Security engineer jobs in Grand Junction, CO

Who Is Elementum? Elementum is the innovative startup that's using AI Driven Workflows so that businesses can operate faster, smarter, and cheaper. Elementum's unique IP allows its platform to run natively inside its customers' own data clouds, enabling instant automation without any integrations or APIs. It's also fully pre-integrated with all of the leading public and private AI/ML/LLMs, making it the only choice for secure, AI-driven automation. Industry leaders like Sanofi, Under Armour, and Snowflake are using AI Driven Workflows to transform their operations to increase productivity, delight customers, and capture market share. Job Scope Elementum is looking for an experienced Information Security Analyst to join our team. This role is a key driver of Governance, Risk, and Compliance (GRC) efforts, responsible for implementing and maintaining the organization's security program, with a special focus on securing our AI-Driven Workflow platform and its native execution environment. The Information Security Analyst will interface directly with various teams and support security compliance efforts across the company and its products. This role reports to the company's Senior Audit Manager. What You'll Do Vendor Risk Management (VRM): Conduct thorough security assessments of third-party vendors, partners, and suppliers, particularly those providing AI/ML/LLM services or data cloud infrastructure, to identify potential risks and vulnerabilities. Risk & Compliance: Operate and enhance Elementum's risk management processes by conducting comprehensive risk assessments of the Elementum platform's native data cloud deployment model and developing supporting documentation. Collaborate closely with internal Engineering and Product teams to ensure the security and compliance of the AI-Driven Workflow features and the native execution environment. Engage with internal and external stakeholders to assess the functionality of key information security controls related to vendor or in-house developed software/systems. Analyze security reports, vulnerability scans, and other relevant data to make informed decisions and recommendations for improving the security posture of our platform. Manage security issues and tasks assigned to vendors to closure, actively reducing associated security risks. Complete detailed customer security and compliance questionnaires to offer assurance of Elementum's security posture regarding data cloud security, access control, and AI governance. Identify improvement opportunities and provide strategic feedback to senior team members and management regarding the evolving security landscape in the AI and Data Cloud space. Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices related to LLM security, data cloud governance (e.g., Snowflake, Databricks, etc.), and data privacy regulations (GDPR, CCPA). Assist in the creation and maintenance of documentation related to third-party security assessments and internal compliance processes. You Should Have 2-3 years of experience in vendor risk, compliance, or security roles with hands-on experience in third-party security risk management. Strong familiarity with ISO 27001 and SOC 2 (given the enterprise focus), and some familiarity with other relevant security frameworks such as NIST CSF & 800-53, SOX, SOC1, HITRUST/HIPAA, GDPR, CCPA, GxP, etc. Demonstrable knowledge of or direct experience working with Cloud security and governance (AWS, Azure, GCP) and data cloud environments (Snowflake, Databricks). Bachelor's degree in an IT-related field, cyber security, or equivalent experience. 2+ years of project management experience, preferably involving security compliance initiatives. Experience in external or internal security audit/compliance activities. Strong knowledge of risk management methods, standards, processes, governance models, and industry-standard risk analysis approaches. Excellent written and verbal communication skills with the ability to present complex GRC and technical security information clearly to executives and customers. Ability to think both strategically and tactically in a high-energy, fast-paced environment. Proven ability to take ownership, self-motivate, and deliver results in ambiguous environments. Nice to Have Certifications: CRISC, CISA, or equivalent. Prior experience in a startup or high-growth company operating in the AI/ML or Data Cloud space. Understanding of working in regulated environments such as GDPR, CCPA, or HIPAA. Competitive Benefits Medical, dental, and vision coverage 401k matching Flexible vacation policy Engage with (and give high-fives to) senior management regularly Get in on the ground floor of a huge opportunity

Director of Information Security - Growth Opportunity | Private-Equity Backed Expansion | Denver, CO (Hybrid) Permanent | Career-Defining Leadership Role Are you ready to build and lead an enterprise-wide cybersecurity program for a rapidly growing organization backed by a top-tier private equity firm? This is your chance to take the helm as the senior cybersecurity leader, reporting directly to the CIO and driving information security strategy, governance, and cultural transformation across North America. As the Director of Information Security, you will own the vision and execution of cybersecurity, ensuring regulatory compliance, managing risk across a decentralized environment, and partnering with leaders to enable secure innovation during a period of high-velocity expansion. Why This Opportunity? ✔ High-growth environment supported by significant PE investment ✔ Direct influence and visibility at the C-suite level ✔ Lead the evolution of cybersecurity across cloud, apps, and OT/field operations ✔ Build and optimize modern security capabilities and partnerships ✔ Competitive salary + strong benefits + leadership runway In This Role, You Will: 🔹 Define and execute cybersecurity strategy aligned to NIST CSF 2.0 & CIS Controls 🔹 Lead incident response, major investigations, and threat-mitigation actions 🔹 Oversee SOC/MDR operations, vulnerability management, and DR/BCP readiness 🔹 Govern third-party risk, security tooling, and architecture standards 🔹 Ensure compliance with PCI, CJIS, CPRA/CCPA/CPA and other regulatory requirements 🔹 Champion a security-first culture across IT & business units 🔹 Deliver measurable improvements in enterprise cyber risk posture Key tooling exposure includes: Rapid7, SentinelOne, Checkpoint Harmony, KnowBe4, DLP/SASE/CASB/PAM platforms, firewall & access governance, cloud security technologies, and more. What You Bring: ✔ 8+ years of progressive InfoSec leadership experience ✔ Proven success building security programs in regulated or M&A-intense environments ✔ Strong command of governance, risk, compliance, and cloud security ✔ Certifications such as CISSP / CISM strongly preferred ✔ Influential communication & business-alignment skills ✔ Ability to lead through change and build trust at every level Note: Only candidates authorized to work in the U.S. for any employer without current or future sponsorship will be considered, as sponsorship is not available at this time. Location & Work Style: Denver, Colorado HQ Hybrid (on-site presence required to collaborate with executive leadership & teams) Compensation & Benefits: $180K - $210K base + competitive bonus and perks Full medical, dental, vision, life + 401(k) with company match Join a company committed to safety, operational excellence, and innovation Leadership growth aligned with continued PE-backed expansion Ready to Lead What's Next in Cybersecurity? If you're energized by transformation, influence, and the ability to directly impact business outcomes - let's talk. Express your interest for a confidential conversation. Empower your next chapter… and help enable a more secure and resilient future.

