Security engineer jobs in Kettering, OH

":"As an Entry Level Cyber Security Analyst, you will become a part of an elite team of individuals committed to the security of Customer information and the Company's intellectual property. You will manage the various security tools to identify and evaluate complex business and technology risks. You must also be able to communicate your findings and recommendations for management. You will work with teams across the organization including partnering with IT and Software Development on security related matters. If you are an innovative problem solver in technology who enjoys working in a team environment, this is the position for you! #LI-DNI","job_category":"Information Technology","job_state":"OH","job_title":"Entry Level Cyber Security Analyst","date":"2025-11-22","zip":"45430","position_type":"Full-Time","salary_max":"0","salary_min":"0","requirements":"Bachelor's degree, certificate, or boot camp in CIS, IT, or Cyber Security related fields a plus~^~Linux and Windows operating systems experience and knowledge required~^~Excellent oral and written communication skills~^~Industry standard certifications a plus","training":"","benefits":"Our associates receive medical, dental, vision, and life insurance. We also offer company contributions to your HSA, 6% match on 401(k), and a work\/life balance with paid time off. At our Dayton office, you can take advantage of our great training programs and facility amenities, including an onsite dining facility offering complimentary breakfast and lunch, a fitness center, and an onsite medical center. We also offer a wide variety of sports and social leagues to participate in after work, along with volunteering initiatives through our Associate Foundation. Reynolds and Reynolds promotes a healthy lifestyle by providing a non-smoking environment. Reynolds and Reynolds is an equal opportunity employer. ","

Reports to: Chief Information Officer (CIO) Company: Global Industrial Manufacturing ($3B Revenue) Team: 12 global employees (USA, Germany, India) Budget: $3M Opex The Vice President & Chief Information Security Officer (CISO) is the senior-most leader responsible for the global Information Security program. This role sets the strategy, establishes governance, oversees execution of technical and operational controls, and ensures the protection of the company's data, systems, and digital assets across a complex global manufacturing environment. The CISO leads a distributed team across the U.S., Germany, and India, and partners closely with IT, Legal, Compliance, and business leadership to manage cyber risk, secure new technologies, and meet regulatory and customer expectations. This role presents quarterly to the Audit Committee and Executive Management Team on cybersecurity posture, risks, and key initiatives. Key Responsibilities Strategic Leadership & Governance Develop and execute the global information security strategy aligned to business objectives and risk appetite. Provide quarterly cybersecurity updates to the Audit Committee and Executive Management Team. Establish security governance, policies, and standards consistent with leading frameworks (NIST CSF, ISO 27001, CIS). Oversee enterprise risk assessments and maintain a risk-based roadmap for continuous improvement. Security Operations & Technical Controls Lead the design, implementation, and management of all security technologies and controls including endpoint protection, identity & access management, SIEM/SOC operations, cloud security, vulnerability management, and network security. Ensure proactive monitoring, rapid detection, and response to security incidents across global operations. Oversee business continuity and disaster recovery security components in partnership with Infrastructure and Applications teams. Security Architecture & New Technology Reviews Embed security-by-design into IT and business projects, including cloud, ERP, operational technology (OT), and Industry 4.0 initiatives. Conduct architectural reviews and threat modeling for new technologies and digital transformation efforts. Compliance, Privacy & Legal Collaboration Partner closely with Legal to ensure compliance with global data privacy laws, including GDPR, CCPA, and emerging regulations. Oversee data protection practices, records retention security considerations, and reporting obligations related to data privacy incidents. Third-Party & Customer Security Lead the global third-party risk management program, including supplier assessments and ongoing monitoring. Respond to and manage customer security inquiries, audits, and contractual security requirements. Drive vendor governance for security tools, MSSP partnerships, and other outsourced services. Team Leadership & Budget Management Lead a global Information Security team of 12 across the U.S., Germany, and India. Manage a $3M annual operating budget, ensuring cost-effective investments in technology, services, and capabilities. Mentor, develop, and scale the team to support global manufacturing operations and business growth. Qualifications Required 10+ years of progressive experience in Information Security leadership roles. Minimum 3 years as a CISO or a deputy/second-in-command security leader in a larger enterprise. Deep expertise in security operations, architecture, governance, risk, compliance, and incident response. Strong working knowledge of NIST CSF, ISO 27001, CIS Controls, and modern cybersecurity technologies. Experience in global environments and working with distributed teams. Demonstrated ability to present complex cybersecurity topics to Audit Committees and senior executives. Experience managing multimillion-dollar security budgets. Strong understanding of GDPR, CCPA, and global privacy regulations. Preferred Experience in industrial manufacturing or OT/ICS security environments. Certifications such as CISSP, CISM, CISA, CCSP, or similar. Familiarity with ERP environments, cloud security (Azure/AWS), and M&A cybersecurity integration. Experience working with India-based operations or offshore security teams. Personal Attributes Executive presence and strong communication skills. Business-oriented mindset with the ability to translate technical issues into business risk. Proven ability to drive process discipline, build governance, and mature a security program. Collaborative leadership style with strong partnership skills across IT, Legal, and business units. #LI-SC1 Who we are: Hillenbrand (NYSE: HI) is a global industrial company that provides highly-engineered, mission-critical processing equipment and solutions to customers in over 100 countries around the world. Our portfolio is composed of leading industrial brands that serve large, attractive end markets, including durable plastics, food, and recycling. Guided by our Purpose - Shape What Matters For Tomorrow™ - we pursue excellence, collaboration, and innovation to consistently shape solutions that best serve our associates, customers, communities, and other stakeholders. To learn more, visit: ******************** EEO: The policy of Hillenbrand Inc. is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, Hillenbrand Inc. and our operating companies are committed to being an Equal Employment Opportunity (EEO) Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us @recruitingaccommodations@hillenbrand.com . In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying. At Hillenbrand, everyone is welcome to apply and "Shape What Matters for Tomorrow".

Cybersecurity and Network Protection SME Clearance Required: TS/SCI (active) Inc. At JMark Services Inc., we are committed to securing the mission. As a trusted partner to the Department of Defense and Intelligence Community, we specialize in cybersecurity, information assurance, and technical operations that protect critical systems and national interests. Our teams thrive at the intersection of innovation and accountability-where every decision matters. Position Title: Cybersecurity and Network Protection SME JMark is seeking a highly skilled Cybersecurity and Network Protection SME to support advanced cybersecurity assessment and compliance operations at Wright-Patterson AFB. In this role, you will lead risk evaluations, validate system security requirements, and play a critical part in maintaining secure, mission-ready environments across classified networks and platforms. Working under minimal supervision, you'll bring deep technical experience and policy fluency to a dynamic, mission-driven team. Key Responsibilities: Plan and conduct compliance audits and vulnerability assessments of systems and networks. Identify deviations from security standards and recommend corrective actions. Support risk mitigation strategies and ensure compliance with certification and accreditation processes. Assist in implementation of government policies such as NISPOM and DCID 6/3; recommend tailored improvements. Provide process, analysis, coordination, and documentation support for secure system operations. Conduct security certification test planning, participation, and reporting (ST&E). Perform hardware/software security research and support secure tech integration and release. Review system audits and track corrective actions through closure. Collaborate with stakeholders across technical, policy, and leadership levels. Required Qualifications: Bachelor's degree in Engineering, Computer Science, Information Technology, or a related field. Minimum of 10 years of relevant cybersecurity or information assurance experience. Strong understanding of vulnerability assessments, ST&E, and certification/accreditation frameworks. Experience applying federal security guidelines (NIST, STIGs, NISPOM, DCID 6/3, RMF). Exceptional problem-solving, organizational, and technical writing skills. Active TS/SCI clearance is required. Why Join JMark? Tackle real-world cybersecurity challenges that protect national defense systems Collaborate with high-caliber experts in a mission-critical environment Enjoy growth opportunities and technical leadership roles Competitive compensation, full benefits, and a values-driven culture Secure infrastructure. Reduce risk. Lead with integrity. Apply now to become a Cybersecurity and Network Protection SME at JMark Services Inc. - Wright-Patterson AFB.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: R&D Product Development Job Sub Function: R&D Software/Systems Engineering Job Category: Scientific/Technology All Job Posting Locations: Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America : About Surgery Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech. We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH. Job Description: The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment You will be responsible for: Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. Advise embedded system security software to ensure system hardening and secure coding practices. Support all stakeholders on patch management, vulnerability handling, and SBOM scanning Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) Qualifications / Requirements: Education: Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree Experience and Skills 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment Proven experience with threat modeling and risk assessments for connected products or medical devices Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. Proven experience with electrical and embedded software design Experience developing software for embedded Real-Time Operating Systems (RTOS) Experience developing embedded software systems using Modern C++ (preferably standards 17+) A results and performance driven demeanor with strong sense of accountability Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles Preferred Skills & Experience: Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) Work experience with Systems Engineering activities: requirements management and development, risk management, and verification Strong collaboration, proven technical leadership capabilities, and conflict resolution skills A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX Other Requirements: Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: Vacation - up to 120 hours per calendar year Sick time - up to 40 hours per calendar year Holiday pay, including Floating Holidays - up to 13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via *******************/contact-us/careers . internal employees contact AskGS to be directed to your accommodation resource. #RADSW #Li-Hybrid Required Skills: Preferred Skills:

