XDIN subsidiary of ALTEN Group, includes 500 employees dedicated to the automotive engineering development. ALTEN is a Leader in Engineering & Information Technology system, and operates in over 21 countries (Europe, North America, Asia, Africa and Middle East) with more than 28,000 employees of which 88% are engineers. At XDIN, we are always looking for world-class talent to lead our global teams through commitment and dedication to our OEM and Tier I clients. We believe in quality support from concept through production, and delivering the best customer experience while at the same time attaining a great place to work! XDIN Offers Competitive wages, BOE. Major health, dental insurance benefits and vision savings plan. 401k, and basic life. Supplemental benefits such as short-term disability, accident, cancer and life insurance. Paid company holidays and earned time off. We place a high value on thought leadership. We want every employee to develop all the skills required to become an engineering and technology thought leader; contributing to the knowledge assets of our team and our clients. From day one, every consultant is trained and mentored to elevate their careers. Responsibilities: Performs network and application technical vulnerability assessments using vulnerability assessment tools. Performs penetration testing activities to detect vulnerabilities and attack chains. Utilizes penetration testing skills to conduct analyses to gather deeper situational awareness and provide greater security insight of the environment. Lead the Security Awareness efforts, including facilitating presentations on topics of relevance, evaluating and implementing awareness training Assist in network security efforts including Data Loss Prevention, Intrusion Prevention and SIEM analysis Test security measures including OS patches, system hardening, and application configuration Monitor, review and troubleshoot alerts Review, interpret and adapt customer, regulatory and corporate security and compliance requirements into technical design options Apply knowledge of technical, analytical skills to ensure the confidentiality, integrity, and availability of all information systems assets and ensure compliance with company policies, procedures, contractual, and regulatory requirements. Produce security policies, standards, and guidelines Perform security research Produce security risk advisories based on newly identified threats and risk assessment Assist in performing IT audit, third party evaluations, and risk assessment activities Requirements: Bachelor's degree in Information Technology, Computer Science or a related discipline Approximately 3 years' work experience in Information Security in an enterprise network (Internships and Co-Ops can be included) A recognized information security certification or accreditation such as Security+, CISSP, or CEH is a plus. Fundamental understanding of penetration testing techniques and technologies Fundamental understanding of application development security concepts such as OWASP Top 10 Vulnerabilities Fundamental understanding of Active Directory administration and Windows authentication Fundamental understanding of security technologies such as SIEM, IDS/IPS, Web filters, two-factor authentication, web application firewalls Fundamental understanding of Malware detection, analysis, exploitation, containment, and eradication techniques experience Experience with systems analysis including, but not limited to: Gathering requirements from stakeholders, Constructing RFP/RFQs, devising and planning proof-of-concepts, defining use and test cases, driving critical security infrastructure projects, creating cogent status reports for senior management, strong technical understanding of vulnerabilities, and how attackers can exploit vulnerabilities to compromise systems. Excellent verbal, written, and presentation skills; in particular, demonstrated ability to effectively communicate technical and business issues and solutions to multiple organizational levels internally and externally as needed Knowledge of security frameworks and governance such as NIST, ISO27000 series, HIPAA, GDPR, PCIDSS Solid analytical and problem solving skills; ability to think strategically and turn ideas into actions Familiarity with Project Management concepts. Familiarity with scripting languages such as Python Ability to work with little supervision and consistently deliver results The Location: This opportunity is based in Greensboro, NC.

Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. The Cloud Security Architect is responsible for enabling, maturing, and operationalizing cyber defense capabilities across Elevance Health's enterprise and subsidiary cloud environments. This role partners closely with Cloud Infrastructure, Application Engineering, Detection Engineering, and Security Operations to ensure cloud-native security telemetry, detection, and response capabilities are deployed, monitored, and continuously improved. How You Will Make an Impact: * Lead efforts to integrate cyber defense and security operations capabilities into enterprise and subsidiary cloud environments (AWS, Azure, GCP, and OCI), ensuring consistent visibility and detection coverage across platforms. * Partner with cloud infrastructure and application teams to ensure security controls, logging, and telemetry are properly enabled, validated, and operational for cloud services and workloads. * Work with app, platform and engineering teams to ensure the appropriate level of logging is enabled within their respective environments. * Define roadmap and strategy for the future of cloud cyber defense, including CSPM, threat detection, logging pipelines, and incident response integration. Develop an approach that is tailored to the organization and keeps us out in front of developing threats. * Propose and develop cloud threat monitoring use cases. Train SOC analysts on how to properly triage, investigate and remediate alerts based on those use cases. * Collaborate with security operations and incident response teams to investigate complex cloud security events (e.g. threat detection events, misconfigurations, exposed resources) and support remediation efforts. * Infuse automation and AI-driven capabilities into cloud threat management operations. * Work with vendors to evaluate, select, and onboard technologies. Partner with vendor contacts to ensure product roadmaps address evolving business and technical requirements. * Support pursuit of new business by designing new cloud architectures that are compliant with FedRAMP or other regulatory requirements. * Participate in and contribute to governance review for new cloud services, AI-enabled platforms, and SaaS offerings, ensuring security requirements, logging, and guardrails are defined before approval. * Act as Subject Matter Expert in all aspects of cloud cyber defense. Advise executive leadership on matters relating to cloud security. Train and mentor junior team members. * Draft business-level presentations that garner executive and stakeholder support for cloud cyber defense initiatives. * Develop policies, technical standards and other foundational documentation. * Support regulatory and audit initiatives by validating cloud security controls, evidence collection, and alignment with frameworks such as SOC2, PCI, HITRUST, and FedRAMP. Minimum Requirements: Requires BS/BA in Information Technology or related field of study and a minimum of 10 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background. Preferred Skills, Capabilities & Experiences: * Fluency with all 3 major cloud service providers: AWS, Azure & Google Cloud Platform. * Experience designing, implementing or operating cloud security programs in an enterprise environment. * Cloud security certifications such as CCSP or CSP-specific security certifications . * Experience with Oracle Cloud Infrastructure. Job Level: Non-Management Exempt Workshift: 1st Shift (United States of America) Job Family: IFT > IT Security & Compliance Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.

Do your Best Work in Mooresville This position is based at our headquarters in Mooresville, North Carolina. Our corporate office is a space where you can collaborate and do your best work. Take a walk, grab a bite (or a cup of coffee), work out or get a check-up - we invest in you so you can find your inspiration. Your Impact The primary purpose of this role is to lead the implementation and ongoing delivery of information security tools and processes. This includes responsibility for creating, executing, and improving processes and procedures with limited direct guidance from more senior-level security associates. This role solves complex problems while creating and optimizing processes and often takes a lead role in implementing new services and technologies. This role requires a strong understanding of most tools and processes supported by the team, including many of the key integration points with other parts of technology, works mostly independently, and provides coaching and direction to more junior-level associates. As a Senior Analyst of Offensive Security, you will conduct advanced penetration tests and red team assessments across our applications, networks, and systems. You will collaborate with cross-functional teams to analyze security vulnerabilities and provide actionable recommendations for remediation. This role solves complex problems while creating and optimizing processes and often takes a lead role in implementing new services and technologies. What You Will Do * Analyze data to detect trends, determine metrics, assess adherence to processes, and make recommendations. And present results to information security and business leaders and/or vendors. * Serve as an