One of our clients is urgently looking for a Network Sophos Engineer. Scope of Work: Firewall Connectivity: Internet will be connected through Sopho firewall. Connect communications room switch to firewall. Switching and Wireless Infrastructure Refresh: Install switching infrastructure with a combination of 3-6 new Meraki switches and 6 wireless access points - physically mount 6 Aps (3 indoor and 3 outdoor) and fully configure each AP. Responsibilities: Conduct a detailed design workshop to capture specific customer requirements and translate them into technical design criteria. Examples include Meraki Switch Configure stacking Spanning tree on Switches LACP port channels for peers and access switches Verify and monitor. Configure VLANS Must-to-Have Skills: Hands-on experience with the following skills Installation and configuration of Sopho's Firewall Installation and configuration of Meraki switches and wireless access points Detail expertise with VLANS

Requirements 7+ years of experience as a network engineer (Cisco, route/switch, BGP, overlay and underlay) Load balancer experience (very important). This team uses A10 and F5. Automation experience; this team uses Python for automation YAML (to define, configure, and automate network infrastructure) Git for network configurations Intangibles: Excellent communications kills Humble and hard-working personality Beacon Hill is an equal opportunity employer and individuals with disabilities and/or protected veterans are encouraged to apply. California residents: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. If you would like to complete our voluntary self-identification form, please click here or copy and paste the following link into an open window in your browser: ***************************************** Completion of this form is voluntary and will not affect your opportunity for employment, or the terms or conditions of your employment. This form will be used for reporting purposes only and will be kept separate from all other records. Company Profile: Beacon Hill Technologies, a premier National Information Technology Staffing Group, provides world class technology talent across all industries utilizing a complete suite of staffing services. Beacon Hill Technologies' dedicated team of recruiting and staffing experts consistently delivers quality IT professionals to solve our customers' technical and business needs. Beacon Hill Technologies covers a broad spectrum of IT positions, including Project Management and Business Analysis, Programming/Development, Database, Infrastructure, Quality Assurance, Production/Support and ERP roles. Learn more about Beacon Hill and our specialty divisions, Beacon Hill Associates, Beacon Hill Financial, Beacon Hill HR, Beacon Hill Legal, Beacon Hill Life Sciences and Beacon Hill Technologies by visiting ************* Benefits Information: Beacon Hill offers a robust benefit package including, but not limited to, medical, dental, vision, and federal and state leave programs as required by applicable agency regulations to those that meet eligibility. Upon successfully being hired, details will be provided related to our benefit offerings. We look forward to working with you. Beacon Hill. Employing the Future™

No C to C or Sponsorship About the Opportunity Solu Technology Partners is seeking a Systems Engineer on behalf of a leading North American beverage manufacturing and distribution enterprise operating across 13 states and supporting more than 8,000 employees. This role bridges the gap between Systems Administrators and Systems Architects-working on advanced technical challenges while shaping scalable, reliable infrastructure solutions. The ideal candidate is strong in network infrastructure, security, and systems engineering, with excellent analytical and communication skills. Why You'll Love This Opportunity This role offers a competitive compensation and benefits package designed to support your overall well-being, including: Multiple medical plan options, plus dental and vision 401(k) with company match Health Savings Account with company match Relocation assistance Free virtual primary care, acute care, and physical therapy Employee Assistance Program Company-paid vacation, holidays, sick time, bereavement, disability leave, parental leave, and volunteer time Discounted and complimentary product offerings Tuition reimbursement Opportunities for career development and advancement Opportunities to support local community initiatives Note: Enrollment in a company-sponsored medical plan may be required for certain benefits. Role Summary As a Systems Engineer, you will design, implement, and optimize core IT infrastructure to support mission-critical operations. You will engineer solutions across servers, storage, OT systems, virtualization, and network environments-while ensuring performance, resilience, and security. This is a hands-on technical role with opportunities to influence architecture, mentor team members, and drive continuous improvement. Key Responsibilities Design, implement, and manage complex IT systems including servers, storage, and network infrastructure Manage and support OT-related systems to ensure maximum uptime and reliability Maintain and update system configuration and process documentation Monitor system performance and implement improvements for efficiency and reliability Contribute to the development and deployment of new technologies and solutions Ensure adherence to security and compliance standards across all systems Collaborate with Systems Administrators to troubleshoot and resolve advanced technical issues Provide technical guidance and mentorship to junior team members Participate in disaster recovery planning, testing, and execution Conduct regular system audits and generate health/performance reports Work with vendors and internal stakeholders to ensure optimal system operations Required Qualifications Bachelor's degree in Information Technology, Computer Science, or related field Relevant certifications preferred (e.g., Microsoft Certified: Azure Administrator Associate - AZ-104) 3+ years of experience in IT systems administration and engineering Experience with Windows and Linux operating systems Experience with virtualization technologies such as Azure, Hyper-V, VMware, or Azure Local

Prominent is assisting our client with a contract to hire opportunity for an Azure Network Engineer onsite in Greenwood Village, CO or Omaha, NE. The Azure Network Engineer is responsible for designing, implementing, and maintaining Azure networking solutions. This role involves optimizing performance, resiliency, scale, and security of Azure networking solutions. The engineer proactively monitors network environments to identify issues and minimize risks and resolves connectivity issues. No visa sponsorship is available for this opportunity! C2C or 1099 not available for this opportunity! Relocation assistance not available. An Azure Network Support Engineer should have expertise in: Core Network Infrastructure: Understanding of virtual networks, subnets, and network security groups. Hybrid Connectivity: Experience with VPNs, ExpressRoute, and other connectivity solutions. Application Delivery Services: Knowledge of load balancers, application gateways, and traffic managers. Private Access to Azure Services: Implementing private endpoints and service endpoints. Network Security: Implementing firewalls, network security groups, and other security measures. Microsoft Certified: Azure Network Engineer Associate certification is recommended.

