Security engineer jobs in Ballwin, MO

We are seeking a Security Engineer II to support threat and vulnerability management across on-premises and cloud environments. This role focuses on identifying security risks, assessing vulnerabilities, ensuring secure configurations, and driving remediation efforts to improve overall security posture. Key Responsibilities: Identify, assess, and remediate vulnerabilities across on-prem and cloud environments (AWS/Azure/GCP) Monitor and analyze threat intelligence using frameworks such as MITRE ATT&CK, OWASP, and CVSS Utilize vulnerability and cloud security tools (Tenable, Qualys, Rapid7, Prisma Cloud, Defender for Cloud, Wiz) Perform secure configuration audits using CIS Benchmarks, NIST, and STIGs Collaborate with IT, Cloud, and DevOps teams to implement remediation Automate security processes using scripting (Python, PowerShell, Bash) Track remediation progress and communicate risks to technical and non-technical stakeholders Required Skills & Experience: 4+ years of experience in Cybersecurity or IT with exposure to vulnerability or cloud security Hands-on experience with vulnerability management tools Strong understanding of security controls, risk management, and compliance Experience with scripting/automation and API integrations Familiarity with SIEM, logging, monitoring, and ticketing systems

Systems Engineer IV Scott AFB, IL, USA Full-time FLSA Status: Exempt Clearance Requirement: Secret Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide. Job Description Overview SOS International LLC is seeking a [TITLE] to join our team in [work location]. A Systems Engineer is responsible for designing, implementing, and maintaining the systems and infrastructure necessary to support the technical operations of an organization. This role involves an in-depth understanding of both hardware and software components, as well as the ability to troubleshoot complex issues and provide innovative solutions. Essential Duties Perform technical engineering evaluations and assessments of high-risk Cross Domain Solutions (CDS) to determine the suitability and compliance of its components with Joint, DOD, and AF policies, and configuration and security guides. Determine the suitability of the CDS components and/or systems in relation to installation, modification, relocation, and/or removal. Conduct CDS technical engineering evaluations and assessments based on the Risk Decision Authority Criteria (RDAC) developed by the National Security Agency (NSA) for CDS hardware, software, firmware, and systems comprised of those components. Derive transfer processing threat, identity threat, policy threat and corresponding policy by-pass threat, and site mitigation risk ratings with sufficient justification to receive approval/authorization from CDS forums including: National Security Agency (NSA), Connection Approval Office (CAO), DoD Information Security Risk Management Committee (DoD ISRMC), Cross Domain Technical Advisory Board (CDTAB), National Cross Domain Strategy and Management Office (NCDSMO) Defense Security / Cybersecurity Accreditation Working Group (DSAWG) community. Accomplish documentation detailing the transfer processing risk introduced by a CDS to include measures taken to protect the confidentiality, availability, and integrity of information before and after it transits the CDS as well as data at rest. Identify and provide mitigation recommendations in the environment in which the CDS will operate Interpret scan and test results and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs). Recommend risk mitigations to ensure CDSs meet an acceptable level of risk for issuance of an Authority to Operate (ATO). Conduct extensive reviews of technical documentation including CDS Appendices, CDS Validation Approval Requests, system topologies, Lab-Based Security Assessments (LBSA) and Site-Based Security Assessments (SBSA) plans and reports. Assess authenticator management, intrusion management, partner identity management, location security, and technology and data risk mitigations. Perform engineering studies in support of complex mission critical CDS systems and deliver draft technical documents, reports, briefings, and other correspondence to the government. Coordinate with Authorizing Officials (AOs), PMOs, user reps, and system owners to maintain Risk Management Framework (RMF) packages, conduct risk and vulnerability assessments, provide support to the CDS approval processes, and perform other IA support duties. Develop and submit recommended policy directives, instructions, manuals, standards, strategies, visions, mission statements, goals and objectives as they apply to CDS. Provide ad hoc reports and briefings with information such as metrics, meeting minutes, inputs for Joint Approval Boards, and updated status of operational CDSs. Travel Requirements: Travel between Scott AFB, IL and other CONUS/OCONUS locations may be required under this task order. Qualifications Essential Requirements Bachelor's degree in Communications or Security is mandatory. Active SECRET security clearance is a non-negotiable prerequisite. Minimum of four years of relevant professional experience is required. Demonstrated proficiency in National, DoD, and AF Information Assurance (IA) policies, procedures, and objectives is essential. DoD 8570.1 IAM Level II certification (CAP, CASP+CE, CISM, CISSP or Associate, GSLC, CCISO) is imperative. Extensive knowledge and experience in Security Engineering, Risk Assessments, and Network Architectures are crucial. Superior analytical and problem-solving capabilities are required, with the ability to diagnose complex technical issues and develop effective solutions. Exceptional verbal and written communication skills are necessary, including the ability to articulate technical concepts to non-technical stakeholders. Proven experience in managing multiple projects simultaneously, demonstrating strong organizational and time management skills. Meticulous attention to detail is critical to ensure the accuracy and reliability of system configurations and documentation. Demonstrated ability to work effectively in a team environment, with strong interpersonal skills and the capacity to establish positive working relationships with colleagues and stakeholders. Adaptability to evolving technologies and organizational needs is essential, along with a commitment to continuous learning and improvement. Comprehensive knowledge of cybersecurity principles and best practices, with the ability to implement and maintain robust security measures. Preferred Qualifications Advanced degrees or certifications in Systems Engineering, Network Engineering, or Cybersecurity will be viewed favorably. Additional Information Work Environment This position requires working in an office environment, with occasional travel to client sites or data centers. May require working outside regular business hours to perform maintenance or respond to emergencies. Ability to lift and move computer hardware and equipment as needed. Working at SOSi All interested individuals will receive consideration and will not be discriminated against for any reason.