escalation point and mentor for junior staff. * Maintain an awareness of information security news and trends and research current technologies to assist in the development of new capabilities. * Consolidate security-related findings, track OKRs, and present results to information security and business leaders and/or vendors. * Translate and document business needs into technical requirements and solutions. * Advise users and team members on the execution of processes, interpret standards and regulations, and assist with solutions. * Design, develop, and maintain custom offensive tooling, including loaders, droppers, malware implants, in-memory execution frameworks, and covert initial access payloads across Windows, Linux, mac OS, and cloud-native platforms. * Engineer advanced evasion techniques in code, such as syscall stealth, ntdll unhooking, memory laundering, behavioral model evasion, encrypted tasking channels, and dynamic API resolution to defeat modern AI-driven EDR/EDX systems. * Plan and execute full-scope red team and adversary emulation engagements, targeting on-prem, cloud, and hybrid environments while maintaining strong operational security and stealth. * Reverse engineer defensive mechanisms and modify offensive code to adapt to new detection models, platform protections, and telemetry changes-ensuring tooling remains effective across diverse modern environments. * Create reusable internal offensive libraries, including process injection modules, PE/ELF parsing routines, shellcode loaders, encryption wrappers, and cloud identity attack primitives. * Prototype, test, and validate new malware techniques in isolated research environments; document behaviors, measure detection surfaces, and integrate promising approaches into operational tooling. * Manage and maintain resilient C2 infrastructures-including redirectors, covert channels, and multi-transport communication layers-to emulate sophisticated APT frameworks and tradecraft. * Develop, enhance, and standardize offensive testing methodologies, ensuring alignment with current threat landscapes, evolving attacker TTPs, and industry-leading best practices (MITRE ATT&CK, NIST, etc.). * Analyze engagement results and produce clear, actionable reporting, effectively communicating technical findings, attack paths, and remediation recommendations to both technical stakeholders and executive leadership. * Promote a culture of collaboration, knowledge sharing, and continuous skill development within the offensive security team. * Continuously research emerging threats, attack vectors, and defensive advancements, integrating relevant discoveries into future red team operations and tooling. * Support improvements to security posture by contributing insights to security policy updates, defensive control enhancements, and incident response strategies based on observed weaknesses and real-world attack patterns Minimum Qualifications * Bachelor's degree in computer science, computer information systems, engineering, business administration, cybersecurity, or related field, or equivalent years of experience in lieu of education requirement, if applicable * 4 years of experience in information security * 2-4 years of experience developing malware techniques and designing preventative measures. * Preferred Skills/Education * IT experience in the retail industry * Hands-on experience on GRC applications & TPRM tools (e.g., Archer, LogicGate, SAP GRC, OneTrust, ProcessUnity, ServiceNow, BitSight, Prevalent, Black Kite, etc.) * Experience with vulnerability identification & penetration testing tools * Experience with vulnerability management in public/hybrid cloud environments. * Experience with IAM technology implementation and operations (e.g., CA, SailPoint, OKTA, SSO, MFA, IGA, Microsoft AD) (specific to IAM role) * Experience developing cybersecurity or information assurance policies, standards, awareness training, or equivalent issuances (specific to Security GRC role) * Payment Card Industry Internal Security Assessor (PCI ISA) * Certified in Risk and Information Systems Control (CRISC) * Offensive Security Certified Professional (OSCP) * GIAC Penetration Tester Certification (GPEN) * Practical Network Penetration Tester (PNPT) * eLearnSecurity Certified Professional Penetration Tester (eCPPT) * Certified Third-Party Risk Professional (CTPRP) * Certified Third Party Risk Assessor (CTPRA) * CompTIA PenTest+ Certification * Or other relevant information security certifications Where You'll Be * Associates are required to relocate to the Charlotte region to foster collaboration and facilitate improved testing and support. * Lowe's supports a Flex Office concept where in-person work is required three days per week at the Charlotte Tech Hub * Most business meetings are planned around the Eastern time zone. About Lowe's Lowe's Companies, Inc. (NYSE: LOW) is a FORTUNE 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2024 sales of more than $83 billion, Lowe's operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing, improving community spaces, helping to develop the next generation of skilled trade experts, and providing disaster relief to communities in need. For more information, visit ************* Lowe's is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.