RELOCATION ASSISTANCE: Relocation assistance may be available CLEARANCE TYPE: SecretTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history. Join Northrop Grumman on our continued mission to push the boundaries of possible across land, sea, air, space, and cyberspace. Enjoy a culture where your voice is valued and start contributing to our team of passionate professionals providing real-life solutions to our world's biggest challenges. We take pride in creating purposeful work and allowing our employees to grow and achieve their goals every day by Defining Possible. With our competitive pay and comprehensive benefits, we have the right opportunities to fit your life and launch your career today. Northrop Grumman Defense Systems is seeking a Systems Security Engineer, (Level 2), that will support the Sentinel (GBSD) program performing Hardware Assurance. This position will be located in Roy, UT and will support the Ground Based Strategic Deterrent (GBSD) program. The Mission Defense Team (MDT) is seeking a highly motivated and qualified system engineer to serve as a Hardware Assurance Engineer, Level 2. You will be responsible for assessing and prioritizing a broad spectrum of hardware security threats. Key protection activities will involve vendor research, hardware assurance, program protection, counterfeit prevention, and supply chain security. Additional Responsibilities include: Assessment and analysis of threats, vulnerabilities, and risk for identified mission-critical functions and critical components Support courses of action based on knowledge and experience, initiative, guidance, and established regulations and policies Research, analyze data, and derive facts per identified vulnerabilities Participate in a variety of working groups and customer meetings; ensure communication of risk environment with stakeholders Contributes to program plans, goals, objectives, and milestones to for Hardware Assurance Review technical security assessments of SSE environments to identify points of vulnerability, non-compliance with established standards and regulations and recommended mitigation strategies Execute completion Statement of Work requirements, Program Milestone Exit Criteria, and program maturity commitments Ensure the architecture and design of systems are functional and secure; support the design, development, implementation, and integration of security systems and system components Self-starters compelled to take action in the workplace without requiring prompting from supervisors Support MDT with other duties as assigned In addition to technical skills, you will be a self-starter with strong time management skills. Your organizational skills and ability to anticipate future challenges will serve you well Basic Qualifications Must be a US Citizen with an active DoD Secret Clearance, at time of application, current and within scope, with an investigation date within the last 6 years Must have the ability to obtain and maintain Special Access Program (SAP) approval within a reasonable period of time, as determined by the company to meet its business need Requires a bachelor's degree in a STEM (Science, Technology, Engineering or Mathematics) discipline from an accredited university and 2 years of related experience; or a master's degree with 1 year Minimum 2 years of applying and understanding Systems Security Engineering principles applicable to US Government Defense Programs Minimum 2 years in showing the ability to communicate effectively and clearly present technical approaches and findings Experience in any of the full product life cycles of: ASIC Design, FPGA Design Experience in HDL (VHDL/Verilog), implementing designs using RTL Ability to show self as team player, able to multi-task, able to generate quality work products independently, able to make excellent judgement and show interpersonal skills Preferred Qualifications Degree in Aerospace Engineering, Systems Engineering, Mechanical Engineering, Software Engineering, or similar ICBM Experience Experience developing Systems Security Engineering requirements for hardware and software assurance Evaluating program processes and compliance strategies for large, complex multi-site programs Demonstrated experience and familiarity with vulnerability management Experience with Model-based Systems Engineering (MBSE) concepts and tools A solid understanding of Program Protection applicable to US Government Defense Programs and applied knowledge in the application of SSE principles across a broad spectrum of security measures (Cybersecurity, Counterfeit Awareness, Anti-Tamper, HW/SW Assurance, OPSEC, etc.) to protect critical program information (CPI) Top Secret clearance Position Benefits As a full-time employee of Northrop Grumman, you are eligible for our robust benefits package including: Medical, Dental & Vision coverage 401k Educational Assistance Life Insurance Employee Assistance Programs & Work/Life Solutions Paid Time Off Health & Wellness Resources Employee Discounts ****************************************************************** This position's standard work schedule is a 9/80. The 9/80 schedule allows employees who work a nine-hour day Monday through Thursday to take every other Friday off. This role may offer a competitive relocation assistance package. #Sentinelsystems Primary Level Salary Range: $77,200.00 - $115,800.00The above salary range represents a general guideline; however, Northrop Grumman considers a number of factors when determining base salary offers such as the scope and responsibilities of the position and the candidate's experience, education, skills and current market conditions.Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. Employees in Vice President or Director positions may be eligible for Long Term Incentives. In addition, Northrop Grumman provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays and paid time off (PTO) for vacation and/or personal business.The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.Northrop Grumman is an Equal Opportunity Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO and pay transparency statement, please visit *********************************** U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

Denver, Colorado;Seattle, Washington; Jacksonville, Florida; Addison, Texas; Jersey City, New Jersey; Boston, Massachusetts; Charlotte, North Carolina; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (*********************************************************************************************** **:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! **Job Description:** Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the security resilience of the bank's applications to malicious hacking activity. This senior technical role is responsible performing and leading ethical hacking assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include leading and performing research, understanding the bank's security policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. These individuals are expected to perform application security-oriented dynamic and static assessments across a multitude of technologies including web UI, web APIs, mobile and cloud, including associated source code. Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior. + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing to identify high-value vulnerabilities/chained attacks. + Developing Proof-of-concepts for exploitation. + Perform assessments of the security, effectiveness, and practicality of multiple technology systems. + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. + Prepare and present detailed technical information for various media including documents, reports, and notifications. + Provide clear and practical advice regarding managing risks. + Learn and develop advanced technical and leadership skills, mentor Junior and Intermediate assessors in technical tradecraft and soft skills. + Respond to security incidents and provide technical assistance to leadership across the Information Security organization. Required Skills: + Minimum of 5+ years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment + Detailed technical knowledge in at least 5 of the following areas: + security engineering + application architecture + authentication and security protocols + application session management + applied cryptography + common communication protocols + mobile frameworks + single sign-on technologies + exploit automation platforms + Web APIs + Cloud environments + LLM security + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with DAST and SAST tools to identify vulnerabilities + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques. + Solid programming/debugging skills, development frameworks, CVE and CWE research/reproduction + Threat Analysis, threat modelling and SBOM analysis + Innovative thinking, threat actor simulation + Technology Systems Assessment + Technical Documentation + Advisory Desired: + CEH, OSCP/OSCE/OSWE/GXPN/GPEN/GWAPT/GMOB/All Practitioner Certs [Port Swigger BSP Academy]/Cloud Cert(s)/ eWPT; eWPTX; eMAPT [INE Pentester Academy] + Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