**** No 3rd party resumes or C2C**** Systems Engineer (Microsoft Engineer) Pay Rate: $60-65/hr. ($125-130K when Direct-hire) Full-time hours each week Duration: 6 month contract-to-hire Benefits offered Hybrid Schedule: 2 days a week onsite, 3 days remote. Location: St. Louis, MO ****Top Skills: Microsoft 365 environment-specifically Exchange, SharePoint, OneDrive, Teams Job Summary The Systems Microsoft Engineer will design, implement, manage, and support the organization's Microsoft 365 environment-specifically Exchange, SharePoint, OneDrive, Teams, and related compliance/governance tools. This role ensures high performance, security, and user adoption across the digital workplace. The engineer will handle daily administration, ticket requests, technical troubleshooting, data governance, analytics reporting, and serve as a subject matter expert during major incidents. Collaboration with IT, Security, Communications, and end users is key, along with providing training and guiding the business on best practices and new features. Must-Have Skills & Experience Strong knowledge and hands-on administration of Microsoft 365(SharePoint, OneDrive, Teams, Exchange, compliance/governance). Advanced expertise in SharePoint, OneDrive, and Teams. Proficiency in PowerShell scripting for automation and administration. Experience managing users, groups, policies, and cloud storage in Microsoft 365. Solid understanding of security best practices and compliance requirements (data retention, classification, governance). Strong troubleshooting and diagnostic skills. Experience working in hybrid cloud environments. Nice to Have / Preferred (Not essential but helpful) Experience with Microsoft Entra, Purview, Defender. Experience with Microsoft Copilot or other AI productivity tools. Familiarity with data security tools like Varonis, Egnyte, Sentra. Microsoft certifications (MS-900, MS-700, MS-203, MD-102, MS-102). SAFe certifications.

Job DescriptionSecurity Engineer Position: Direct HireLocation: Bridgeton, MO. If not, local you must be willing to relocate.Salary: $95K - $140K (Depending on experience).Pay Frequency: Semi Monthly.Hours: M - F (8 to 5) Fully On-Site.Status: Must be a US citizen.Travel: N/A.Benefits: PTO, Holiday Pay, Healthcare coverage, Profit-Sharing, Tuition Reimbursement, Parental Leave and free onsite fitness & rec center. Experience Level: Mid to Senior.Summary: Our client is seeking a Security Engineer to join their team.Duties: Design, implement, manage, maintain, improve, and troubleshoot company's various security systems, including but not limited to Data Loss Prevention (DLP), SIEM and UEBA, endpoint protection, and data security/auditing platforms. Analyze and audit systems, software, processes, implementations, and environments for compliance with policies, regulations, and security best practices; and recommend and implement refinements and enhancements, in collaboration with individuals and teams. Conduct threat, vulnerability, and risk assessments, at times in collaboration with external auditors, to understand and eliminate potential system and network vulnerabilities. Develop and improve monitoring and visibility capabilities of information systems, and act as a technical leader for security incident detection, response, handling, and forensics. Provide reporting on incidents, investigations, vulnerabilities, trends, conditions, and events. Remain current on information security topics, trends, events, and developments. May occasionally provide end-user security training. Provide end-user support as necessary. Provide exceptional customer service while acting ethically and maintaining business confidentiality. Provide after-hours support as required and be able to identify critical issues that require urgent response. Additional duties as assigned. Skills Needed: 7+ years of experience in Information Technology required; inclusive of up to 4 years of relevant education, including 3+ years of experience in security. Must have demonstrable experience with: Microsoft/Office 365 Security landscape. Azure and on-premises Active Directory. PowerShell and Regular Expressions. Software Development and/or Development Security Operations. Performing and managing proactive risk identification and mitigation, including penetration testing, network vulnerability assessments, and system risk profiling. Security incident detection, response, handling, and forensics. Must understand networking concepts, protocols, and services. Must have excellent verbal and written communication skills. Must possess a very strong troubleshooting methodology to tackle issues efficiently. Must be self-starting and self-sufficient to complete tasks in a timely and effective manner.