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at ******************* Job Function: R&D Product Development Job Sub Function: R&D Software/Systems Engineering Job Category: Scientific/Technology All Job Posting Locations: Cincinnati, Ohio, United States of America, Santa Clara, California, United States of America : About Surgery Fueled by innovation at the intersection of biology and technology, we're developing the next generation of smarter, less invasive, more personalized treatments. Are you passionate about improving and expanding the possibilities of MedTech surgery? Ready to join a team that's reimagining how we heal? Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the world's most prevalent conditions such as obesity, cardiovascular disease and cancer. Patients are waiting. Your unique talents will help patients on their journey to wellness. Learn more at *******************/medtech. We are searching for the best talent for a Staff Product Security Engineer position, to be located in Santa Clara, CA or Cincinnati, OH. Job Description: The Staff Product Security Engineer will be a key member of the Capital R&D organization, make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment You will be responsible for: Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs. Drive architecture, requirements, and design to ensure that decisions incorporate security considerations. Advise embedded system security software to ensure system hardening and secure coding practices. Support all stakeholders on patch management, vulnerability handling, and SBOM scanning Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304) Qualifications / Requirements: Education: Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree Experience and Skills 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment Proven experience with threat modeling and risk assessments for connected products or medical devices Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams Ability to think big picture and have attention to detail - aligning strategic objectives with tactical implementation. Proven experience with electrical and embedded software design Experience developing software for embedded Real-Time Operating Systems (RTOS) Experience developing embedded software systems using Modern C++ (preferably standards 17+) A results and performance driven demeanor with strong sense of accountability Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles Preferred Skills & Experience: Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900) Work experience with Systems Engineering activities: requirements management and development, risk management, and verification Strong collaboration, proven technical leadership capabilities, and conflict resolution skills A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX Other Requirements: Ability to travel up to 10% domestic US and Internationally The anticipated base pay range for this position is $105,000- $169,050. California Bay Area - The anticipated base pay range for this position is $141,000 - $227,000. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company's long-term incentive program. Employees are eligible for the following time off benefits: Vacation - up to 120 hours per calendar year Sick time - up to 40 hours per calendar year Holiday pay, including Floating Holidays - up to 13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. For additional general information on Company benefits, please go to: - ********************************************* This job posting is anticipated to close on 7/22/25. The Company may however extend this time-period, in which case the posting will remain available on *************************** to accept additional applications. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, external applicants please contact us via *******************/contact-us/careers . internal employees contact AskGS to be directed to your accommodation resource. #RADSW #Li-Hybrid Required Skills: Preferred Skills:

Bowhead seeks a Cybersecurity Network Defense Analyst to join our team in Dayton, OH. The Cybersecurity Network Defense Analyst uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. They provide on-site 24x7x365 operational support in the form of event/incident handling and analysis capability to cybersecurity service subscribers. These highly skilled individuals will work in various capacities alongside Warning Intelligence Analysts and Engineers. The Cybersecurity Network Defense Analyst will work in the Attack Sensing and Warning (AS&W) division which senses changes in subscriber networks through comparison to established baselines and the fusion/integration of closed and open source intelligence to enhance sensing capability. They will perform the analysis of disparate data sources to form a cohesive view of the current cyber security state. They will characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. **Responsibilities** - Receive and distribute AS&W information - Conduct AS&W activities to develop appropriate response (receives and archive task orders, directives, and other required actions, and maintain internal and external source location information) - Coordinate AS&W information from other sources to aid in analysis of alerts - Analyze the Intrusion Detection System alerts to identify unauthorized or anomalous activity - Identify, documents, and reports unauthorized activity/attacks (including IP addresses and ports, attack vector, and attack timeframe) in all incidents and reports per HPCMP CSSP sops - Take action, if appropriate, to prevent or mitigate potential impact to the DODIN based on cyber threats, and develop and distribute countermeasures and interim guidance to prevent or mitigate threats and/or attacks on DODIN - Monitor a platform capable of performing information security continuous monitoring (ISCM) for the purposes of detecting cyber intrusions, attacks, anomalous behavior, and possible insider threats - Collect intrusion artifacts (e.g., source code, malware, and trojans) - Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation - Report incidents and events within proper channels and within timelines identified in the CJCSM 6510.01B - Provide a 24/7x365 event/incident handling and analysis capability - Provide operations log accessible to personnel documenting all mandated reportable cyber events/incidents - Analyze detected cyber events to identify incidents - Categorize and characterize cyber incidents - Notify affected Subscribers of cyber incidents and collect assessments of mission impact for the loss of the system during the incident response process - Analyze cyber incidents to develop specific responses - Distribute tailored countermeasures or interim guidance to Subscribers to eradicate and prevent cyber incidents across all subscribers - Perform forensic analysis of systems and malware in cases where subscribers lack the capability and ensure relevant IOCs are shared with Warning Intelligence - Mitigate operational and/or technical impact due to cyber incidents - Contain the spread of malware to prevent further damage to IT systems through detection, analysis, and execution of containment measures **Qualifications** - Must possess Bachelor's degree or equivalent experience - Must have at least 2 years intrusion detection experience - Must have at least 2 years relevant IT and/or System administrator experience and 2 years relevant Information Security experience - Must have the certifications for DOD 8570 IAT Level II minimally - Must have the certifications for DOD 8570 CSSP-Analyst or CSSP-Incident Responder - Must have the ability to earn DoD 8570 computing environment certification within 6 months - Understanding of network hardware devices and experience configuring Access Control Lists or other Firewall or Router configuration experience - Ability to demonstrate strong knowledge of computer security concepts - Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience - Advanced knowledge of network technologies and protocols - Advanced understanding of current threats and trends present in the Information Security and Technology field - Must complete the specified Joint Qualification Requirement training within 180 days of date of hire, unless otherwise specified SECURITY CLEARANCE REQUIRED: Must currently hold a security clearance at the Secret level or be able to obtain and maintain a clearance at the Secret level. US Citizenship is a requirement for Secret clearance at this location. Physical Demands: - Must be able to lift up to 25 pounds - Must be able to stand and walk for prolonged amounts of time - Must be able to twist, bend and squat periodically \#LI-MN1 Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC's Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant's resume/application may be subject to verification. Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes. UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. Please view Equal Employment Opportunity Posters provided by OFCCPhere (******************************************* . All candidates must apply online at ***************** , and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance *****************/careers/recruitment/ . The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c) UIC Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar company recognized as a top Alaska Native Corporation providing services across the Department of Defense and many federal agencies. Bowhead offers competitive benefits including medical, dental, vision, life insurance, accidental death and dismemberment, short/long-term disability, and 401(k) retirement plans as well as a paid time off programs for eligible full-time employees. Eligible part-time employees are able to participate in the 401(k) retirement plans and state or contract required paid time off programs. **Join our Talent Community!** Join our Talent Community (************************************************************************ to receive updates on new opportunities and future events. **ID** _2025-24272_ **Category** _Information Technology_ **Location : Location** _US-OH-Wright-Patterson AFB_ **Clearance Level Must Be Able to Obtain** _Secret_ **Minimum Clearance Required** _N/A_ **Travel Requirement** _N/A_