**Posting Title** Classification Information Security Analyst . . Type** Regular . **Hours Per Week** 40 . **Working at NLR** NLR is located at the foothills of the Rocky Mountains in Golden, Colorado is the nation's primary laboratory for energy systems research and development. Join the National Laboratory of the Rockies (NLR), where world-class scientists, engineers, and experts are accelerating energy innovation through breakthrough research and systems integration. From our mission to our collaborative culture, NLR stands out in the research community for its commitment to an affordable and secure energy future. Spanning foundational science to applied systems engineering and analysis, we focus on solving complex challenges to deliver advanced, secure, reliable, and cost-effective energy solutions. Our work helps strengthen U.S. industries, support job creation, and promote national economic growth. At NLR, you'll find a mission-driven environment supported by state-of-the-art facilities, multidisciplinary research teams, and strong collaborations with industry, academia, and other national laboratories. We offer robust professional development opportunities, and a competitive benefits package designed to support your career and well-being. **Job Description** The Office of Laboratory Protection (LP) is an organization focused on providing a secure, safe, and resilient NLR community. LP supports more than 4,000 staff located at four sites and the associated infrastructure. LP is comprised of a team of highly skilled managers and technical subject matter experts dedicated to personnel security, physical security, access control, information security, foreign national access management, emergency management, and protective force operations. The Safeguards & Security Group Manager is seeking a skilled and motivated Classification Information Security Analyst to join our team. This pivotal role is primarily responsible for the continued implementation and management of the Controlled Unclassified Information (CUI) program, while also supporting Classified Matter Protection and Control (CMPC), and Operations Security (OPSEC) programs as necessary. The successful candidate will ensure that CUI requirements are integrated into organizational operations and information management processes. This role requires close collaboration with Legal, Export Control, Business Development, Information Governance, IT, and other stakeholders to ensure compliance with DOE and other federal agencies information protection policies. Responsibilities include: **Policy Expertise:** + Maintain up-to-date knowledge of federal OPSEC, CUI, and Classification policies, laws, and regulations. **Program Management:** + Lead the continued implementation and oversight of the CUI program, including policy, program, and procedure reviews and updates. + Collaborate with peer CUI specialists to develop and integrate CUI management solutions into NLR's broader information protection framework. + Support the OPSEC and CMPC programs in coordination with INFOSEC assurance analysts. + Provide strategic planning, risk management, and program oversight. + Mentor staff to ensure compliance with applicable requirements documents and procedures. + Coordinate CUI misuse determination, resolution, and reporting. + Conduct internal reviews and audits to ensure adherence to security requirements. **Training & Education:** + Review and revise existing CUI training materials; participate in working groups to enhance awareness programs. + Provide guidance on proper marking, handling, and safeguarding of CUI, classified, and sensitive information. + Support onboarding and refresher training for NLR personnel. **Analysis & Recommendations:** + Analyze information to determine appropriate CUI, OPSEC, and classification controls for NLR programs and initiatives. + Work to resolve security related issues that impact organizational goals. **Document Review & Incident Management:** + Assist in the review of information as requested to identify and protect sensitive and classified information. + Assist with the oversight of proper labeling of CUI documents. + Participate in the analysis and investigation of incidents of security concern. **Stakeholder Engagement and Relationship Building:** + Collaborate with internal stakeholders (Legal, IT, Program Management, project managers) to ensure consistent CUI compliance. + Build strong working relationships with DOE, lab leadership, and staff to balance security priorities with research and operations objectives in a customer focused manner. **Additional Responsibilities:** + Prepare and maintain lab level procedures, training, and internal SOPs + Promote a culture of safety, respect, accountability, and professionalism. + Other duties as assigned by management. . **Basic Qualifications** Relevant Bachelor's Degree and 5 or more years of experience or equivalent relevant education/experience. Or, relevant Master's Degree and 3 or more years of experience or equivalent relevant education/experience. Or, relevant PhD or equivalent relevant education/experience. Or, relevant JD or equivalent relevant education/experience. Complete understanding and wide application of technical principles, theories and concepts in the field. General knowledge of other related disciplines. Considerable knowledge of laws, regulations, principles, procedures and practices related to specific field. Strong leadership, project management and problem solving skills. Ability to use various computer software programs. DOE Q or TS Clearance: Must be able to obtain and maintain a DOE security clearance at the DOE (Q) and SCI access or DoD (TS) and SCI level. SCI access may require a polygraph examination. Eligibility requirements: To obtain a clearance, an individual must be at least 18 years of age; U.S. citizenship is required except in very limited circumstances. See DOE O 472.2A for additional information. *** Must meet educational requirements prior to employment start date.** **Additional Required Qualifications** + Bachelor's degree in a relevant field and at least 8 years of relevant experience in information security or reviewing research documents (or equivalent combination of education and experience). + Ability to respond to inquiries about document markings and accountability requirements. + Experience developing and delivering training on protecting CUI, proprietary, or classified information. + Motivated self-starter with the ability to work independently and as part of collaborative teams across the laboratory and DOE complex. + Strong problem-solving skills, with the ability to adapt to shifting priorities and meet deadlines. + Proficient in Microsoft Office. + Ability to use discretion and maintain strict confidentiality. + Ability to work both independently and collaboratively in a team-based environment. + Ability to obtain and maintain a TS clearance (see basic qualifications). **Preferred Qualifications** . **Job Application Submission Window** The anticipated closing window for application submission is up to 30 days and may be extended as needed. **Annual Salary Range (based on full-time 40 hours per week)** Job Profile: Professional III / Annual Salary Range: $81,500 - $146,700 NLR takes into consideration a candidate's education, training, and experience, expected quality and quantity of work, required travel (if any), external market and internal value, including seniority and merit systems, and internal pay alignment when determining the salary level for potential new employees. In compliance with the Colorado Equal Pay for Equal Work Act, a potential new employee's salary history will not be used in compensation decisions. **Benefits Summary** Benefits include medical, dental, and vision insurance; short*- and long-term disability insurance; pension benefits*; 403(b) Employee Savings Plan with employer match*; life and accidental death and dismemberment (AD&D) insurance; personal time off (PTO) and sick leave; paid holidays; and tuition reimbursement*. NLR employees may be eligible for, but are not guaranteed, performance-, merit-, and achievement- based awards that include a monetary component. Some positions may be eligible for relocation expense reimbursement. Limited-term positions are not eligible for long-term disability or tuition reimbursement. ***** Based on eligibility rules **Badging Requirement** NLR is subject to Department of Energy (DOE) access restrictions. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as required by Homeland Security Presidential Directive 12 (HSPD-12), which includes a favorable background investigation. **Drug Free Workplace** NLR is committed to maintaining a drug-free workplace in accordance with the federal Drug-Free Workplace Act and complies with federal laws prohibiting the possession and use of illegal drugs. Under federal law, marijuana remains an illegal drug. If you are offered employment at NLR, you must pass a pre-employment drug test prior to commencing employment. Unless prohibited by state or local law, the pre-employment drug test will include marijuana. If you test positive on the pre-employment drug test, your offer of employment may be withdrawn. **Submission Guidelines** Please note that in order to be considered an applicant for any position at NLR you must submit an application form for each position for which you believe you are qualified. Applications are not kept on file for future positions. Please include a cover letter and resume with each position application. . **Equal Opportunity Employer** All qualified applicants will receive consideration for employment without regard basis of age (40 and over), color, disability, gender identity, genetic information, marital status, domestic partner status, military or veteran status, national origin/ancestry, race, religion, creed, sex (including pregnancy, childbirth, breastfeeding), sexual orientation, and any other applicable status protected by federal, state, or local laws. **Reasonable Accommodations (******************************************************* **E** **-Verify** ************************ **For information about right to work, click here (************************************************************************************************** for English or** **here (************************************************ for Spanish.** E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce. The National Laboratory of the Rockies (NLR) is a leader in the U.S. Department of Energy's effort to secure an environmentally and economically sustainable energy future. With locations in Golden and Boulder, Colorado, and a satellite office in Washington, D.C., NLR is the primary laboratory for research, development, and deployment of renewable energy technologies in the United States. NLR is subject to Department of Energy (DOE) access restrictions. All candidates must be authorized to access the facility per DOE rules and guidance within a reasonable time frame for the specified position in order to be considered for an interview and for hiring. DOE rules for site access during the interview process depend on whether the candidate is interviewed on-site, off-site, or via telephone or videoconference. All employees must also be able to obtain and maintain a federal Personal Identity Verification (PIV) card as required by Homeland Security Presidential Directive 12 (HSPD-12), which includes a favorable background investigation. Additionally, DOE contractor employees are prohibited from participating in certain Foreign Government Talent Recruitment Programs (FGTRPs). If a candidate is currently participating in an FGTRP, they will be required to disclose their participation after receiving an offer of employment and may be required to disengage from participation in the FGTRP prior to commencing employment. Any offer of employment is conditional on the ability to obtain work authorization and to be granted access to NLR by the Department of Energy (DOE). **Drug Free Workplace** NLR is committed to maintaining a drug-free workplace in accordance with federal Drug-Free Workplace Act and complies with federal laws prohibiting the possession and use of illegal drugs. Under federal law, marijuana remains an illegal drug. If you are offered employment at NLR, you must pass a pre-employment drug test prior to commencing employment. Unless prohibited by state or local law, the pre-employment drug test will include marijuana. If you test positive on the pre-employment drug test, your offer of employment may be withdrawn. Please review the information on our Hiring Process (************************************************* website before you create an account and apply for a job. We also hope you will learn more about NLR (**************************** , visit our Careers site (****************************** , and continue to search for job opportunities (**************************************** at the lab.