We are looking for experienced Vulnerability Development / Security Engineers with a background in healthcare IT to join our security team. You will focus on identifying, assessing, and remediating vulnerabilities across applications and cloud environments. Responsibilities: Conduct SAST and DAST scans and manage vulnerability remediation. Perform secure code reviews and implement best practices in Java and Python. Conduct threat modeling for applications, APIs, and cloud environments. Collaborate with development teams to ensure secure application delivery. Stay updated on security trends and healthcare-specific compliance requirements. Qualifications: 6-10 years of experience in application security or vulnerability management. Hands-on with SAST/DAST tools, patching, and secure coding. Strong knowledge of API and cloud security. Healthcare IT experience preferred (HIPAA, HITRUST, or related frameworks). Excellent analytical and communication skills.

Compunnel Software Group is a New Jersey based premier information technology consulting & services company into this market for nearly two decades now; with close to two decades of experience in IT Industry which includes consulting, development, e-learning etc. Our company is going through a tremendous growth spurt and we are now interested in personnel like you to augment the work force in the company. We have several projects starting that we are staffing for. If you think you would like to become a consultant for Compunnel Software Group Inc ., please send me an updated copy of your resume along with a detailed summary of your work experience. I need a phone number to contact you. I look forward to possibly working with you on these positions. We offer specialized services to our clients to meet their business objectives. Successful solutions that are valued by our clients are in industry areas such as pharmaceuticals, telecommunications, banking, finance, manufacturing, publishing and consumer products. Job Description Position: Cloud Security Engineer Duration: 6+ months Location: St. Louis, MO, 63167 Must Have: Cloud Security Security Patches Cloud Security Automation Engineer Client is seeking a Cloud Security Automation Engineer with deep technical experience in securing cloud technologies. The successful candidate possesses out of the box thinking, the ability to collaboration with development team members, and experience with automation and solving end to end application/infrastructure security problems. Our mission is to design and build a highly secure cloud environment without sacrificing our developers' ability to quickly innovate and deliver world class software solutions. Responsibilities: • Define security best practices for our cloud platform and provide guidance to development teams. • Build tools to monitor for compliance of security policy and automate the resolution process. • Evangelize security throughout the enterprise and collaborate to help architect secure applications. • Research emerging technologies and build proof of concepts to investigate better ways of meeting our control objectives. • Collaborate with incident response, risk and compliance, product security and development teams to solve critical security problems. • Develop an AppSec pipeline and integrate it into the agile software development process. Required Qualifications: • BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field or equivalent experience. • At least 3 years of experience in Information Security and/or infrastructure engineering. • An accomplished security practitioner with a strong understanding of industry trends in all areas of security. • Experience with building IaaS cloud based solutions including AWS, Azure, etc.. and knowledge of their network security and IAM models. • Experience working with security vendors including evaluating and implementing new products. Desired Qualifications: • Expertise in common AWS services (CloudFormation, Route53, VPC, EC2, Lambda, etc...) and their security best practices. • Programming experience in JavaScript, Java, Scala, Python, Perl, Ruby, etc.. and their use in automating security and compliance. • Strong understanding of security technologies including host and network based protection and detection technologies. • Experience with vulnerability management (including: running vulnerability scans, creating reports, communicating with asset owners and giving remediation guidance). • Experience with continuous integration and automation tools (e.g. Jenkins, Chef, Puppet, Ansible). • Experience writing security white papers and/or presenting security products and technologies to diverse audiences. • CISSP or CSSLP (Certified Secure Software Lifecycle Professional) certification. Qualifications Must Have: Cloud Security Security Patches Additional Information All your information will be kept confidential according to EEO guidelines.