The Information Security Specialist works with the IT security team to ensure the security of court systems and serve as a security resource to courts within the Sixth Circuit for their governance and compliance program. The major responsibilities and duties include the following: In coordination with the Circuit IT Security Officer (ITSO), respond to emergent threats, assist court units in the circuit, and track and report progress. Assist in identifying, prioritizing, and coordinating the protection of critical cyber infrastructure and key resources. Provide guidance and assistance in implementing and maintaining business objectives (i.e. security scorecard, CIS controls, assessments, internal audit controls, security data calls). Manage information security projects (or security-related aspects of other IT projects). Coordinate and lead IT staff and court users to identify, plan, and implement initiatives and projects. Prepare and present reports and training. Develop and maintain a documentation template repository; modernize and maintain the circuit's data repository. Review and advise courts on documentation requirements. Assist the Circuit ITSO in performing, analyzing, and archiving SWOT and other gap analyses to ensure compliance with required frameworks, controls, and assessment. Manage CIS controls self-assessment too; provide guidance and assistance to courts on documentation, program management, etc. Assist the Circuit ITSO in creating, tracking, and maintaining KPIs. Prepare scheduled data points and KPIs for use in reports to circuit-wide executives and other Judiciary stakeholders. Research custom solutions for courts as needed. Qualifications Required: Four years of experience in information security systems. Experience with cybersecurity compliance programs. Strong communication and interpersonal skills; excellent customer service skills. Detailed, organized, and self-driven. Ability to work under pressure and within the constraints of conflicting deadlines. Proactive, problem-solving approach. Ability to respond effectively in critical situations. Ability to work independently and in a team environment. Ability to travel (25% - 50%). Preferred: Bachelor's degree in computer science or related field. Related cybersecurity or IT project management certifications. Related experience in a court, government agency, or equivalent environment. Total Rewards & Work/Life Balance Compensation*: $87,791 - $142,732 (CL 29) (*Salary commensurate with qualifications) Benefits: Employer subsidized health and life insurance plans. Dental and vision insurance plans. Flexible spending accounts for health care, dependent care, and commuter expenses. Eligibility for Public Service Loan Forgiveness Program and mass transit subsidies. On-site fitness center. Federal retirement entails a pension plan (FERS-FRAE) and employer-matching Thrift Savings Plan (similar to a 401K). Retirees may carry insurance plans into retirement while paying the same premiums as employees. Visit ********************************* to learn more about the Judiciary's competitive benefits. Work/Life: Annual time off - 13 vacation days, 13 sick leave days, and 11 paid holidays. Vacation days increase to 20 days after three years and to 26 days after fifteen years. Hybrid telework schedule may be available. Conditions of Employment Travel for this position is required. The selected candidate is provisionally hired pending results of background investigation/check and fingerprinting. This position is subject to updated background investigations every five years. Applicants selected for an interview must complete the Optional Background Information section on the Judiciary's application. Employees are required to adhere to the Judicial Code of Conduct for Judicial Employees . Electronic Fund Transfer for payroll direct deposit is required. Positions with the U.S. Courts are at-will, excepted service appointments, and may be terminated with or without cause by the Court. For citizenship requirements and additional information about careers in the Judiciary, visit ************************* The Court reserves the right to modify the conditions of this announcement, or to withdraw the announcement for any reason without notice. How To Apply Please submit a single PDF application packet, including (1) a cover letter addressing your qualifications and experience in relation to the job duties and how you learned of the position, (2) a current resume, to the Director of Human Resources via the Resume button on our online application system. Position is open until filled; preference given to applications received by January 5, 2026. Virtual interviews available. The United States Court of Appeals for the Sixth Circuit is an equal opportunity employer. For a reasonable accommodation during the recruitment process, contact Human Resources at **************.

Versiti is a fusion of donors, scientific curiosity, and precision medicine that recognize the gifts of blood and life are precious. We are home to the world-renowned Blood Research Institute, we enable life saving gifts from our donors, and provide the science behind the medicine through our diagnostic laboratories. Versiti brings together outstanding minds with unparalleled experience in transfusion medicine, transplantation, stem cells and cellular therapies, oncology and genomics, diagnostic lab services, and medical and scientific expertise. This combination of skill and knowledge results in improved patient outcomes, higher quality services and reduced cost of care for hospitals, blood centers, hospital systems, research and educational institutions, and other health care providers. At Versiti, we are passionate about improving the lives of patients and helping our healthcare partners thrive. Position Summary The Infrastructure Security Analyst will play a critical role in ensuring the security and integrity of our IT systems and networks. This position involves a balanced focus on IT Systems and Network Support and Cybersecurity with a concentration on Vulnerability Management. The ideal candidate will possess both technical expertise and strong analytical skills to identify, mitigate, and manage vulnerabilities while supporting the overall IT infrastructure. The candidate will thrive in a dynamic, team-oriented environment, where knowledge sharing, and continuous learning are encouraged. As an integral part of our collaborative team, the Infrastructure Security Analyst will work closely with various IT departments, including network operations, system administration, and application development. This role includes direct collaboration with the Senior Cybersecurity Engineer to ensure thorough analysis, identification, and mitigation of infrastructure vulnerabilities. Together, the team will address evolving cyber threats, communicate complex security concepts to stakeholders across all levels, and promote an organization-wide security culture while supporting Versiti's business and operational goals. This position values teamwork, encouraging information sharing and joint problem-solving to fortify the organization's defenses. This role is essential in building a resilient IT infrastructure that can adapt to evolving threats while supporting the organization's business objectives. Total Rewards Package Benefits Versiti provides a comprehensive benefits package based on your job classification. Full-time regular employees are eligible for Medical, Dental, and Vision Plans, Paid Time Off (PTO) and Holidays, Short- and Long-term disability, life insurance, 7% match dollar for dollar 401(k), voluntary programs, discount programs, others. Responsibilities Provide technical support for IT infrastructure, including servers, networks, and cloud services. Monitor system performance, troubleshoot issues, and perform regular maintenance on IT systems and document system configurations, changes, and procedures for future reference and compliance audits. Collaborate with IT teams to implement and maintain secure network configurations and ensure compliance with organizational policies while assisting in the deployment and configuration of hardware and software as needed. Respond to and resolve service requests and incidents in a timely manner. Conduct regular vulnerability assessments and penetration testing to identify security weaknesses within IT systems and networks and collaborate with IT teams to develop and implement mitigation strategies for identified vulnerabilities. Analyze vulnerability scan reports and prioritize remediation efforts based on risk assessment and monitor security alerts and incidents, responding to security breaches or threats as necessary. Maintain up-to-date knowledge of the latest cybersecurity threats, vulnerabilities, and trends. Utilize threat intelligence feeds and monitoring tools to proactively identify and mitigate potential security threats. Provide recommendations for security improvements and help implement new security controls. Performs other duties as required or assigned which are reasonably within the scope of the duties in this job classification Understands and performs in accordance with all applicable regulatory and compliance requirements Complies with all standard operating policies and procedures Qualifications Education Bachelor's Degree Computer Science, Information Technology, Cybersecurity, or a related field preferred Experience 4-6 years Demonstrated experience installing, managing and troubleshooting Linux and/or Microsoft Server environments. required 4-6 years Experience with Enterprise Data Center Server and Network environments. required 4-6 years Experience in conducting vulnerability assessments and penetration testing. required Demonstrated experience with VMware Server and storage management. preferred Knowledge, Skills and Abilities Understanding of patch management processes and tools required Knowledge of common security frameworks (e.g., NIST, ISO 27001, CIS Controls) required Strong analytical and problem-solving skills. required Excellent communication skills, both verbal and written, with the ability to explain technical concepts to non-technical stakeholders. required Strong attention to detail and ability to work independently as well as part of a team. required Experience with ticketing systems and IT service management processes. required Familiarity with scripting languages (e.g., PowerShell, Python). preferred Licenses and Certifications Certified Ethical Hacker (CEH) desired CISSP Certified Information Systems Security Professional desired Microsoft Certified Systems Engineer (MCSE) preferred Microsoft Certified Systems Administrator (MCSA) preferred CompTIA Network+ Certification preferred CompTIA Security+ Certification preferred Tools and Technology Proficiency in network protocols, firewalls, VPNs, and security appliances. required Knowledge of operating systems (Windows, Linux) and cloud environments (AWS, Azure). required Experience with vulnerability assessment tools (e.g., Nessus, Qualys, Rapid7). preferred Experience with container technologies (e.g., Docker, Kubernetes) preferred Familiarity with threat intelligence and incident response processes. preferred #LI-EH1 #LI-Hybrid Not ready to apply? Connect with us for general consideration.