Mindlance is a national recruiting company which partners with many of the leading employers in the Life Sciences, IT, and Financial Services sectors, feel free to check us out at ************************* Job Description Job Title: Network Security Analyst Duration: 6 Months Location: Lehi, UT Required: • Minimum 3+ years exp. • Experience with implementing policy on firewalls (Juniper & Palo alto experience preferred) • Review requests for new firewall policy • Understanding of IP stack • Ability to prioritize work and meet defined SLAs • Good communication skills - both verbal and written Additional Information Thanks & Regards, ______________________________________________________________________________________________________ Vikram Bhalla | Team-Recruitment | Mindlance, Inc. | Office: **************

We are looking for a Data Security Analyst for our long-term multiyear project out of Salt Lake City, Utah. Build software libraries and services to provide secure-by-default services to software engineering teams, including authentication systems, secure service architectures, endpoint control solutions, and cloud controls · Partner with colleagues from across engineering and risk to ensure an outstanding developer experience that satisfies the firm's security needs · Collaborate on feature design and problem solving · Help to provide frictionless integration with the firm's runtime, deployment and SDLC technologies · Manage the full lifecycle of software components, from requirements through design, testing, development, release and demise · Help to communicate and promote best practices for security engineering across the firm · Engage in production troubleshooting Basic Qualifications · A strong grounding in security concepts, including secure coding practices, trusted computing and principles of authentication and authorization · A good understanding of public key and symmetric key cryptography · The ability to reason about performance, security, and process interactions in complex distributed systems · Proficiency in designing, developing and testing cross-platform software in one or more of Java, Golang or C#; open to using multiple languages · Experience developing, deploying and supporting software across the full Continuous Delivery life-cycle · The ability to understand and effectively debug both new and existing software · Experience meeting demands for high availability, low latency and scale · The ability to communicate technical concepts effectively, both in writing and orally, as well as the interpersonal skills required to collaborate effectively with colleagues across diverse engineering teams Preferred Qualifications · An understanding of regulated environments, e.g. financial services · Experience building services using public cloud providers such as AWS, Azure or GCP · Experience with threat modeling and risk assessment · Experience of practical security engineering in a Linux and/or Windows environment · Familiarity with service mesh concepts and service-oriented architectures · Familiarity with data protection principles and solutions · Experience with deploying software to containerized environments - Kubernetes/Docker · Experience monitoring, measuring, auditing and supporting software · Scripting skills using Python, PowerShell or bash · Experience with Terraform or similar infrastructure-as-code platforms, as a user and/or as a service provider