This role requires the ability to work lawfully in the U.S. without employment-based immigration sponsorship, now or in the future. is not eligible for immigration sponsorship. Spectrum's Product and Technology team creates, develops, and operates the nation's fastest mobile service, most reliable internet service, most viewed live TV app, and the most advanced WiFi, serving nearly 100 million users and 500 million devices. We are transforming the next era of connectivity and entertainment experiences. The diversity of experience available within Spectrum's Product and Technology team is unmatched and there are opportunities to grow your career as a designer, architect, engineer, developer, operator, or data scientist. We are creative, disciplined, hard-working, complex-problem solvers that believe in collaborating to deliver the highest quality customer experience. BE A PART OF THE CONNECTION As a Security Engineer IV on the Information Security Engineering team, you'll drive security engineering activities that monitor, detect and alert on potential security threats and vulnerabilities concerning company database and application software systems. You'll work closely with database admins and technical operations staff to coordinate and communicate incident and remediation efforts and incident status to management. MAJOR DUTIES AND RESPONSIBILITIES * Designs and implements queries and use cases to correlate security relevant system and application log data to alert and report on potential security events. * Leads the security incident response lifecycle for any cyber security related events affecting Charter's databases and services. * Responsible for providing timely updates to security management according to Charter's Incident Response Plan. * Leads efforts to integrate and maintain scanning services with SEIM, ASPM and vulnerability management systems. * Implements, maintains and monitors threat intelligence data from various resources that is relevant to Charter's networks and systems. * Proactively hunts for security related threats and vulnerabilities that potentially affect Charter's databases and services. * Develops and coordinates the implementation of security counter-measures with the appropriate organizations. * Develops and recommends security policies, standards, and configurations to the security governance committee. * Leads and performs the advanced forensics analysis and data evidence gathering for critical security events. * Recommends, designs and implements security systems and tools used for Database Security * Manages security scanning infrastructure and integrations, mentoring others on management and providing ongoing system support. * Develops security requirements for new projects and performs the security testing prior to going into production. * Ensures compliance with security standards, policies and procedures. * Adheres to industry specific local, state, and federal regulations, as applicable Required Qualifications Education: * Bachelor's Degree or Master's in Computer Science or Information Systems or related field or equivalent experience * Minimum five (5) years of Information security experience * Minimum four (4) years of Information security operations experience PREFERRED JOB QUALIFICATIONS: * Current security certifications, such as CISSP, CEH, or SANS GIAC. * Oracle Certified Professional - Oracle Database Security Expert * Computer forensics * Cyber Security Risk Management and assessment methodologies * Understanding of AWS and cloud infrastructure Abilities: * Ability to read, write, speak and understand the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straight-forward, and professional manner Skills: * Demonstrated knowledge of database management or database security * Experience with security scan assessment tools of Oracle, MSSQL, PostgreSQL or other relational or NoSQL databases. * Must understand what is required to prevent security exploits, how to detect security attacks and anomalies and how to respond to security incidents and intrusions * Expert knowledge of forensic methodologies and best practices to investigate intrusions, preserve evidence and coordinate a unified security response * Advanced knowledge of database management and administration. * Advanced knowledge of industry security standards and cyber security frameworks. * Demonstrated experience in managing information security events and incidents for large and sophisticated networks * Demonstrated leadership capabilities with the ability to work across functional boundaries, build consensus and drive results * Strong written and verbal communication skills and should have good presentation skills * Demonstrated understanding of file storage systems; block filesystems, NFS, S3 * Must be a problem solver, able to balance competing priorities, have a strong process orientation and be able to manage through complexity and rapid change Working Conditions: * Office Environment * Occasional off-hours incident response for critical security events. * May require some weekend and evening shift work for infrastructure administration * Minimal Travel Required SPECTRUM CONNECTS YOU TO MORE * Innovative Tools & Tech: Work with high-performing software and applications on the forefront of the digital telecommunications industry. * Dynamic Growth: The growth of our industry and evolving technology will power your career as you move up or around the company. * Supportive Teams: Who you are matters here. We aim to foster an inclusive workplace where every person is empowered to bring their best ideas. * Total Rewards: See all the ways we invest in you-at work and in life. #LI-SS5 #LI-SS5 ISE313 2025-62913 2025 Here, our employees don't just have jobs, they're building careers. That's why we offer a comprehensive pay and benefits package that rewards employees for their contributions to our success, supporting all aspects of their well-being at every stage of life. A qualified applicant's criminal history, if any, will be considered in a manner consistent with applicable laws, including local ordinances. Get to Know Us Charter Communications provides superior communication and entertainment products for residential and business customers through the Spectrum brand. Our offerings include Spectrum Internet, TV, Mobile and Voice. Beyond our connectivity solutions, we also provide local news, programming and regional sports via Spectrum Networks and multiscreen advertising solutions via Spectrum Reach. When you join our team, you'll be keeping our customers connected to what matters most in 41 states across the U.S. Watch this video to learn more. Grow Your Career Here We're committed to growing a workforce that reflects the customers and communities we serve - providing opportunities for employment and advancement to all team members. Spectrum is an Equal Opportunity Employer, including job seekers with disabilities and veterans. Learn about Life at Spectrum.

The Managed Service Security Engineer is responsible for monitoring, detecting, and responding to security incidents to protect client environments. This role involves the identification of vulnerabilities, analyzing security risks, responding to security operations service tickets, and implementing protective measures. The Security Engineer will also perform security audits, incident response, compliance-related activities and projects, and provide technical guidance and mentorship to analysts and support staff. PRINCIPAL DUTIES AND RESPONSIBILITIES: Client and Internal Support: Act as a point of contact and escalation to provide security-related support to clients and junior staff, addressing concerns, incidents, and queries in a timely manner. Security Monitoring: Configure and perform continuous security monitoring of client systems, networks, and applications for malicious activities or security breaches. Incident Response: Respond to security incidents, conduct investigations, containment, and remediation efforts to mitigate risks and protect client environments. Vulnerability Management: Identify, assess, and prioritize vulnerabilities in client systems, recommending and implementing mitigation strategies. Threat Intelligence: Utilize threat intelligence tools to identify potential risks and implement proactive defense recommendations. Compliance Support: Ensure client systems adhere to regulatory and compliance standards (e.g., PII, HIPAA, PCI-DSS) as required. Security Audits: Perform internal and external security audits, including the preparation, maintenance, and presentation of audit documentation. Documentation: Assist with the development and maintenance detailed records of security incidents, operational tasks, and system configurations in accordance with best practices. KNOWLEDGE, SKILLS AND ABILITIES: Education: Bachelor's degree in information technology, Computer Science, a related field, or additional years of relevant job experience. Experience: Minimum of 2-3 years of experience in an IT security or service role, preferably in a managed services environment. Certifications: Relevant certifications such as CASP+, CISSP, CEH, CompTIA Security+, or equivalent are preferred. Skills: Strong understanding of security frameworks (e.g., NIST, ISO 27001). Experience with security information and event management (SIEM) tools. Excellent analytical and problem-solving abilities. Strong communication and interpersonal skills for client-facing interactions. Ability to manage multiple security incidents and tasks simultaneously.