Type of Requisition: Regular Clearance Level Must Currently Possess: Top Secret/SCI Clearance Level Must Be Able to Obtain: Top Secret SCI + Polygraph Public Trust/Other Required: None Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Information Security, Information Security Management, Information System Security Certifications: None Experience: 5 + years of related experience US Citizenship Required: Yes Job Description: The Information Systems Security Officer (ISSO) II is responsible for ensuring the appropriate operational security posture is maintained for an information system and as such, works in close collaboration with the ISSM and ISO. The position shall have the detailed knowledge and expertise required to manage the security aspects of an information system and, in many organizations, is assigned responsibility for the day-to-day security operations of a system. This will include physical and environmental protection, personnel security, incident handling, and security training and awareness. It will be required to work in close coordination with the ISSM and ISO in monitoring the information system(s) and its environment of operation to include developing and updating the authorization documentation, implementing configuration management across authorization boundaries. This will include assessing the security impact of those changes and making recommendation to the ISSM. The primary function is working within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities. Performance shall include: Assist the ISSM in meeting their duties and responsibilities. Prepare, review, and update authorization packages. Ensure approved procedures are in place for clearing, sanitizing, and destroying various types of hardware and media. Notify ISSM when changes occur that might affect the authorization determination of the information system(s). Conduct periodic reviews of information systems to ensure compliance with the security authorization package. Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change. Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Ensure all IS security-related documentation is current and accessible to properly authorized individuals. Ensure audit records are collected, reviewed, and documented (to include any anomalies) Attend required technical and security training (e.g., operating system, networking, security management) relative to assigned duties. Execute the cyber security portion of the self-inspection, to include security coordination and review of all system assessment plans. Identify cyber security vulnerabilities and assist with the implementation of the countermeasures for them. Prepare reports on the status of security safeguards applied to computer systems. Perform ISSO duties in support of in-house and external customers. Conduct continuous monitoring activities for authorization boundaries under your preview. Assist Department of Defense, National Agency and Contractor organizations with the development of assessment and authorization (A&A) efforts. Experience: 5+ years related experience. 2+ years SAP experience required. Prior performance in roles such as System, Network Administrator or ISSO. Education: Bachelor's degree OR Associate's degree in a related area + 2 years' experience OR equivalent experience (4 years) Certifications: IAT Level II ( Security+ CE, CCNA Security, etc) or IAM Level II - within 6 months of hire Clearance Required to Start: TS/SCI required Must be able to Attain - TS/SCI with CI Polygraph #AirforceSAPOpportunities The likely salary range for this position is $92,735 - $125,465. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: 10-25% Telecommuting Options: Onsite Work Location: USA OH Dayton Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at gdit.com/tc. Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

We are hiring a full-time Cybersecurity Engineer who is technical, dedicated to learning new things, security-minded, has strong initiative, and is able to manage projects autonomously. The Information Security team defends the company's digital infrastructure by designing, implementing, and improving the company's cybersecurity architecture. This is a critical role responsible for protecting infrastructure, cloud, edge devices, and data against unauthorized use, modification, exfiltration, or damage. If you're excited to be part of a fast-growing team, then Medpace is a great place to grow your career. Responsibilities * Engineer security solutions without oversight while collaborating with multiple internal departments and vendors; * Analyze security systems and drive continuous improvements; * Research vulnerabilities, perform vulnerability scanning and remediate threats; * Mature security best practices and policies internal to the organization; * Develop new processes while cross-training coworkers and assisting employees on security-related matters; * Provide security awareness training and testing for employees to verify proper security protocols are being adhered to; * Performing cyber security incident triage, reviewing logs, and performing remediation activities; and; * Review and reduce inappropriate/overprovisioned access to drive least privileged access. Qualifications * Minimum of bachelor's degree, preferably in Cybersecurity or Information Technology; * 3 years of experience in implementing, sustaining, and supporting Information Security solutions; * Understanding of security best practices and how to implement them within an enterprise environment; * Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following areas: * Zero Trust networking and network segmentation * Networking protocol analysis and forensics * Firewall configuration, Intrusions Detection and Prevention Systems (IDS/IPS) * Configuring Azure network architecture, working with Azure policies and Defender for Cloud Nice to have: * Experience with vulnerability assessment tools such as Nessus and Tenable; * Experience with enterprise web proxy solutions, web filters, and VPN such as Zscaler; * Experience with governing Windows environment including GPO; * Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPPA, and/or SOC2; and * Auditing and policy-writing experience. Medpace Overview Medpace is a full-service clinical contract research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 5,000 people across 40+ countries. Why Medpace? People. Purpose. Passion. Make a Difference Tomorrow. Join Us Today. The work we've done over the past 30+ years has positively impacted the lives of countless patients and families who face hundreds of diseases across all key therapeutic areas. The work we do today will improve the lives of people living with illness and disease in the future. Cincinnati Perks * Cincinnati Campus Overview * Flexible work environment * Competitive PTO packages, starting at 20+ days * Competitive compensation and benefits package * Company-sponsored employee appreciation events * Employee health and wellness initiatives * Community involvement with local nonprofit organizations * Discounts on local sports games, fitness gyms and attractions * Modern, ecofriendly campus with an on-site fitness center * Structured career paths with opportunities for professional growth * Discounted tuition for UC online programs Awards * Named a Top Workplace in 2024 by The Cincinnati Enquirer * Recognized by Forbes as one of America's Most Successful Midsize Companies in 2021, 2022, 2023 and 2024 * Continually recognized with CRO Leadership Awards from Life Science Leader magazine based on expertise, quality, capabilities, reliability, and compatibility What to Expect Next A Medpace team member will review your qualifications and, if interested, you will be contacted with details for next steps.

TOP SKILLS: Must Have Brinq Excellent communication and presentation skills, and a proven background of presenting to senior leaders, large groups, etc. on relevant matters pertaining to large projects and impacting key functionality. Lead and Implementation Experience Performing referral to principle proven consistent experience in vulnerability management, security engineering, security consulting etc Proven experience with proactive threat management, research, escalation, discovery etc. Security Solid understanding of popular security tooling and understanding of security architecture/interconnectedness of processes and tooling. Nice To Have CISSP, CISA, CISM, AWS Solutions Architect certifications GRC/audit management experience Scripting/automation experience - python preferred Solid proven experience with tooling such as Qualys, Brinqa, Archer, ServiceNOW, Checkmarx, Prisma (and any AWS experience is great as well) What You'll Do Responsible for performing all functions required to support day-to-day data security operations and accountable for security and networking infrastructure component availability and integrity, monitoring compliance with IT security policy, and coordinating investigation and reporting of security incidents. Primary Responsibilities: Define, deliver, and support enterprise security tools and architecture in collaboration with other teams. Enhance the Bank's network vulnerability management program for in-scope subsidiaries and affiliates. Define security environments and lead the implementation and onboarding of new applications, programs, processes, projects, and initiatives into the Enterprise Vulnerability Management Program. Communicate, escalate, support, and guide the resolution of open vulnerabilities, including infrastructure, application security, and configuration management vulnerabilities. Conduct security research on threats and remediation techniques/technology, make recommendations to IS/IT teams, and oversee their implementation. Proactively monitor and investigate security alerts from managed security service providers and in-house security tools. Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications, and systems. Support ad hoc requests for reporting and control evidence, as needed. Perform threat analysis and incident response by interpreting events. Support the Bank's operational information security responsibilities, including developing and maintaining standards, procedures, and guidelines for the Enterprise Vulnerability Management Program. Share knowledge and industry best practices with team members. Serve as a security engineer/consultant on projects. What You'll Get Competitive base salary Medical, dental, and vision insurance coverage Optional life and disability insurance provided 401(k) with a company match and optional profit sharing Paid vacation time Paid Bench time Training allowance offering You'll be eligible to earn referral bonuses! All done! Your application has been successfully submitted! Other jobs