Network Security AnalystLOCATIONAurora, CO 80014CLEARANCETS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARYWe are looking for a detail-oriented and proactive Network Security Analyst to join our cybersecurity team. In this role, you will monitor, analyze, and protect the organization's network infrastructure against potential threats and vulnerabilities. You will be responsible for identifying security risks, responding to incidents, and implementing measures to safeguard sensitive information. Collaborating with cross-functional teams, you will play a key role in enhancing the organization's overall network security posture. The ideal candidate is passionate about cybersecurity, thrives in a dynamic environment, and is committed to staying ahead of emerging threats and technologies. *** Please note that our job openings are dynamic and can open or close quickly (much faster than we can publish). If you do not see an opening you are looking for, know that we see almost all types of positons. We strive to keep our listings up to date, but please consider submitting your current resume. Our team will work with you to identify the most recent opportunities that align with your skillset and career goals. We look forward to you joining our family. *** SIMILAR CAREER TITLESCybersecurity Analyst, Information Security Analyst, Security Operations Center (SOC) Analyst, Network Defense Analyst, Threat Intelligence Analyst, IT Security Specialist, Vulnerability Analyst, Incident Response Analyst, Security Monitoring Analyst, Cyber Defense Analyst, Infrastructure Security Analyst, etc.DEGREE (Level Desired) Bachelor's DegreeALTERNATE EXPERIENCEGeneral comment on degrees: Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some contracts give 4-5 years experience credit for a Bachelor's Degree. Some contracts give 2 years experience credit for a Master's Degree. We will work with you to find the right fit.POSITION RESPONSIBILITIES Monitor network traffic for anomalies Investigate and resolve security incidents Maintain and update security systems Generate and analyze security reports Assist in developing incident response plans Ensure adherence to security policies REQUIRED SKILLS Proficiency in monitoring tools like IDS/IPS Strong analytical and problem-solving skills Understanding of network protocols (TCP/IP, DNS) Knowledge of malware analysis tools Ability to interpret security logs Familiarity with vulnerability scanning tools DESIRED SKILLS Experience with advanced threat detection Knowledge of forensics methodologies Understanding of regulatory frameworks (e.g., GDPR, HIPAA) Experience with SOC workflows Familiarity with automation and scripting Knowledge of threat intelligence platforms PLUG IN to CYMERTEK - And design your future... YOUR FOREVER CAREER STARTS HERE Are you looking for more than just a job? Join a company where employees are treated like family, and your career is built to last. We are a growing small business and a trusted federal contractor offering full scope consulting services in information technology, cybersecurity, and analyst workforce development. At our company, you come first. We're committed to creating an environment where you'll thrive professionally and personally. We provide meaningful, challenging work using cutting-edge technologies while investing in your growth and success. With direct access to company leadership, a laid-back and inclusive atmosphere, and exceptional work-life balance, you'll feel valued every day. We also believe in taking care of our family - both yours and ours. Our benefits are phenomenal, family-friendly, and designed with your well-being in mind. From employee and family events to career-long support, we create a community you'll never want to leave. Ready to make your next move the best one? Join us and experience the difference. BENEFITS Excellent Salaries Flexible Work Schedule Cafeteria Style Benefits 10% - 401k Matching (Vested Immediately) Additional 401k Profit Sharing 30 days Paid Leave/Holiday (No Use or Lose!) The day off for your birthday Medical/Dental/Vision - 100% employee coverage. ($1200 allowance - or a bonus) HSA/FSA AFLAC Long Term/Short Term Disability - 100% employee coverage. No cost to you. Life Insurance - 100% employee coverage. No cost to you. Additional Discretionary Life Insurance Paid Training No long, wordy reviews with tons of paperwork!!! Referral bonus program with recurring annual payments HOW TO APPLY Email us at ***************** or apply today: **************** Want to see what our employees think? Click here . EQUAL OPPORTUNITY EMPLOYER STATEMENT Cymertek is proud to be an Equal Opportunity Employer committed to fostering an inclusive and diverse workplace. We embrace and celebrate differences in our employees, recognizing that a diverse workforce enhances our creativity, innovation, and overall success. At Cymertek, employment decisions are made based on merit, qualifications, and business needs without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other characteristic protected by applicable laws. We believe in creating an environment where all individuals are treated with respect and dignity, and where opportunities for professional growth and advancement are accessible to everyone, regardless of background or identity.

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Job Description We are looking to fill a position for Data Security in Denver CO. Qualifications Short Description: Selected person will be responsible to maintain systems to protect data from unauthorized users. Identifies, reports, and resolves security violations. May require a bachelor's degree in area of specialty and at least 1 year or equivalent experience in the field or in a related area. CCNA CCNP+ (security) CCSA (security) Linux Additional Information Webcam interview is acceptable.

Global Channel Management is a technology company that specializes in various types of recruiting and staff augmentation. Our account managers and recruiters have over a decade of experience in various verticals. GCM understands the challenges companies face when it comes to the skills and experience needed to fill the void of the day to day function. Organizations need to reduce training and labor costs but at same requiring the best "talent " for the job. Qualifications Information Security Analyst must work 3rd shift (Wed-Sat) 7pm - 6am MST Information Security Analyst requires: 1-3 years of experience within the IT field Bachelor's degree in computer science, information technology, or related field is required Experience with enterprise information security data management tools such as ArcSight or Splunk is preferred Solid experience in scripting languages such as (or similar to) Python, PERL, and Ruby is a plus• Proficiency with RSA Archer Experience with industry standard frameworks• Experience with YARA, regex, or other host/network-based signature development Information Security Analyst duties: Respond to network and host based security events Minimize the dwell time of threat actors by monitoring, triaging, and validating security events, while maintaining thorough documentation in the case management system Operate with little-to-no direction and define relationships between seemingly unrelated events through deductive reasoning Actively hunting for and dissecting previously unidentified threats in the environment Participate in intelligence sharing and trust groups, then apply this knowledge to security controls Additional Information $38/hr 6 months