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

JOB TITLE: Product Security Engineering 2 PAY RATE: $53-67/hour We are a national aerospace and defense staffing agency seeking highly qualified candidates for a position with a top-tier client. Job Details: Job Type: Contract (12 months with potential for extension) Clearance: Active Top Secret U.S. Security Clearance required (must be active within the last 24 months) Industry: Aerospace / Defense / Aviation Benefits: Medical, dental, and vision (Cigna) Perks: Bonus potential + Priority access via Tier 1 supplier Openings Nationwide: Thousands of opportunities across the U.S. Qualifying Questions: Are you a U.S. person as defined under ITAR regulations? Do you meet the educational and experience requirements for this role? Can you commute to the job location or relocate if necessary? Summary: Assess organization-wide security and privacy risks, updating assessment results on an ongoing basis. Perform system analysis and develop system tests for cyber threats, cybersecurity evaluations, and large-scale event assessments. Ensure adherence to the product security engineering development lifecycle, emphasizing clear requirements development and verification (using CAMEO). Conduct criticality analyses, collaborate with suppliers, identify critical components, and integrate them into overall system designs. Perform cyber risk assessments and develop mitigation plans (e.g., POA&Ms, SCRM) using tools including but not limited to CAMEO. Support and facilitate ATO/IATT packages, including processing IAVMs and CTOs. Perform software assurance tasks, including developing software assurance risk reports. Support proposal development efforts (e.g., BOE generation, GR&A development, trade studies). Assist with the engineering installation and analysis of patches, updates, and upgrades to assess system impact. Attend and facilitate program boards, collect data, and manage project documentation and collaboration. Apply Security Technical Implementation Guides (STIGs) and manage Cyber Tasking Orders (CTOs). Document and verify all installation and configuration steps for labs and operational deliveries. Provide feedback to Cyber Leadership and engineers to improve tools and processes. Collaborate with Information System Security Officers (ISSOs) to ensure compliance with cybersecurity standards and regulations. Support cyber threat intelligence, scanning, patching, remediation, and tool/application development. Assist in compliance activities including TEMPEST, DFARS, COMSEC, and CNSSI. Develop tools for cyber forensics and identify opportunities for efficiency and productivity improvements. Perform system analysis trade studies to define technical concepts and solutions. Requirements: Active Top Secret U.S. Security Clearance required (must be active within the last 24 months) Bachelor's degree (or equivalent technical education) in engineering, engineering technology, computer science, data science, mathematics, physics, or chemistry. 2 or more years of related experience, or an equivalent combination of education and experience. Current DoD 8570 certification at IAT Level II / IAM Level I or higher (e.g., Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA). 1+ years of experience in product security or cybersecurity engineering. 1+ years of experience with cybersecurity frameworks (NIST, OWASP, DFARS). Strong analytical, collaboration, communication, and organizational skills. ABET accreditation preferred but not required. Must be a U.S. Citizen (as defined by ITAR). Preferred Qualifications: Proficiency with CAMEO. 2+ years of Windows/RHEL system administration experience, including tuning and troubleshooting cyber tools (ESS/HBSS, ConfigOS, Splunk, etc.). 2+ years of experience configuring and scripting audit tools. Experience with Software Assurance (SwA) static and/or dynamic code analysis tools (e.g., Fortify). Familiarity with FISMA/RMF and NIST 800-53 requirements. Experience leading cyber test and evaluation at system or component level. Strong written and verbal communication skills with the ability to simplify complex technical issues. Understanding of DoD defense systems architectures, communications systems, and test/data analysis methods. About Us: The Structures Company is a premier national aerospace and defense staffing agency specializing in contract, contract-to-hire, and direct hire placements. We deliver expert workforce solutions across engineering, IT, production, maintenance, and support roles. As trusted partners to major aerospace OEMs and Tier 1 suppliers, we connect professionals with opportunities to grow and excel in the aviation and aerospace industries. Eligibility Requirements: Must be a U.S. Citizen, lawful permanent resident, or protected individual under 8 U.S.C. 1324b(a)(3) to comply with ITAR regulations. Keywords: aerospace, aviation, engineering, maintenance, aircraft design, defense Take your career to new heights-apply today! Engineers - #Hotjobs