Type: Contract Duration: 3 months Job description: • Conduct dynamic application security testing using both manual and automated testing tools. • Review test results from tools • Ensure that automated tests are completed successfully • Configure tools as required to be successful in evaluating VERA (Vendor remote access) applications • Identify and remove any false positives from automated testing tool reports • Triage & Disposition results and enforce a Bug Bar • Verify/validate defect fixes • Provide application security consulting SME Support to developers • Assist developers with understanding of security defects and risk • Assist in defining acceptable solution to fix defects • Communicate Security risk to ISCs and ORCs to document security issues and controls for security planning purposes • Help maintain Security Coding Standards and Bug Bar as required • Assist in the Development of standards as required • Provide training • Stay up to speed on 3rd party (inside and outside Wells Fargo) known security vulnerabilities • Develop and review malicious use cases/threat models • Maintain a broad understanding of security technologies and products • Actively participate on improving the security culture and education throughout the organization Qualifications Required skills: • 5+ years of experience in security applications and systems • Minimum of 5 years of Information Security Engineer/Consultant experience with application penetration testing. • Minimum of 5 years of demonstrated experience with automated penetration tools • Minimum of 5 years of demonstrated experience with manual penetration testing tools • Demonstrated experience with creating and communication of reports regarding web application vulnerabilities to various level of personnel within a large organization Desired skills: • Advanced Information Security technical skills • Ability to manage complex issues and develop solutions • Excellent verbal and written communication skills • Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis • Knowledge and understanding of banking or financial services industry • Experience working in a large enterprise environment • Strong analytical skills with high attention to detail and accuracy • Knowledge and understanding of information security industry standards and government regulations • Ability to manage multiple and competing priorities • Ability to work with limited supervision • Ability to take on a high level of responsibility, initiative, and accountability • Good attention to detail and accuracy skills • Strong collaboration and partnering skills • Demonstrated experience developing and reviewing malicious use cases/threat models Job expectations • Ability to work weekends and holidays as needed or scheduled Candidate will be required to work onsite at certain facilities in these cities: MN-Minneapolis; AZ-Chandler; NC-Charlotte;NC-Winston Salem; CA - San Francisco Additional Information All your information will be kept confidential according to EEO guidelines. **Please let me know if you might someone to refer or if you are interested for the role. **Please reply with an updated copy of your resume and preferred time for a call. **You can call me back at ************.

Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: Up to 10% Type of Travel: Continental US * * * **Responsibilities:** + Manage Risk Management Framework (RMF) process + Work with system development team to identify needed RMF artifacts and load them into the government's EMASS system. + Develop security plans, policies, and designs. + Configure and implement security solutions based upon the customer's performance criteria and specifications + Conduct systems pre-test and acceptance tests to validate the designed performance criteria + Structure mock designs based upon RFP specifications in support of the Bids & Proposal teams + Collaborate with government and /or subcontractors at customer site for security solution integration into existing infrastructure + Develop and perform technical presentations for customers + Mentor junior engineers and technicians + Serve as technical lead on projects. + Travel to other CACI Locations or Customer Sites as necessary + Proactively ensure a safe work environment and adhere to CACI EH&S policies and procedures + Perform other duties as required **Qualifications:** **_Required:_** + A Bachelors degree is required. + Knowledge of risk assessment tools, technologies, and methods including EMASS system + Experience designing secure networks, systems, and application architectures + Experience planning, researching, and developing security policies, standards, and procedures + Ability to communicate network security issues to peers and customers + Working knowledge of current Cyber technologies and experience with NIST 800 Series and DoD 8570 regulations and governing DISA STIGs and/or SRGs + Understanding of Information Assurance Vulnerability Management (IAVM) and Information Assurance Vulnerability Assessments (IAVAs + Prior experience with RMF controls, risk assessments, and POA&M generation + Strong working knowledge of Confidentiality, Integrity, and Availability (CIA) concepts, to include 2-factor authentication, Public Key encryption techniques, patch management, end-point security systems, intrusion detection, security event management and defense-in-depth. + Well versed in DoD cyber security Assessment and Authorizations (A&A) DoD Implementation, Directives, NIST Special Publications and other government cyber security standards, policies, and directives + Experience with Nessus, ACAS, SCAP + Experience completing and review DISA Security Technical Implementation Guides (STIGs) + Experience conducting risk analysis on products and system components through review of CVEs, plugins, IAVAs + Experience onboarding assets to centrally managed Enterprise solutions. + Application Security Architecture and Design experience + Security Compliance Operations and Application Security Assessment experience + DoD 8570.01 IAT level 2 or greater cyber security certification per DoD 8570.01 (such as Security+) + Experience designing and implementing Commercial Solutions for Classified (CSfC) Multi-Site Connectivity Capability Package desired + Systems integration experience + Excellent interpersonal and presentation skills + At least five years of continuous recent experience in the field of DoD information systems security and/or cybersecurity. + Possess an active Information Assurance Management (IAM) Level III certification. Additional cyber and/or IT certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or CompTIA's Advanced Security Practitioner (CASP) + Possess an active DoD Secret clearance. **_Desired:_** + At least five years of continuous recent experience as an Information System Security Manager (ISSM), Information Systems Security Engineer (ISSE), and/or Information Systems Security Officer (ISSO). + At least five years of continuous recent experience performing information systems security and/or cybersecurity roles in IT projects and obtaining ATO/ATC. + At least five years of continuous recent experience in DoD enterprise Mission Assurance Support Service (eMASS). + At least five years of continuous recent experience in networking and/or system engineering. - **________________________________________________________________________________________** **What You Can Expect:** **A culture of integrity.** At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation. **An environment of trust.** CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. **A focus on continuous growth.** Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy. **Your potential is limitless.** So is ours. Learn more about CACI here. (************************************************ **________________________________________________________________________________________** **Pay Range** : There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here (***************************************************** . Since this position can be worked in more than one location, the range shown is the national average for the position. The proposed salary range for this position is: $105,100-$231,100 _CACI is_ _an Equal Opportunity Employer._ _All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any_ _other protected characteristic._

Job Description OneZero Solutions is an employee‑centric cybersecurity and engineering firm supporting federal and defense missions. We value our people and provide competitive benefits, including health coverage, 401(k) match, PTO, paid holidays, referral bonuses, and educational assistance. Position Title: Information System Security Officer (ISSO) - Level I Clearance: Secret Clearance Location: Elizabeth City, NC (Hybrid - 2-3 days onsite per week) Position Overview The ISSO Level I supports the U.S. Coast Guard Aviation Logistics Command (ALC) by assisting in securing avionics systems, aircraft maintenance platforms, and test equipment. This is an entry‑level role that will afford the candidate the opportunity to develop foundational expertise in DoD/DHS aviation cybersecurity and RMF processes while supporting the USCG's aviation services mission area. Key Responsibilities - Support execution of NIST RMF for aircraft-related information systems - Assist with ATO documentation including SSPs and POA&Ms - Support vulnerability scans, STIG/SCAP remediation, and compliance efforts - Monitor systems for security events and escalate as appropriate - Assist with documentation and security awareness activities - Collaborate with engineering and aviation maintenance personnel Required Qualifications 1-3 years of IT or cybersecurity experience (military/ internships acceptable) Understanding of cybersecurity fundamentals, networks, and incident response Familiarity with Cybersecurity principles and concepts, NIST RMF and related standards, DoD security policies and standards (DoD 8510.01, DoD 8500, STIG etc.) Familiarity with DoD security tools such as eMASS, Tenable Nessus, ACAS, etc. Strong communication and documentation skills Ability to operate in aviation maintenance/engineering environments Required Certification (one or more) Security+ (CompTIA) Education Associate's or Bachelor's degree in Cybersecurity, IT, Engineering, or related field preferred OneZero Solutions, LLC is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws. To request an accommodation, please contact us at ************************* or call **************. Job Posted by ApplicantPro

Greensboro North Carolina Exp 5-7 yrs Deg Bachelors Occasional Travel Job Description The IT Security Manager is an experienced leadership role on the IT team responsible for developing, implementing, maintaining, communicating and auditing the security program to protect network availability and information on the global networks. The strategic security plan should foster confidence in the integrity of the organization and its information assets, assuring management, staff, customers, and trading partners that our information systems are safe and dependable. The role plays as a liaison to the Security Team to ensure that security policies are adopted and adhered to II. Key Responsibilities • Manage enterprise-wide security, policies and systems • Develop, document, implement, monitor and audit information systems security strategies, policies, and procedures • Ensure all mandated security and compliance standards are met • Coordinate with vendors, contractors and consultants to maintain and enhance data security • Provide leadership, guidance, and training to information systems personnel on security practices • Manage security audits, vulnerability and threat assessments by directing remediation activities to network or system security breaches • Ensure fulfillment of legal and contractual information, security and privacy mandates including providing executive management with compliance reports and audit findings • Drive project planning, coordination and delivery of quality IT security solutions on time and within budget • Work with technology administrators to ensure the proper level of security for all computing systems and network