Advent Global Solutions (AGS) is a leading global IT services company, specialized in delivering enterprise software solutions, IT consulting & outsourcing services, and product engineering solutions. Advent Global's commitment to deliver IT services is backed by 1,000+ employees and preferred partnerships with companies like SAP, Oracle, Sybase, and IBM Job Description Role: IT Security Engineer Location: Cincinnati, OH Duration: 12 months Need 10+ years consultant Key Responsibilities: Minimum 10+ years of IT security experience that includes proven IT Security risk assessments and audits, information risk management and assessment development Minimum 10+ years of on-site working experience in the US Minimum of 2 years of experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security. Intermediate knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security. 3+ years of experience in Web development and web technologies like HTTP, HTML, CSS, and JSPs. 3+ years of experience in microservice development, Node.js preferred or java springboard 2+ years of experience in continuous integration, continuous delivery and deployment automation 2+ years of experience in secure software development and deployment Intermediate knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security. Contributes to the design, engineering and implementation of systems infrastructure. Ability to execute in an agile driven environment Applies proven communication, analytical and problem-solving skills to identify, communicate and resolve issues. Application security reviews * Application Penetration testing * Projects and research work as needed * Security training and outreach to internal development teams * Security guidance documentation * Security tool development * Security metrics delivery and improvements Conduct deep code reviews and find design flaws, and think long-term about driving down operational cost Solve problems at their root, stepping back to understand the broader context, and implementing fixes to ensure that discovered issues are not repeated Stay abreast of new techniques, tools and methodologies used to solve cloud security problems Experience understanding Common Vulnerabilities and Exposures (CVE) and Web Application Security - OWASP Top 10 Requirements analysis, definition, and refinement Secure and assured systems engineering Hands on software engineering and development Mobile computing platform application development Application of Information Security Principals Must have experience in the Assessment of security risk, Big data and analytics, Reverse engineering and Malware analysis Software innovation and technology insertion Use of database technologies such as Oracle, MySQL, or SQL-based equivalents, as well as NoSQL-based databases such as Mongo DB Use Software Configuration Management tools Understanding of Software Development Life Cycle (SDLC) processes Support Test Engineering during formal testing phase of the project Represents the organization in providing solutions to difficult technical issues associated with specific projects Supports project developing solutions for Modernization and Sustainment tasks Must have Agile and DevOps Experience Bachelor's Degree or equivalent education and experience required. Security and/or risk-related certifications preferred but not required (CISSP, CSSLP, GEWB, CASS, CISA, CRISC, C-WAST) Proven analytical skills to identify and analyze security requirements and relate them to appropriate security policies, standards and/or controls in order to determine associated risk. Ensure that technical solutions effectively meet and support business needs. Proven ability to handle and prioritize multiple assignments, often within limited time constraints. The ability to interact with internal and external personnel at all organizational levels. Therefore, the candidate must have the ability to influence others across a matrix organizational structure Proven strong written and verbal communication skills are a requirement; both within the organization and with external partners and vendors. The ability to work independently and as a self-starter. Please share resumes to hemanth[dot]n[at]adventglobal[dot]com Additional Information All your information will be kept confidential according to EEO guidelines.

Subsidiary: KIRA Information Solutions Job Title: Information System Security Engineer (ISSE) Job Location: Hybrid-Position working with Wright-Patterson Air Force Base, Dayton, OH Labor Category: Exempt Clearance Requirement: Secret Clearance, if required In-person Requirement: As needed, meet in Dayton OH w/ key personnel or Customer Travel Requirement: Minimal, as needed Salary: $120,000- $180,000 Tlingit Haida Tribal Business Corporation (THTBC) is a family of 8(a), HUBZone, SDB, and other companies wholly- owned by the largest tribe in Alaska. Each of its wholly- owned 30+ subsidiaries are uniquely qualified to deliver value to its customers and teaming partners. For over 30 years, THTBC has operated as a trusted US Federal contractor throughout the US and worldwide. As a Native Alaskan, Tribally- Owned business, THTBC has a competitive edge unique in the US Federal Government contracting space, including access to US Government directed sole source contracts. THTBC delivers outstanding service with innovative, low-cost contract solutions to all its public and private sector customers worldwide. THTBC is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, religion, color, sex, gender, national origin, age, United States military veteran's status, ancestry, sexual orientation, marital status, family structure, medical condition including genetic characteristics or information, veteran status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Scope of Work: This position is working with the government and may require secret clearance and/or security plus certification. The government program office is Wright Patterson AFB, Dayton, Ohio. The development and support team are geographically dispersed, and teleworking is our daily working protocol, however, on-site support for meetings may be required. The program requires highly qualified, self-motivated, proactive people who work well with others with limited supervision. Essential duties : The Information Systems Security Engineer (ISSE) will be responsible for the day-to-day security operations of all of the ETIMS systems. The ISSE will be responsible for ensuring the full compliance and appropriate operational security posture set to current Federal, CNSS, DoD, USAF, and NIST standard including but not limited to standards included in the programs Performance Work Statement. CyberSecurity for all information systems will be maintained and documented by the ISSE. The ISSE will run vulnerability scans, as required in systems such as Checkmarx and CAST, etc. In addition to implementing and maintaining the aforementioned policies, they shall support the creation and maintenance of Plans of Action and Milestones (POA&M) in response to vulnerabilities identified during scans, risk assessments, audits, and inspections. This responsibility includes physical and environmental protection, access control, incident handling, security training, vulnerability and compliance management, configuration management, and the assistance in the development of security policies and procedures. The ISSE [RD2] [KG3] assures successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals. The ISSE shall ensure that all application deliverables comply with the hosting environment's Application Security & Development Security Technical Implementation Guide (STIG), which includes the need for source code scanning, the Database STIG, and a Web Penetration Test to mitigate vulnerabilities associated with (Structured Query Language) SQL injections, cross-site scripting, and buffer overflows. The appointed ISSE will work for and in close collaboration with the Government appointed ISSM/E. Our ISSE will perform duties in accordance with DoD Instruction 8510.01 and 8520.02, DoD Directive 8140.01, AFI 33-210, NIST Special Publication 800-37, and AR 25-2. Required qualifications: Bachelor's degree in engineering, science, mathematics, or a related field. Five years' experience within the past 10 years, in planning simulation exercise architectures, supervising implementation of communication systems, and integration of distributed exercises. Five years' experience in information technology management. Knowledge base with DoD Instruction 8510.01 and 8520.02, DoD Directive 8140.01, AFI 33-210, NIST Special Publication 800-37, and AR 25-2. Meet DoD 8570.01-M, 8140.01 Baseline Computing Environment (CE) Certification Requirements at Information Assurance Management Level II (IAM II). U.S. citizenship. Preferred qualifications: Bachelor's degree in Computer Science or Information Management. Possess an expert understanding of NIST, DoD, Air Force (AF) Cybersecurity Risk Management Framework policies, directives, instructions, manuals, and best business practices. Knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection and remediation tools and procedures utilizing standards-based concepts and capabilities (e.g., ACAS, MECM, ESS,etc.). Knowledge of disaster recovery continuity of operations plans. Knowledge of enterprise incident response program, roles, and responsibilities. Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of Defense-in-Depth). Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins. Knowledge of measures or indicators of system performance and availability. To perform this job successfully, an individual must be able to perform all the essential duties of the position satisfactorily. The requirements are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be made to enable qualified individuals with disabilities to perform the essential functions. May be required to obtain and maintain a security clearance, including successfully completing a thorough background investigation. If you need reasonable accommodations for any part of the employment process, please contact us and let us know the nature of your request. Requests for accommodation will be considered on a case-by-case basis. Program Details: This position is in support of the sustainment and modification of the United States Air Force (USAF) Electronic Technical Information Management System (ETIMS) program. ETIMS is the Air Force System of Record for Technical Order (TO) management and is the Air Force's Enterprise Defense Business System (DBS) for managing TOs. TOs are military orders containing the authoritative procedures and instructions for operating and maintaining all U.S. Department of the Air Force equipment and systems. ETIMS supports ~178,000 users at ~385 sites worldwide. It also supports ~60,000 eTOs, 54,000 ETIMS eTools, 14,000 paper TOs, and more than 13,000 TO libraries across the Air Force Enterprise. Agencies that rely on ETIMS for Air Force-related TOs and Computer Program Identification Numbers (CPINs) include the Army, Navy, Marines, Coast Guard, Foreign Military Sales (FMS), the National Aeronautics and Space Administration (NASA), The White House, and numerous Military Industrial Complex partners. ETIMS provides access to the official TO cataloging, managing, storing, distributing, and viewing capabilities needed by the operators and maintainers to support all Air Force weapon systems and equipment items. ETIMS is a cloud-based enterprise system hosting Java and Windows applications accessing Oracle database in the AWS environment. The ETIMS migration to the Amazon Web Services (AWS) Air Force Cloud 1 environment and leveraging Agile Principles allows for processes to mature across the user community and enables streamlining and process improvement realized by the rapid delivery of follow-on capabilities. ETIMS has been modernized over the years to provide a fully capable Air Force enterprise TO Management system. The Government Program Office is located at Wright Patterson Air Force Base in Dayton, Ohio. The development and support team are geographically dispersed and teleworking our daily working protocol.