Join our dynamic and thriving company as a Data Security Analyst in St. Louis, MO where you'll have the opportunity to make an impact and shape the future of our renowned brands. If you have a passion for fashion, eager to learn and have an eye for detail, this is the perfect role for you! As a member of our team, you'll be part of a company that values results, caring and learning. What You'll Be Doing Monitor security service performance and availability: Provide recommendations on security equipment, software, and services On-going investigation: Inspect information security alarms and events to determine vulnerability and impact Implement processes: Put forth structured risk assessment processes, conducting ongoing threat and vulnerability assessments, and evaluating controls and countermeasures to mitigate risk Participate in architecture reviews: Ensure adherence to information security architecture Develop processes: Create plans for preventing, detecting, identifying, analyzing and responding to information security incidents Design and deliver programs: Create education and training programs on information security and privacy matters The Timberline Group Phone: ************ PO Box 565, Sullivan, Mo 63080 ********************* ************************* "Delivering quality solutions through quality people"

Implement fine-grained access controls for PHI/PII Automate data classification, configure security monitoring Ensure compliance, test/validate security controls We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ********************.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: **************************************************** Skills and Requirements Start by December 1 Onsite in Hyderabad 4 days/week 5+ years cloud security (2+ years data security) Strong GCP security, BigQuery, DLP, KMS, SIEM, healthcare/HIPAA experience Security certifications (CISSP, CHC, GCP Security Engineer) Zero Trust, DevSecOps, container security

**Our Purpose** _Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._ **Title and Summary** Information Security Operations Analyst II Overview The Security Awareness team is looking for an Information Security Operations Analyst II to drive continued improvements to the education and training offerings we have for our Mastercard colleagues. Our award winning SecurIT First program must continue to remain relevant and effective in how we keep security awareness top of mind for all employees and contingent staff. The ideal candidate is passionate about the internal customer experience, is highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In this Security Awareness position, you will: - Liaise between the Security Awareness team and all others at Mastercard. - Build new content and design awareness events to positively impact the security behaviors of Mastercard staff. - Partner with external providers to deliver effectives solutions with quality and integrity. - Manage our collaboration with the M&A Team and manage all Audit and Regulatory requests that come into our team. All About You The ideal candidate for this position should: - Possess advanced knowledge in security awareness concepts and principals. - Be comfortable meeting with business leaders to discuss and educate their teams about the desired security behaviors and how to influence and improve those behaviors. - Be able to identify appropriate security awareness solutions to further reduce the human risk at Mastercard. - Analyze, recognize and escalate trends in security behaviors and identify ways to improve our offerings. - Lead vendor relationships with those providers of contract solutions for the Security Awareness program. - A professional certification in Security Awareness is not required but highly encouraged. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard's security policies and practices; - Ensure the confidentiality and integrity of the information being accessed. - Report any suspected information security violation or breach. - Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. **Corporate Security Responsibility** All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: + Abide by Mastercard's security policies and practices; + Ensure the confidentiality and integrity of the information being accessed; + Report any suspected information security violation or breach, and + Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. **Pay Ranges** O'Fallon, Missouri: $76,000 - $127,000 USD

We are looking for experienced Vulnerability Development / Security Engineers with a background in healthcare IT to join our security team. You will focus on identifying, assessing, and remediating vulnerabilities across applications and cloud environments. Responsibilities: Conduct SAST and DAST scans and manage vulnerability remediation. Perform secure code reviews and implement best practices in Java and Python. Conduct threat modeling for applications, APIs, and cloud environments. Collaborate with development teams to ensure secure application delivery. Stay updated on security trends and healthcare-specific compliance requirements. Qualifications: 6-10 years of experience in application security or vulnerability management. Hands-on with SAST/DAST tools, patching, and secure coding. Strong knowledge of API and cloud security. Healthcare IT experience preferred (HIPAA, HITRUST, or related frameworks). Excellent analytical and communication skills.

Collabera is ranked amongst the top 10 Information Technology (IT) staffing firms in the U.S., with more than $550 million in sales revenue and a global presence that represents approximately 12,000+ professionals across North America (U.S., Canada), Asia Pacific (India, Philippines, Singapore, Malaysia) and the United Kingdom. We support our clients with a strong recruitment model and a sincere commitment to their success, which is why more than 75% of our clients rank us amongst their top three staffing suppliers. Not only are we committed to meeting and exceeding our customer's needs, but also are committed to our employees' satisfaction as well. We believe our employees are the cornerstone of our success and we make every effort to ensure their satisfaction throughout their tenure with Collabera. As a result of these efforts, we have been recognized by Staffing Industry Analysts (SIA) as the “Best Staffing Firm to Work For” for five consecutive years since 2012. Collabera has over 40 offices across the globe with a presence in seven countries and provides staff augmentation, managed services and direct placement services to global 2000 corporations. For consultants and employees, Collabera offers an enriching experience that promotes career growth and lifelong learning. Visit ***************** to learn more about our latest job openings. Awards and Recognitions --Staffing Industry Analysts: Best Staffing Firm to Work For (2016, 2015, 2014, 2013, 2012) --Staffing Industry Analysts: Largest U.S. Staffing Firms (2016, 2015, 2014, 2013) --Staffing Industry Analysts: Largest Minority Owned IT Staffing Firm in the US. Job Description Responsibilities: Performs focused risks assessments of existing or new services and technologies (both internal and external) by utilizing questionnaires, surveys, interviews and observations and reviewing documentation to identify and evaluate risk scenarios. Communicates risk assessment findings to information security “customers,” or business partners.Provides consultative advice to information security customers that enables them to make informed risk management decisions.Identifies appropriate controls to effectively manage information risks as needed.Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.Maintains strong working relationships with individuals and groups involved in managing information risks across the organization Qualifications Required Skills/Experience • 3+ years of work experience in information security, especially in an Information Risk Analysis, Enterprise Risk Management (ERM), and/or IT Audit role • Knowledge of quantitative and qualitative risk evaluation methods • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one • An ability to effectively influence others to modify their opinions, plans, or behaviors • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one's network within an organization • Open and able to apply original and innovative thinking to produce new ideas and create innovative products in an environment that embraces continuous improvement Additional Information To set up an inerview for this position, feel free to contact: Imran Malek ************ *******************************