We are seeking a qualified Cloud Security Engineer to support a secure DOD customer located in Ogden, UT. The overall program that this role supports aims to modernize legacy network infrastructure and migrate services into a new AWS Cloud Environment. Clearance Requirements: Candidates must have an interim secret clearance (or above) as a precondition of employment Location: Onsite 100% at Hill AFB, Ogden UT Responsibilities: Implement and manage Secure Cloud Computing Architecture (SCCA) controls, including Virtual Data Center Security Stack (VDSS) and Boundary Cloud Access Point (BCAP). Work with DoD teams to ensure cloud environments are compliant with DoD security frameworks, including NIST, STIGs, and FedRAMP+. Manage and enforce Trusted Cloud Credential Management (TCCM) practices for secure identity access and cloud credential management. Configure and maintain cloud security services for monitoring, alerting, and logging using tools like SolarWinds, ELK, and native CSP security features. Support cloud onboarding and migration, ensuring security best practices are adhered to during the transition. Collaborate with cross-functional teams to ensure Zero Trust principles are implemented effectively in the cloud environment. Assist in preparing and maintaining documentation for ATO processes, including mapping inherited controls and contributing to eMASS submissions. Provide guidance on cloud security best practices and mentor junior team members in cloud security management. Requirements: Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent experience). CompTIA Security+ (or higher IE CISM or CISSP etc) DoD-approved cloud security certifications (e.g., AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer) preferred. 7+ years of experience in cloud security with hands-on experience in at least one CSP (OCI, Azure, or AWS). Experience in implementing and managing security controls in cloud environments, including identity and access management (IAM), logging, and monitoring. Experience with security incident management, vulnerability assessments, and cloud compliance processes. Strong troubleshooting and problem-solving skills in cloud environments. Solid understanding of DoD cloud security requirements, including NIST 800-53, STIGs, and FedRAMP+. Proficiency with automation tools such as Terraform, Ansible, and PowerShell for managing cloud configuration. Interim Secret clearance or above What Blu Omega Can Offer You: Competitive benefits including Health Insurance, 401K w/ match, Paid Time Off and more. Results driven culture that embrace our core values Rewarding work contributing to our Nation's mission critical programs Blu Omega is a Woman Owned Small Business Federal Health Technology and Operations firm headquartered in Washington DC and supporting clients nationally. We provide Technology solutions for enterprise and government customers. Our team has a past performance in a diverse range of programs including those for Data Management, Cloud/Infrastructure, Software Development and Enterprise Applications. An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Denver, Colorado;Seattle, Washington; Jersey City, New Jersey; Boston, Massachusetts; Washington, District of Columbia; Charlotte, North Carolina; Jacksonville, Florida; Chicago, Illinois **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (****************************************************************************************** **:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! **Job Description:** Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the vulnerability of the bank's applications to malicious hacking activity. This intermediate technical role is responsible for performing application security assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include performing research, understanding the bank's security policies, working with the appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. Key Responsibilities in order of importance: + Perform assigned analysis of internal and external threats on information systems and predict future threat behavior + Incorporate threat actors' tactics, techniques, and procedures into offensive security testing + Perform assessments of the security, effectiveness, and practicality of multiple technology systems + Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. + Prepare and present detailed technical information for various media including documents, reports, and notifications + Provide clear and practical advice regarding managed risks + Learn and develop advanced technical and leadership skills, Mentor Junior assessors in technical tradecraft and soft skills Required Skills: + Minimum of 4 years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment + Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services + SQL injection/XSS attack without the use of tools + Experience performing manual code reviews for security relevant issues + Experience working with SAST tools to identify vulnerabilities + Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings + Experience performing manual web application assessments i.e., must be able to simulate a + Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) + Experience with vulnerability assessment tools and penetration testing techniques + Solid programming/debugging skills + Experience of using a variety of tools, included, but not limited to, IBM AppScan, Burp and SQL Map + Threat Analysis + Innovative Thinking + Technology Systems Assessment + Technical Documentation + Advisory Desired: + CISSP, CEH, OSCP, OSWE, GPEN, PenTest+ or similar + Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

System Security EngineerLOCATIONAurora, CO 80014CLEARANCETS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARYWe are seeking a highly motivated and detail-oriented System Security Engineer to design, implement, and maintain security measures that protect our critical systems and data. In this role, you will work closely with cross-functional teams to identify vulnerabilities, develop robust security solutions, and ensure compliance with industry standards and regulations. The ideal candidate has a strong understanding of system architecture, a proactive approach to mitigating risks, and a passion for staying ahead of evolving cyber threats. If you are a problem-solver who thrives in a dynamic environment, we encourage you to apply and help us safeguard our organization's infrastructure. *** Please note that our job openings are dynamic and can open or close quickly (much faster than we can publish). If you do not see an opening you are looking for, know that we see almost all types of positons. We strive to keep our listings up to date, but please consider submitting your current resume. Our team will work with you to identify the most recent opportunities that align with your skillset and career goals. We look forward to you joining our family. *** SIMILAR CAREER TITLESCybersecurity Engineer, Information Security Engineer, Network Security Engineer, IT Security Engineer, Cloud Security Engineer, Infrastructure Security Engineer, Endpoint Security Engineer, Security Operations Engineer, Security Systems Analyst, Data Security Engineer, Application Security Engineer, Identity and Access Management Engineer, Threat Detection Engineer, Vulnerability Management Engineer, Risk Assessment Engineer, Compliance Security Engineer, Incident Response Engineer, Secure Systems Architect, Security Automation Engineer, etc.DEGREE (Level Desired) Bachelor's DegreeDEGREE (Focus) Cybersecurity, Computer Science, Information Technology, Information Systems, Computer Engineering, Network Engineering, Software Engineering, Systems Engineering, Electrical Engineering, Data Science, Telecommunications, Information Assurance, Security Management, Digital Forensics, Cryptography, Cyber Operations, Applied Mathematics, Artificial Intelligence, Risk Management, Secure Systems Design, etc.ALTERNATE EXPERIENCEGeneral comment on degrees: Most contracts allow additional experience (4-5 years) in lieu of a Bachelor's Degree. Some contracts give 4-5 years experience credit for a Bachelor's Degree. Some contracts give 2 years experience credit for a Master's Degree. We will work with you to find the right fit.POSITION RESPONSIBILITIES Design and implement secure system architectures Monitor and respond to system security incidents Develop and enforce system security policies Conduct risk assessments and mitigate vulnerabilities Ensure compliance with security standards and frameworks Collaborate with teams to integrate security into system development REQUIRED SKILLS Proficiency in configuring firewalls and intrusion detection systems Strong knowledge of operating system security (e.g., Linux, Windows) Experience with endpoint protection tools Familiarity with network protocols and security Ability to perform vulnerability assessments and penetration tests Expertise in implementing encryption and secure authentication methods DESIRED SKILLS Knowledge of cloud security practices (e.g., AWS, Azure) Familiarity with automation tools for security (e.g., Ansible, Terraform) Experience with security incident response and forensics Understanding of DevSecOps principles Strong communication and technical documentation skills Ability to train and mentor team members on security best practices PLUG IN to CYMERTEK - And design your future... YOUR FOREVER CAREER STARTS HERE Are you looking for more than just a job? Join a company where employees are treated like family, and your career is built to last. We are a growing small business and a trusted federal contractor offering full scope consulting services in information technology, cybersecurity, and analyst workforce development. At our company, you come first. We're committed to creating an environment where you'll thrive professionally and personally. We provide meaningful, challenging work using cutting-edge technologies while investing in your growth and success. With direct access to company leadership, a laid-back and inclusive atmosphere, and exceptional work-life balance, you'll feel valued every day. We also believe in taking care of our family - both yours and ours. Our benefits are phenomenal, family-friendly, and designed with your well-being in mind. From employee and family events to career-long support, we create a community you'll never want to leave. Ready to make your next move the best one? Join us and experience the difference. BENEFITS Excellent Salaries Flexible Work Schedule Cafeteria Style Benefits 10% - 401k Matching (Vested Immediately) Additional 401k Profit Sharing 30 days Paid Leave/Holiday (No Use or Lose!) The day off for your birthday Medical/Dental/Vision - 100% employee coverage. ($1200 allowance - or a bonus) HSA/FSA AFLAC Long Term/Short Term Disability - 100% employee coverage. No cost to you. Life Insurance - 100% employee coverage. No cost to you. Additional Discretionary Life Insurance Paid Training No long, wordy reviews with tons of paperwork!!! Referral bonus program with recurring annual payments HOW TO APPLY Email us at ***************** or apply today: **************** Want to see what our employees think? Click here . EQUAL OPPORTUNITY EMPLOYER STATEMENT Cymertek is proud to be an Equal Opportunity Employer committed to fostering an inclusive and diverse workplace. We embrace and celebrate differences in our employees, recognizing that a diverse workforce enhances our creativity, innovation, and overall success. At Cymertek, employment decisions are made based on merit, qualifications, and business needs without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other characteristic protected by applicable laws. We believe in creating an environment where all individuals are treated with respect and dignity, and where opportunities for professional growth and advancement are accessible to everyone, regardless of background or identity.