ARS is looking for an Information System Security Officer (ISSO). Our desire is to build a team of highly qualified professionals that will provide expertise in Cybersecurity, Cloud, and Systems Engineering, who will support the development and sustainment of unique secure enclaves at the edge, that provide enterprise services and cyber network defense capabilities to customers across the DoD. This team will provide engineering expertise using technologies such as ePO, Splunk, ACAS, Azure Automation, STIG/SCAP, and other enterprise capabilities. The ISSO will have an active role in monitoring a system and its environment of operation to include developing and updating a System Security Plan, managing and controlling changes to the system, and assessing the security impact. Why Work with us?  ​Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers.   Responsibilities: Maintain the operational security posture of systems. Monitor systems and environments for security compliance. Develop and update System Security Plans (SSPs). Manage and control system changes and assess their security impact. Handle physical, personnel, and environmental security. Conduct incident response and security awareness training. Assist the ISSM and assume ISSM duties when necessary. Assist the ISSM in meeting their duties and responsibilities. The ISSO shall assume ISSM responsibilities in the absence of the ISSM; Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package; Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard; Ensure all users have the requisite security clearances, authorization, need-to-know, and are aware of their security responsibilities before granting access to the IS; Report all security-related incidents to the ISSM Conduct periodic reviews of information systems to ensure compliance with the security authorization package; Serve as member of the CCB, if designated by the ISSM; Coordinate any changes or modifications to hardware, software, or firmware of a system with the ISSM and AO/DAO prior to the change; Formally notify the ISSM and AO/DAO when changes occur that might affect system authorization; Monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly; Ensure all IS security-related documentation is current and accessible to properly authorized individuals; and Ensure audit records are collected, reviewed, and documented (to include any anomalies). Participate in joint agile backlog planning and provide feedback to the software development team and infrastructure teams around high to medium risk items that require information system owner approval. Responsibilities: Advanced technical competency and experience in one or more of the following areas: Active Directory Domain Services, Active Directory Federated Services, Active Directory Certificate Services, Windows Server Update Services, ePO, Splunk, STIG/SCAP, YUM, ACAS Automation, and Azure Monitor / Log Analytics. Maintain equivalent IAM Level 2 certifications based off of DoD 8140 standard 5+ years related experience in SCI/SAP environments. Bachelor's degree in computer science, Engineering, Finance, Business, or related field 5-8 years demonstrated performance in related technology Top Secret w/ SCI eligibility Other duties as assigned All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans.

IS ON-SITE AT OUR CINCINNATI, OHIO OFFICE ** At Danis, we don't just build projects-we build trust. Since 1916, our reputation has been defined by integrity, innovation, and a relentless commitment to delivering exceptional results. We approach every challenge with a problem-solving mindset, combining precision, creativity, and collaboration to bring our clients' visions to life. We know that our people are the foundation of our success. That's why we invest heavily in their growth. Through Danis University, employees have access to more than 45 specialized training programs designed to support continuous learning and career advancement. Join us and become part of a team that values your expertise, supports work-life balance, and empowers you to thrive professionally. One of the ways we protect that success is through a strong cybersecurity foundation-led by dedicated professionals who stay ahead of emerging threats. As an Information Security Analyst, you'll serve as a key defender of our digital environment. Your mission: safeguard sensitive data, neutralize threats, and ensure we stay a step ahead of cyber risks. You'll monitor, investigate, and respond to security events while shaping our company's cybersecurity roadmap. This is a collaborative role, working closely with IT and departments across the organization to elevate our security posture and build a culture of cyber resilience. This position reports to the CIO. Why Join Danis? Make an Impact: Lead healthcare projects that support medical professionals and improve patient care. Your work will have a lasting, positive effect on communities. Competitive Compensation: Enjoy annual merit increases and bonuses. Comprehensive Benefits: Health and dental insurance for you and your family, as well as life insurance, disability coverage, and supplemental insurance options. Secure Your Future: 401K plan and profit-sharing opportunities. Work-Life Balance: Generous PTO and vacation time, because we value your time outside of work. Give Back: Participate in our “Constructing Hope” program to contribute to meaningful community outreach projects. Career Development: Access 45+ training programs through Danis University to enhance your skills and grow your career. What You'll Bring Bachelor's degree in Cybersecurity, Information Technology, or a related field. 3+ years of hands-on experience in cybersecurity or a related discipline. Working knowledge of security frameworks (e.g., NIST, ISO 27001). Proficiency with security tools (e.g., SIEM, EDR, vulnerability scanners). Strong analytical and investigative mindset. Clear, confident communication and collaboration skills. Experience managing cross-functional projects and navigating complex security challenges. Responsibilities Your Impact: Strategic Leadership Help shape and enforce cybersecurity policies, procedures, and standards grounded in industry best practices. Lead the development and execution of our cybersecurity roadmap-including threat detection, incident response, and endpoint security initiatives. Governance, Risk, & Compliance Conduct routine risk assessments and internal audits to identify vulnerabilities and gaps. Ensure regulatory compliance (e.g., NIST, Ohio Data Protection Act). Maintain and test incident response plans; brief leadership on cybersecurity risks and metrics. Training & Awareness Drive cybersecurity awareness through engaging education initiatives. Oversee new hire onboarding for required cyber training. Facilitate tabletop exercises to simulate and prepare for real-world scenarios. Threat Detection & Response Continuously monitor systems for suspicious activity or breaches. Respond swiftly to security incidents and ensure thorough documentation. Engage in proactive threat hunting and analysis to detect emerging risks. Vulnerability & Risk Management Lead regular system assessments and vulnerability scans. Ensure robust network segmentation, firewall health, and secure backups. Security Architecture & Tools Oversee the deployment and management of critical security tools. Integrate cybersecurity solutions into enterprise infrastructure in collaboration with IT. Evaluate and enhance our security technology stack. Collaboration & Communication Build trusted partnerships across IT and the broader organization to strengthen security culture. Support business continuity and disaster recovery planning with department leads. Manage vendor risk and ensure third-party compliance with internal standards. Preferred Skills Familiarity with enterprise systems and platforms (e.g., ERP, CRM). Deep expertise in endpoint protection, network monitoring, and DLP tools. Calm, strategic approach to crisis management. Qualifications Working Environment: Onsite Role: This position is based fully onsite, allowing for close collaboration with IT peers and business units. Being embedded within the organization supports real-time incident response and hands-on access to systems and infrastructure. Team-Oriented Culture: You'll be part of a collaborative and supportive IT team that values knowledge sharing, proactive problem-solving, and continuous improvement. Security-First Mindset: You'll work in an environment where cybersecurity is a top priority, supported by leadership and embraced across departments. Dynamic and Evolving: The role operates in a fast-paced environment where adaptability is essential. You'll encounter evolving threats, shifting technologies, and the need to respond quickly and effectively. Professional Development: Ongoing learning is encouraged through access to training, certifications, and internal resources that support your growth in cybersecurity. Modern Tools & Infrastructure: You'll work with enterprise-grade security tools and platforms and have opportunities to recommend and implement improvements to our technology stack. EEO Statement Danis is an Equal Opportunity Employer. Danis does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit and business need. Please, no agency calls. Unsolicited resumes from agencies will be considered property of Danis, with no obligation for fees. #LI-ONSITE