Job Description Assignment Overview: The senior Contractor CI Cyber Threat Analyst will ensure all required reports are complete with minimal errors and that all processes, activities, and reports are conducted within established time frames. will also ensure analysts are trained in and follow current standard operating procedures. They will contribute to the following annual production requirements: Duties: Produce weekly actionable Technical CI (Cyber) status reports in collaboration with teammates, NGA partners and intelligence community peers, as necessary. Provide relevant input for the CI Cyber Branch to create 36 weekly cyber status reports, each report due NLT 0800 each Monday morning. Status reports will include (as applicable): Threat data collected and reported by NGA Technical CI team and network security personnel. Intelligence reported by the Intelligence Community. Fusion of all source threat analysis derived from multiple intelligence sources (INTs). Imagery when available. Information that can be used to inform security decisions. Produce monthly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide a monthly threat report for the months not falling on the quarterly report month or the annual report month. Provide relevant input for the CI Cyber Branch to create 8 monthly reports, each report due NLT 5th day of each applicable month. Threat reports should include: Compilation of data collected and reported in weekly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decision makers. Produce quarterly Technical CI threat reports in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. Provide relevant input for the CI Cyber Branch to create three quarterly reports, each report due NLT 5th day of January, April, and July. Threat reports should include: Compilation of data collected and reported in weekly and monthly products. Intelligence reported by the Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Depiction of Technical CI threat(s) to NGA to inform security decisions. Produce relevant input to the CI Cyber Branch annual Cyber Threat Assessment in collaboration with teammates, NGA partners and Intelligence Community peers as necessary. The annual Cyber Threat Assessment is due NLT 1 1 December. Threat studies should include: Compilation of data collected and reported in Intelligence Information Reports (IIRs) and quarterly products. Raw and finished Intelligence reported by Intelligence Community. Fused All Source threat analysis derived from multiple INTs. Include imagery when available. Analytic judgments, intelligence gaps, and overall technical threat(s) to NGA. Produce IIRs from data collected and reported by either the Technical CI team, NGA cyber security personnel, or partner agencies. Provide a minimum of 9 IIRs within Fiscal year. Effective IIR writing requires: Coordination with teammates and stakeholders to ensure accuracy of reported information. Cross referencing local information reporting with Intelligence Community reporting. Clear and concise writing to briefly convey threat. Responsiveness to Intelligence Community priority collections requirements. Timeliness. Perform inquiries of anomalous activity using automated investigative tools (For example: M3, Palantir, TAC, ARCSIGHT, RSA Security Analytics, CCD, QLIX, TIDE, or Criss Cross). Provide Technical CI advise and expertise in support of CI inquiries, operations and issues. Develop leads by detecting anomalous activity, conducting open source and classified research, and liaison with internal and external partners. Conduct research, evaluate collection, and perform analysis on Technical CI intelligence topics of interest to leadership, analysts and customers. Demonstrate an ability to draw high-quality, appropriate and objective conclusions from information in a timely manner. Research, analyze, and synthesize All-Source data to identify patterns, commonalities, and linkages. Demonstrate current subject matter expertise on Technical CI issues, threats and trends. (For example: Cyber threats and Technical Surveillance threats). Demonstrate and master the ability to self-edit and produce clearly written, properly sourced and grammatically correct intelligence products that adhere to established style guide and template standards. Demonstrate proficiency in use of bottom-line-up-front (BLUF) writing. Display an ability to collaborate with internal NGA and external IC/Cyber community members. Coordinate CI Cyber activities originating from Enterprise Incident Response Events. Conduct liaison between CI Office, Insider Threat, Cyber Security Operations Center (CSOC), other NGA Offices, and IC/DoD partners as applicable to conducting the CI Cyber Mission. Perform threat analysis, threat forecasts, threat alerts, and recommend countermeasures. Skills and Experience Required: Shall possess a minimum of 11 years Threat Analysis experience, of which at least 5 of those years include Technical Threat Analysis experience or cyber investigations. Possess or obtain certification to comply with DoD 8570.01-M Information Assurance (IA) requirements within one calendar year of assignment at the sole expense of the vendor. Shall possess or obtain and maintain IA II certification. See DoD 8570.01-M for acceptable certifications for each IA level. Desired: Be a credentialed graduate of an accredited federal or DoD CI training academy. Possess a Bachelor's degree in Science, Technology, Engineering, or Mathematics disciplines. Possess post-graduate degree in Science, Technology, Engineering, or Mathematics disciplines. Possess knowledge and understanding of foreign adversaries' security and intelligence services, terrorist organizations, and threats posed to US Gov. Experience translating Government vision into understandable and achievable measures. Experience in using supervisory skills to coach teammates to achieve objectives. Monitor and track progress toward achievable measures.