Global Channel Management is a technology company that specializes in various types of recruiting and staff augmentation. Our account managers and recruiters have over a decade of experience in various verticals. GCM understands the challenges companies face when it comes to the skills and experience needed to fill the void of the day to day function. Organizations need to reduce training and labor costs but at same requiring the best "talent " for the job. Qualifications 3rd shift (mon, tues, thurs, fri) 7pm - 6am MST Required Skills (Minimum knowledge, skills and abilities to enter the job): • Minimum of 1-3 years of experience within the IT field • Exceptional written and oral communication skills • Strong critical thinking and analytical skills • Attention to detail • Experience handling security incidents, to include reviewing raw log files, data correlation, and analysis • Experience with and thorough understanding of attack vectors, threat tactics, and attacker techniques • Able to proactively perform duties and responsibilities with little-to-no direction • Able to effectively and efficiently collaborate with a diverse and geographically distributed team • Must be willing and able to work a shift routine • Ensure successful handoff of procedures between shifts Desired Skills (Preferred not required): • Bachelor's degree in computer science, information technology, or related field is required • Experience with enterprise information security data management tools such as ArcSight or Splunk is preferred • Solid experience in scripting languages such as (or similar to) Python, PERL, and Ruby is a plus • Proficiency with RSA Archer • Experience with industry standard frameworks • Experience with YARA, regex, or other host/network-based signature development Additional Information $38/hr 6 MONTHS

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Job Description: Manual Ethical Hacking is part of the Application Development Security Framework Program within Bank of America's Cyber Security Assurance Offensive Security group. The program provides services to assess the security resilience of the bank's applications to malicious hacking activity. This senior technical role is responsible performing and leading ethical hacking assessments of the bank's technologies, applications, and cyber security controls while adapting testing methods to evolving and emerging threats. Key responsibilities include leading and performing research, understanding the bank's security policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. These individuals partner closely with security partners, CIO clients and multiples lines of business. These individuals are expected to perform application security-oriented dynamic and static assessments across a multitude of technologies including web UI, web APIs, mobile and cloud, including associated source code. Key Responsibilities in order of importance: * Perform assigned analysis of internal and external threats on information systems and predict future threat behavior. * Incorporate threat actors' tactics, techniques, and procedures into offensive security testing to identify high-value vulnerabilities/chained attacks. * Developing Proof-of-concepts for exploitation. * Perform assessments of the security, effectiveness, and practicality of multiple technology systems. * Leverage innovative thinking to help solve problems or introduce new ideas to processes or products applicable to offensive security. * Prepare and present detailed technical information for various media including documents, reports, and notifications. * Provide clear and practical advice regarding managing risks. * Learn and develop advanced technical and leadership skills, mentor Junior and Intermediate assessors in technical tradecraft and soft skills. * Respond to security incidents and provide technical assistance to leadership across the Information Security organization. Required Skills: * Minimum of 5+ years of professional pentesting, application security or ethical hacking experience, preferably in a large, complex, enterprise environment * Detailed technical knowledge in at least 5 of the following areas: * security engineering * application architecture * authentication and security protocols * application session management * applied cryptography * common communication protocols * mobile frameworks * single sign-on technologies * exploit automation platforms * Web APIs * Cloud environments * LLM security * Able to manually identify and reproduce findings, discuss remediation concepts, develop PoCs for vulnerabilities, use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high value findings * Experience performing manual web application assessments i.e., must be able to simulate a OWASP Top 10 vulnerabilities without the use of tools * Experience performing manual code reviews for security relevant issues * Experience working with DAST and SAST tools to identify vulnerabilities * Knowledge of network and Web related protocols/technologies (e.g., UNIX/LINUX, TCP/IP, Cookies) * Experience with vulnerability assessment tools and penetration testing techniques. * Solid programming/debugging skills, development frameworks, CVE and CWE research/reproduction * Threat Analysis, threat modelling and SBOM analysis * Innovative thinking, threat actor simulation * Technology Systems Assessment * Technical Documentation * Advisory Desired: * CEH, OSCP/OSCE/OSWE/GXPN/GPEN/GWAPT/GMOB/All Practitioner Certs [Port Swigger BSP Academy]/Cloud Cert(s)/ eWPT; eWPTX; eMAPT [INE Pentester Academy] * Strong programming/scripting skills This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40