This position will primarily be responsible for monitoring and analyzing security alerts using our Security Information and Event Management (SIEM) platform, conducting regular vulnerability assessments and configuration compliance scans, managing email security measures, and providing technical support for various cybersecurity tools as needed. Responsibilities Monitor and analyze security alerts using the SIEM system and other specialized monitoring tools. Triage and investigate potential cybersecurity incidents, prioritizing threats based on severity and potential impact on the system. Conduct a thorough investigation of security violations and incidents, collaborating with other team members and/or escalating to manager as necessary. Conduct regular vulnerability assessments and configuration compliance scans across internal and external networks. Collaborate with cross-functional IT teams on vulnerability remediation efforts and address configuration baseline deviations, ensuring timely resolution and improved security posture. Monitor and analyze email security systems, including user-reported phishing attempts. Perform appropriate investigation and remediation actions as necessary. Identify and develop ways to improve the efficiency of security, network, and application log monitoring. Provide technical and end-user support for cybersecurity tools as needed. Qualifications Bachelors degree in technology-related field and 2-4 years of job-related experience. An equivalent combination of education and experience requiring similar knowledge, skills, abilities, and performing duties as described may be substituted for the minimum requirements. Experience conducting vulnerability scanning and assessments using tools like Nessus Professional and Qualys. Familiarity with cybersecurity frameworks and standards, such as National Institute of Standards and Technology (NIST) SP 800-53, NIST SP 800-171, and NIST cybersecurity framework is preferred. Experience with configuration baselines such as Center for Internet Security (CIS) Benchmarks and Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGS) is preferred. Fundamental networking knowledge, such as TCP/IP and common protocols (HTTP, HTTPS, FTP, SSH, DNS, etc.). Fundamental understanding of firewalls, intrusion detection/prevention systems (IDS/IPS), data loss prevention (DLP), endpoint antivirus, and email security. Ability to read and interpret various system and security logs, such as Windows Event Logs, firewall logs, antivirus logs, email security/filtering logs, and IDS/IPS logs is required. Basic knowledge of SIEM systems such as LogRhythm, QRadar, Splunk, ELK stack, etc. Must have good verbal and written communication skills. Must be able to clearly document findings, incidents, and procedures. Must be able to pass a National Agency Check with Inquiries (NACI/Tier 1) background check. Working Place: Cincinnati, Ohio, United States Company : ORAU- Oct 29th Virtual Fair

":"As an Information Security Compliance Analyst, you will learn about the regulatory, contractual, and legislative requirements that affect technology used by our Company . You will be responsible for coordinating with internal and external parties to complete a variety of cyber security assessments, help raise security awareness of associates, provide guidance on industry standard cyber security requirements, and track on-going activities that help meet our security and compliance goals. If you thrive on solving complex problems, embrace continuous learning, and approach challenges with curiosity and critical thinking, apply today! #LI-DNI","job_category":"Information Technology","job_state":"OH","job_title":"Information Security Compliance Analyst","date":"2025-12-04","zip":"45430","position_type":"Full-Time","salary_max":"0","salary_min":"0","requirements":"Strong critical thinking skills required~^~Basic computer skills required~^~Strong written and verbal communication~^~Strong ability to drive task and organizing\/maintaining records~^~Ability to think creatively and strategically~^~Passion for learning new and emerging technology~^~Technology education or certifications, experience with enterprise IT environments, experience working with security regulatory requirements, and knowledge of security frameworks such as NIST CFS, NIST 800-53, ISO, PCI-DSS a plus","training":"","benefits":"Our associates receive medical, dental, vision, and life insurance. We also offer company contributions to your HSA, 6% match on 401(k), and a work\/life balance with paid time off. At our Dayton office, you can take advantage of our great training programs and facility amenities, including an onsite dining facility offering complimentary breakfast and lunch, a fitness center, and an onsite medical center. We also offer a wide variety of sports and social leagues to participate in after work, along with volunteering initiatives through our Associate Foundation. Reynolds and Reynolds promotes a healthy lifestyle by providing a non-smoking environment. Reynolds and Reynolds is an equal opportunity employer. ","

IS ON-SITE AT OUR CINCINNATI, OHIO OFFICE ** At Danis, we don't just build projects-we build trust. Since 1916, our reputation has been defined by integrity, innovation, and a relentless commitment to delivering exceptional results. We approach every challenge with a problem-solving mindset, combining precision, creativity, and collaboration to bring our clients' visions to life. We know that our people are the foundation of our success. That's why we invest heavily in their growth. Through Danis University, employees have access to more than 45 specialized training programs designed to support continuous learning and career advancement. Join us and become part of a team that values your expertise, supports work-life balance, and empowers you to thrive professionally. One of the ways we protect that success is through a strong cybersecurity foundation-led by dedicated professionals who stay ahead of emerging threats. As an Information Security Analyst, you'll serve as a key defender of our digital environment. Your mission: safeguard sensitive data, neutralize threats, and ensure we stay a step ahead of cyber risks. You'll monitor, investigate, and respond to security events while shaping our company's cybersecurity roadmap. This is a collaborative role, working closely with IT and departments across the organization to elevate our security posture and build a culture of cyber resilience. This position reports to the CIO. Why Join Danis? Make an Impact: Lead healthcare projects that support medical professionals and improve patient care. Your work will have a lasting, positive effect on communities. Competitive Compensation: Enjoy annual merit increases and bonuses. Comprehensive Benefits: Health and dental insurance for you and your family, as well as life insurance, disability coverage, and supplemental insurance options. Secure Your Future: 401K plan and profit-sharing opportunities. Work-Life Balance: Generous PTO and vacation time, because we value your time outside of work. Give Back: Participate in our “Constructing Hope” program to contribute to meaningful community outreach projects. Career Development: Access 45+ training programs through Danis University to enhance your skills and grow your career. What You'll Bring Bachelor's degree in Cybersecurity, Information Technology, or a related field. 3+ years of hands-on experience in cybersecurity or a related discipline. Working knowledge of security frameworks (e.g., NIST, ISO 27001). Proficiency with security tools (e.g., SIEM, EDR, vulnerability scanners). Strong analytical and investigative mindset. Clear, confident communication and collaboration skills. Experience managing cross-functional projects and navigating complex security challenges. Responsibilities Your Impact: Strategic Leadership Help shape and enforce cybersecurity policies, procedures, and standards grounded in industry best practices. Lead the development and execution of our cybersecurity roadmap-including threat detection, incident response, and endpoint security initiatives. Governance, Risk, & Compliance Conduct routine risk assessments and internal audits to identify vulnerabilities and gaps. Ensure regulatory compliance (e.g., NIST, Ohio Data Protection Act). Maintain and test incident response plans; brief leadership on cybersecurity risks and metrics. Training & Awareness Drive cybersecurity awareness through engaging education initiatives. Oversee new hire onboarding for required cyber training. Facilitate tabletop exercises to simulate and prepare for real-world scenarios. Threat Detection & Response Continuously monitor systems for suspicious activity or breaches. Respond swiftly to security incidents and ensure thorough documentation. Engage in proactive threat hunting and analysis to detect emerging risks. Vulnerability & Risk Management Lead regular system assessments and vulnerability scans. Ensure robust network segmentation, firewall health, and secure backups. Security Architecture & Tools Oversee the deployment and management of critical security tools. Integrate cybersecurity solutions into enterprise infrastructure in collaboration with IT. Evaluate and enhance our security technology stack. Collaboration & Communication Build trusted partnerships across IT and the broader organization to strengthen security culture. Support business continuity and disaster recovery planning with department leads. Manage vendor risk and ensure third-party compliance with internal standards. Preferred Skills Familiarity with enterprise systems and platforms (e.g., ERP, CRM). Deep expertise in endpoint protection, network monitoring, and DLP tools. Calm, strategic approach to crisis management. Your Impact: Strategic Leadership Help shape and enforce cybersecurity policies, procedures, and standards grounded in industry best practices. Lead the development and execution of our cybersecurity roadmap-including threat detection, incident response, and endpoint security initiatives. Governance, Risk, & Compliance Conduct routine risk assessments and internal audits to identify vulnerabilities and gaps. Ensure regulatory compliance (e.g., NIST, Ohio Data Protection Act). Maintain and test incident response plans; brief leadership on cybersecurity risks and metrics. Training & Awareness Drive cybersecurity awareness through engaging education initiatives. Oversee new hire onboarding for required cyber training. Facilitate tabletop exercises to simulate and prepare for real-world scenarios. Threat Detection & Response Continuously monitor systems for suspicious activity or breaches. Respond swiftly to security incidents and ensure thorough documentation. Engage in proactive threat hunting and analysis to detect emerging risks. Vulnerability & Risk Management Lead regular system assessments and vulnerability scans. Ensure robust network segmentation, firewall health, and secure backups. Security Architecture & Tools Oversee the deployment and management of critical security tools. Integrate cybersecurity solutions into enterprise infrastructure in collaboration with IT. Evaluate and enhance our security technology stack. Collaboration & Communication Build trusted partnerships across IT and the broader organization to strengthen security culture. Support business continuity and disaster recovery planning with department leads. Manage vendor risk and ensure third-party compliance with internal standards. Preferred Skills Familiarity with enterprise systems and platforms (e.g., ERP, CRM). Deep expertise in endpoint protection, network monitoring, and DLP tools. Calm, strategic approach to crisis management. Qualifications Working Environment: Onsite Role: This position is based fully onsite, allowing for close collaboration with IT peers and business units. Being embedded within the organization supports real-time incident response and hands-on access to systems and infrastructure. Team-Oriented Culture: You'll be part of a collaborative and supportive IT team that values knowledge sharing, proactive problem-solving, and continuous improvement. Security-First Mindset: You'll work in an environment where cybersecurity is a top priority, supported by leadership and embraced across departments. Dynamic and Evolving: The role operates in a fast-paced environment where adaptability is essential. You'll encounter evolving threats, shifting technologies, and the need to respond quickly and effectively. Professional Development: Ongoing learning is encouraged through access to training, certifications, and internal resources that support your growth in cybersecurity. Modern Tools & Infrastructure: You'll work with enterprise-grade security tools and platforms and have opportunities to recommend and implement improvements to our technology stack. Working Environment: Onsite Role: This position is based fully onsite, allowing for close collaboration with IT peers and business units. Being embedded within the organization supports real-time incident response and hands-on access to systems and infrastructure. Team-Oriented Culture: You'll be part of a collaborative and supportive IT team that values knowledge sharing, proactive problem-solving, and continuous improvement. Security-First Mindset: You'll work in an environment where cybersecurity is a top priority, supported by leadership and embraced across departments. Dynamic and Evolving: The role operates in a fast-paced environment where adaptability is essential. You'll encounter evolving threats, shifting technologies, and the need to respond quickly and effectively. Professional Development: Ongoing learning is encouraged through access to training, certifications, and internal resources that support your growth in cybersecurity. Modern Tools & Infrastructure: You'll work with enterprise-grade security tools and platforms and have opportunities to recommend and implement improvements to our technology stack. EEO Statement Danis is an Equal Opportunity Employer. Danis does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit and business need. Please, no agency calls. Unsolicited resumes from agencies will be considered property of Danis, with no obligation for fees. #LI-ONSITE