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Information Security Operations Analyst IIOverview The Security Awareness team is looking for an Information Security Operations Analyst II to drive continued improvements to the education and training offerings we have for our Mastercard colleagues. Our award winning SecurIT First program must continue to remain relevant and effective in how we keep security awareness top of mind for all employees and contingent staff. The ideal candidate is passionate about the internal customer experience, is highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In this Security Awareness position, you will: • Liaise between the Security Awareness team and all others at Mastercard. • Build new content and design awareness events to positively impact the security behaviors of Mastercard staff. • Partner with external providers to deliver effectives solutions with quality and integrity. • Manage our collaboration with the M&A Team and manage all Audit and Regulatory requests that come into our team. All About You The ideal candidate for this position should: • Possess advanced knowledge in security awareness concepts and principals. • Be comfortable meeting with business leaders to discuss and educate their teams about the desired security behaviors and how to influence and improve those behaviors. • Be able to identify appropriate security awareness solutions to further reduce the human risk at Mastercard. • Analyze, recognize and escalate trends in security behaviors and identify ways to improve our offerings. • Lead vendor relationships with those providers of contract solutions for the Security Awareness program. • A professional certification in Security Awareness is not required but highly encouraged. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard's security policies and practices; • Ensure the confidentiality and integrity of the information being accessed. • Report any suspected information security violation or breach. • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: Abide by Mastercard's security policies and practices; Ensure the confidentiality and integrity of the information being accessed; Report any suspected information security violation or breach, and Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $76,000 - $127,000 USD

Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Information Security Operations Analyst II Overview The Security Awareness team is looking for an Information Security Operations Analyst II to drive continued improvements to the education and training offerings we have for our Mastercard colleagues. Our award winning SecurIT First program must continue to remain relevant and effective in how we keep security awareness top of mind for all employees and contingent staff. The ideal candidate is passionate about the internal customer experience, is highly motivated, intellectually curious, analytical, and possesses an entrepreneurial mindset. Role In this Security Awareness position, you will: * Liaise between the Security Awareness team and all others at Mastercard. * Build new content and design awareness events to positively impact the security behaviors of Mastercard staff. * Partner with external providers to deliver effectives solutions with quality and integrity. * Manage our collaboration with the M&A Team and manage all Audit and Regulatory requests that come into our team. All About You The ideal candidate for this position should: * Possess advanced knowledge in security awareness concepts and principals. * Be comfortable meeting with business leaders to discuss and educate their teams about the desired security behaviors and how to influence and improve those behaviors. * Be able to identify appropriate security awareness solutions to further reduce the human risk at Mastercard. * Analyze, recognize and escalate trends in security behaviors and identify ways to improve our offerings. * Lead vendor relationships with those providers of contract solutions for the Security Awareness program. * A professional certification in Security Awareness is not required but highly encouraged. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: Abide by Mastercard's security policies and practices; * Ensure the confidentiality and integrity of the information being accessed. * Report any suspected information security violation or breach. * Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. Mastercard is a merit-based, inclusive, equal opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. We hire the most qualified candidate for the role. In the US or Canada, if you require accommodations or assistance to complete the online application process or during the recruitment process, please contact reasonable_accommodation@mastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: * Abide by Mastercard's security policies and practices; * Ensure the confidentiality and integrity of the information being accessed; * Report any suspected information security violation or breach, and * Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. In line with Mastercard's total compensation philosophy and assuming that the job will be performed in the US, the successful candidate will be offered a competitive base salary and may be eligible for an annual bonus or commissions depending on the role. The base salary offered may vary depending on multiple factors, including but not limited to location, job-related knowledge, skills, and experience. Mastercard benefits for full time (and certain part time) employees generally include: insurance (including medical, prescription drug, dental, vision, disability, life insurance); flexible spending account and health savings account; paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave); 80 hours of Paid Sick and Safe Time, 25 days of vacation time and 5 personal days, pro-rated based on date of hire; 10 annual paid U.S. observed holidays; 401k with a best-in-class company match; deferred compensation for eligible roles; fitness reimbursement or on-site fitness facilities; eligibility for tuition reimbursement; and many more. Mastercard benefits for interns generally include: 56 hours of Paid Sick and Safe Time; jury duty leave; and on-site fitness facilities in some locations. Pay Ranges O'Fallon, Missouri: $76,000 - $127,000 USD