connections is implemented • Ensure associates are aware of security policies • Provide recommend changes to improve security using new technologies III. Relationships • Position reports directly to the Director, Global IT Infrastructure • Receives work direction from the Security Lead • Works on cross functional teams across IT • Works with Business Managers on security needs as identified IV. Measures of Performance • Maintain a high security index score (measures effectiveness of our security program) • Quality and thoroughness of security program • Number of security breaches and potential security risks to the business • Define and execute projects on time • Deliver solutions that meet requirements, quality, schedule, budget and cost goals • Provide guidance and support to our companies ensuring 100% compliance to all security policies • Strong oral and written communications skills V. Background and Skill • Bachelor's Degree in Computer Science, Information System Management or equivalent (required) • 8-10 years' experience in IT with a broad range of exposure to infrastructure, systems analysis, and application development • 4-7 years of IT Security experience • Certified Information System Security Professional (CISSP) or equivalent certifications desirable • Strong working knowledge of networking technologies; TCP/IP addressing, Routing, DHCP, DNS, VPN, Next Generation Firewalls, Firewalls, IPS, and DMZ • IT auditor experience including SOX, SSAE16, COBIT, etc. (preferred) • Effective utilization of productivity tools including MS Word, Excel, Outlook, Visio, and PowerPoint • Excellent interpersonal, organizational, and time management skills • Versatile, flexible and proactive when resolving technical issues • Strong project management skills with the ability to multitask and manage multiple projects at one time Additional Information All your information will be kept confidential according to EEO guidelines. Direct Staffing Inc

Executive Advisor - Business Information Security Officer Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered if candidates reside within a commuting distance from an office. Please note that per our policy on hybrid/virtual work, candidates not within a reasonable commuting distance from the posting location(s) will not be considered for employment, unless an accommodation is granted as required by law. The Executive Advisor - Business Information Security Officer serves as a dedicated security and risk management leadership function aligned to the major business and technology-enabling divisions of Elevance Health. BISOs are embedded security leaders - connecting executive business and innovation leaders, technology professionals, compliance management teams, and the Global Information Security organization. How You Will Make an Impact: * Leads Information Security and Risk Management for an assigned Business Unit * Leads Information Security and Technology Risk Management for an assigned Business Unit, ensuring alignment with enterprise security strategy, business objectives, and regulatory obligations. * Serves as the primary business-facing point of contact for information security and technology risk matters, coordinating enterprise security capabilities and services as needed. * Acts as a key leadership contact during incident response activities, ensuring effective business engagement, executive communication, and post-incident remediation. * Owns the development and execution of the Business Unit security roadmap, aligned with enterprise priorities, business strategy, and defined risk tolerance. * Identifies, prioritizes, and recommends opportunities to reduce risk and improve security outcomes through targeted assessments, continuous monitoring, and metrics-driven analysis. * Participates in enterprise planning activities, including vendor and third-party risk assessment, technology platform selection and retirement, security architecture alignment, prioritization, and integration planning. * Serves as the Information Security and Technology Risk lead for mergers, acquisitions, and divestitures, including due diligence, integration planning, and risk remediation. * Establishes and participates in governance forums to assess, accept, mitigate, or escalate technology risk in alignment with enterprise risk management practices. * Provides security leadership for healthcare regulatory and compliance requirements (e.g., HIPAA, HITRUST, state privacy laws), ensuring audit readiness and sustained compliance. * Defines, tracks, and reports meaningful security and risk metrics to business and executive stakeholders to support informed decision-making. * Acts as a trusted advisor and subject matter expert to executive management, translating technical and cyber risk into clear business and financial impact. * Influences business and technology leaders to adopt secure-by-design practices and risk-aware decision-making without direct operational authority. * Mentors and develops security and risk management capabilities within the Business Unit and across enterprise teams. * Must be capable of providing top-tier support for 6 or more of the information security technology common body of knowledge skill sets: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security. Minimum Requirements: Requires BS/BA in Information Technology or related field of study and a minimum of 10 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background. Preferred Skills, Capabilities & Experiences: * Broad-based experience to plan and design highly complex systems is strongly preferred. * Expert knowledge and understanding of industry-accepted data processing controls and concepts strongly preferred as applied to Security Certifications: CISSP preferred and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Systems Security Engineering Professional, Certification and Accreditation or equivalent certifications). Job Level: Non-Management Exempt Workshift: 1st Shift (United States of America) Job Family: IFT > IT Security & Compliance Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.