ARS is currently looking for an Information System Security Engineer (ISSE). Our desire is to build a team of highly qualified professionals that will provide expertise in Cybersecurity, Cloud, and Systems Engineering, who will support the development and sustainment of unique secure enclaves at the edge, that provide enterprise services and cyber network defense capabilities to customers across the DoD. This team will provide engineering expertise using technologies such as ePO, Splunk, ACAS, Azure Automation, STIG/SCAP, and other enterprise capabilities. The Information Systems Security Engineer (ISSE) shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies. **Why Work with us?** Applied Research Solutions (ARS) is respected as a world-class provider of technically integrated solutions as we deliver premier talent and technology across our focused markets for unparalleled, continuous mission support. Awarded a Best Places to Work nominee since 2020, ARS recognizes that without our career- driven, loyal professionals, we would not be able to deliver state-of-the-art results for our mission partners. We firmly believe that prioritizing our employees is of the upmost importance. We provide a culture where our employees are challenged to meet their career goals and aspirations, while still obtaining a work/life balance. ARS employees are motivated through our industry competitive benefits package, our awards and recognition program, and personalized attention from ARS Senior Managers. **Responsibilities:** + Engineer unique solutions to support ongoing Cyber Threat and Cyber Defensive Operations. + Automate threat assessment and reporting activities. + Analyze and report system and organizational security posture trends to the ISSM/ISSO. + Provide cybersecurity recommendations to the ISSM based on significant threats and vulnerabilities. + Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation. + Plan and recommend modifications or adjustments based on exercise results. + Mitigate or correct security deficiencies identified during security and certification testing and/or recommend risk acceptance to the ISSM + Audit support responsibilities + Analyze and report organizational security posture trends to the ISSM/ISSO + Analyze and report system security posture trends to the ISSM/ISSO + Apply security policies to meet security objectives of the system to the ISSM/ISSO + Assess adequate access controls based on principles of least privilege and need-to-know and reports findings to the ISSM/ISSO + Assess all the configuration management (change configuration/release management) processes and reports findings to the ISSM/ISSO + Assess the effectiveness of security controls and reports findings to the ISSM + Be able to develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements + Ensure all systems security operations and maintenance activities are properly documented and updated as necessary + Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level and reports findings to the ISSM + Implement security measures to resolve vulnerabilities, mitigate risks and recommend security changes to system or system components as needed + Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation + Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance to the ISSM + Plan and recommend modifications or adjustments based on exercise results or system environment + Properly document all systems security implementation, operations and maintenance activities and updates necessary + Provides cybersecurity recommendations to the ISSM based on significant threats and vulnerabilities + Verify and update security documentation reflecting the application/system security design features + Verify minimum security requirements are in place for all applications + Assists the ISSM/ISSO in identifying the security requirements for the system, including the confidentiality, integrity, and availability of data + Assists the ISSM/ISSO in describing and documenting the security controls that will be implemented to meet the security requirements + Assists the ISSM/ISSO in describing and documenting the procedures that will be used to manage security risks and incidents + Assists the ISSM/ISSO in describing and documenting how the security controls will be monitored and tested to ensure that they are effective + Assists the ISSM/ISSO in describing and documenting how changes to the system will be managed to minimize security risks + Assists the ISSM/ISSO in describing and documenting how the system will be recovered in the event of a security incident + Assists the ISSM/ISSO in the collection and organization of supporting documentation and diagrams needed for an Authority to Operate Package + Assists the ISSM/ISSO with conducting a security assessment of the system. This includes identifying the system's assets, threats, vulnerabilities, and risks. + Assists the ISSM/ISSO with developing a risk management plan. This plan identifies the security controls that will be implemented to mitigate the risks to the system. + Assists the ISSM/ISSO in writing the System Security Plan or updating a System Security Plan Addendum + Assists the ISSM/ISSO in reviewing and updating the System Security Plan or Addendum + Assists the ISSM/ISSO in ensuring that the SSP is compliant with applicable DoD security policies and procedures + Monitors and investigates security breaches + Educates employees or clients about security procedures and programs + Other duties as assigned **Requirements:** + Must be a US citizen + Advanced technical competency and experience in one or more of the following areas: Active Directory Domain Services, Active Directory Federated Services, Active Directory Certificate Services, Windows Server Update Services, ePO, Splunk, STIG/SCAP, YUM, ACAS Automation, and Azure Monitor / Log Analytics. + Security+ Certification + 5+ years related experience in SCI/SAP environments. + Bachelor's degree in computer science, Engineering, Finance, Business, or related field AND 3+ years leadership experience in relevant area of business OR equivalent experience. + 8-12 years demonstrated performance in related technology. Minimum Security Clearance Required + Top Secret w/ SCI eligibility Additional or Preferred Qualifications + 5+ years leadership experience in relevant area of business. + Technical certifications in Azure All positions at Applied Research Solutions are subject to background investigations. Employment is contingent upon successful completion of a background investigation including criminal history and identity check. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities. This contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered contractors and subcontractors to employ and advance in employment qualified protected veterans. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor.