Security engineer jobs in Mountain Top, PA

Our client is one of the largest Hospitals in the US. Based out of Philadelphia, they are looking to hire a Cloud Security Engineer on a Contract basis. Contract Duration: 6 Month Contract (Potential for extension or conversion) Required Skills & Experience At least twelve (12) years industry related experience, including experience in one to two IT disciplines (such as technical architecture, network management, application development, middleware, information analysis, database management or operations) in a multitier environment. CISSP Certification At least six (6) years experience with information security, regulatory compliance and risk management concepts. At least three (3) years experience with Identity and Access Management, user provisioning, Role Based Access Control, or control self-assessment methodologies and security awareness training. Experience with Cloud and/or Virtualization technologies. Demonstrates comprehensive knowledge and understanding of Information security principles, general and IT controls (e.g., access controls, risk management, change management, cloud security) and related information security policies and procedures. Exhibits knowledge of industry regulatory standards and accreditation requirements or control frameworks (HIPAA, PCI, Joint Commission, NIST, Red Flags, ISO 27000 series). Comprehensive knowledge of information security regulations, standards and leading practices, including understanding of EHR, cloud frameworks, identity access controls. Good knowledge of basic database query techniques & data mining to analyze data or other related database functionality. Knowledge of Microsoft Active Directory, UNIX, and Clinical Applications a plus. Experience implementing application level security in clinical and financial systems (e.g., Epic, Lawson). ERP experience a plus. General understanding of networking and communication techniques including WANs, LANs, Internet, Intranet, protocols, such as TCP/IP and their impact on security. Microsoft, UNIX, Lawson, and Clinical Applications, Experience with industry standard SDLC methodologies; hands-on experience in Project Server methodologies, PMO project management skills, including use of MS productivity tools (Access, Word, PowerPoint, Visio, Project). Experience with risk management frameworks. Information Security Requirements Understand and comply with all enterprise and IS departmental information security policies, procedures and standards. Support the integration of information security in the development, design, and implementation of Hospital Technology Resources that process, transmit, or store information. Support all compliance activities related to state, federal regulatory requirements, healthcare accreditation standards, and all other applicable regulations that govern the use and disclosure of patient, financial, or other confidential information. Daily Responsibilities Optimizes information management approaches through an understanding of evolving business needs and technology capabilities and ensures that projects do not duplicate functionality or diverge from each other and business and DTS strategies. Shapes, designs, and plans specific service lines in product area and manages the risks associated with information and DTS assets through appropriate standards and security policies. Functions as the Subject Matter Expert (SME) to maintain an understanding of DTS business and clinical applications and the relationship to InfoSec and compliance solutions; assist Hospital stakeholders in understanding information protection needs that support the Hospital's business. Works with other architects to provide a consensus based enterprise solution that is scalable, adaptable and in synchronization with ever changing business needs and takes ownership of a particular solution offering. Works with highly matrixed team of DTS personnel to support enterprise architecture and information security operations including, but not limited to, architecture and InfoSec principles around identity & access management models, cloud identify management providers, security information and event monitoring, and data loss prevention, perimeter (e.g. firewalls, IPS, web filtering), cloud and virtualization environments and network security (host-based firewalls, anti-virus, disk encryption). Support and/or lead activities around InfoSec standards for business continuity and change management activities (e.g., table tops and change review board) and educates DTS Hospital management on security issues (e.g., Identity and Access Management (IAM), Role Based Access Control (RBAC) models. You will receive the following benefits: Medical Insurance - Four medical plans to choose from for you and your family Dental & Orthodontia Benefits Vision Benefits Health Savings Account (HSA) Health and Dependent Care Flexible Spending Accounts Voluntary Life Insurance, Long-Term & Short-Term Disability Insurance Hospital Indemnity Insurance 401(k) including match with pre and post-tax options Paid Sick Time Leave Legal and Identity Protection Plans Pre-tax Commuter Benefit 529 College Saver Plan Motion Recruitment Partners (MRP) is an Equal Opportunity Employer. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Employment is subject to the successful completion of a pre-employment screening. Accommodation will be provided in all parts of the hiring process as required under MRP's Employment Accommodation policy. Applicants need to make their needs known in advance.

CompanyFederal Reserve Bank of PhiladelphiaThe Federal Reserve Bank of Philadelphia is one of the 12 regional Reserve Banks that, together with the Board of Governors in Washington, D.C., make up the Federal Reserve System. It helps formulate and implement monetary policy, supervises banks and bank and savings and loan holding companies, and provides financial services to depository institutions and the federal government. The Federal Reserve Bank of Philadelphia serves eastern and central Pennsylvania, southern New Jersey, and Delaware. When you join the Federal Reserve-the nation's central bank-you'll play a key role, collaborating with leading tech professionals to strengthen and protect our economic, financial and payments systems. We dedicate more than $1 billion to technology each year to support the Federal Reserve and our economy, and we're building a dynamic and diverse team for our future. Bring your passion and expertise, and we'll provide the opportunities that will challenge you and propel your growth-along with a wide range of benefits and perks that support your health, wealth, and life. In addition to competitive compensation, we offer a comprehensive benefits package that includes tuition assistance, generous paid time off, top-notch health care benefits, child and family care leave, professional development opportunities, a 401(k) match, on, and more. All brought together in a flexible work environment where you can truly find balance. What You Will Do: Develop conceptual, logical and physical IT engineering designs, that support the infrastructure requirements of varying levels of technical and business application projects. Analyze our requirements, as it relates to technical infrastructure design, and ensure traceability of the design to our requirements. Assess testing requirements and prepare testing strategies and prepare implementation and transition plans. Attend and participate in agile ceremonies supporting EUS and Digital Workplace priorities. Support product owner in assessing backlog, capacity and completing work assignments. Representing End User Services (EUS) and Digital Workplace area(s) well and interacting with stakeholders and customers in a professional and consistent manner. Ensure assigned tasks are completed, JIRA cards are updated, and timesheets are submitted in a timely manner. Perform resolution of complex hardware, environmental software operating systems and subsystems. Oversee problem avoidance actions. Analyze and revise existing system logic and documentation. May authorize risk level changes and recommend solutions to minimize and prevent system interruption. Recommend and select new software/hardware. Perform change and problem management using standard tools. Ensure conformance and compliance with existing system standards. Measure performance to ensure operation. Lead technical/complex projects using FRIT/System staff and resources. Follow and ensure adherence to technical standards for programming and design techniques. Train System technical staff on use of software/hardware tools following required standards and procedures. Monitor compliance with internal audit requirements and Information Security Manual guidelines. What You Have: Familiar with Microsoft 365 security products and services: Data Loss Prevention Information Rights Management Microsoft Defender for Office 365 Privileged Identity Management Entra ID Experience with Microsoft Purview features: Information Protection Records Management Insider Risk Management Data Lifecycle Management Sensitive Information Types Trainable Classifiers Administrative Units Comprehensive knowledge about concepts and principles in functional area. General knowledge of department/business lines, Reserve Banks, and System operations, policies, procedures and technologies. Excellent interpersonal, negotiation, creativity, attention to detail, and oral and written communications skills tailored for the intended audience. You are responsible for understanding and applying risk management discipline in decision-making and contributing to your function's risk management. Work under the direction and guidance in planning details of procedures and methods to attain definite goals. Makes decisions within established or widely accepted standards. Achieve assigned/planned results by decisions and actions based on professional methods, training, business principles, and practical experience. Education and Experience Bachelor's Degree or equivalent experience with a minimum of 6 years of relevant work experience. Other Requirements: Working Conditions: Will require the use of standard office equipment such as computers, phones, photocopiers. Physical Demands: Requires some degree of sitting (for prolonged periods of time), standing, lifting carrying, pushing, pulling more than 20 lbs. Hours of Work: May require extended work hours. Occasional travel including overnight stays may be necessary. May be subject to on-call and call back as needed. May work with moderate noise from equipment. This posting is a dual grade job posting. Candidates who have a slightly lower level of experience, education, or qualifications may also be considered. The salary grade for this position is: 15/16. Final salary and offer will be determined by the applicant's background, experience and skills, as well as internal equity and alignment with market data. We offer a great benefits package that features: Medical (4 options), Prescription, Dental (3 options), and Vision Insurance with no waiting period 401k/Thrift Plan with generous employer match Employer-funded Pension Plan Paid Vacation/Sick Time & Holidays Monthly $200 Commuter Allowance Flexible Spending Accounts and Healthcare Spending Accounts Flexible Work Schedule available in most departments Life Insurance and Long-Term Disability Insurance Tuition Reimbursement (undergraduate and graduate) Parental Leave Free onsite 24/7 Fitness Center including training classes, Peloton bikes and locker room / shower facilities Onsite Cafeteria & Coffee Shop Additional Convenience Benefits, Discounts and More… Additional Information: The Federal Reserve Bank of Philadelphia takes your information privacy seriously. Federal Reserve Bank of Philadelphia staff will only email you from the “@phil.frb.org” domain or through the Workday system “****************”. If you are initially contacted by phone, feel free to request that the caller provide you with their email address to validate their identity. If you have any questions about the validity of someone who contacts you regarding this position, please email the Talent Acquisition team at ******************************. We are an equal opportunity employer committed to hiring the best candidates and to providing equal employment opportunity to all persons without regard to race, color, religion, sex, pregnancy, national origin, age, genetic information, disability, military service, or any other basis protected by law. We will ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job responsibilities, and to receive other benefits and privileges of employment. If you need assistance or an accommodation due to a disability, please email us at ******************************. All Federal Reserve Bank of Philadelphia employees must comply with the Bank's ethics rules, which generally prohibit employees, their spouses/domestic partners, and minor children from owning securities, such as stock, of banks or savings associations or their affiliates, such as bank holding companies and savings and loan holding companies. If you or your spouse/domestic partner or minor child own such securities and would not be willing or able to divest them if you accepted an offer of Bank employment, you should raise this issue with the Recruiter for this posting, who can provide you contact information for our ethics officer if necessary. You should review the Bank's Employee Code of Conduct to ensure compliance with conflict-of-interest rules and personal investment restrictions. Background investigations and drug testing are required for all new hires as a condition of employment, after the job offer is made. Candidates for positions deemed as "safety sensitive" will also be screened for the presence of marijuana. Employment may not begin until the Bank accepts the results of the background investigation. Due to the nature of the information, you will have access to, we require that you also complete a more in-depth enhanced background screening (Peraton high). All employees will be subject to FBI fingerprint / criminal background and Patriot Act/ Office of Foreign Assets Control (OFAC) watch list checks at least once every five years. Certain eligibility rules apply. You will provide work authorization to prove your eligibility to work in the United States. This position requires access to confidential supervisory information and/or FOMC information, which is limited to "Protected Individuals" as defined in the U.S. federal immigration law. Protected Individuals include, but are not limited to, U.S. citizens, U.S. nationals, and U.S. permanent residents who either are not yet eligible to apply for naturalization or who have applied for naturalization within the requisite timeframe. Candidates who are permanent residents must sign a declaration of intent to become a U.S. citizen when eligible to do so and pursue a path to citizenship. Candidates who are not U.S. citizens or U.S. permanent residents may be eligible for the information access required for this position if they sign a declaration of intent to become a permanent resident and a U.S. citizen and meet other eligibility requirements. In addition, all candidates must undergo an applicable background check and comply with all applicable information handling rules. The above statements are intended to describe the general nature, level of work and the requirements of this position. They are not intended to be an exhaustive list of all responsibilities associated with this position or the personnel so classified. While this is intended to be an accurate reflection of this position, management reserves the right to revise this or any job description at its discretion at any time. Employee will work full-time on site. By applying to this position, you agree you will be available to work on-site in a full-time capacity. Learn more about the Philly Fed and its culture. Learn more about working for the Philly Fed. Full Time / Part TimeFull time Regular / TemporaryRegularJob Exempt (Yes / No) YesJob CategoryInformation Technology Family GroupWork ShiftFirst (United States of America) The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences. Always verify and apply to jobs on Federal Reserve System Careers (************************************* or through verified Federal Reserve Bank social media channels. Privacy Notice

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Client Solution Architects (CSA) is currently seeking a Cyber Security Engineer to support our program at Fort Indiantown Gap, PA. For nearly 50 years, CSA has delivered integrated technology and operational support services to meet the defense and federal sector's most complex enterprise needs. Working from operations centers and shipyards to training sites and program offices, CSA deploys experienced teams, innovative tools and proven processes to advance federal missions. This position is contingent on contract award. How Role will make an impact: * Maintains the appropriate operational security posture and documentation for MCTSP information systems * Implementing DoD, Army, ARNG, and MCTSP information security policies * Creating and implementing POA&M in response to vulnerabilities identified during risk assessments, audits, and inspections * RMF document and artifact management * Managing and tracking the IAVM system * Physical and environmental protection, access control, incident handling, security training, vulnerability and compliance management, configuration management, and assistance in the development of security policies and procedures. Requirements What you'll need to have to join our award-winning team: * Clearance: Must possess and maintain an active Secret Clearance. * Bachelor's degree in Cyber Security or related field or associate degree and 5 years of specialized experience. * IAT II Certification * 3 years' experience in assessing and mitigating risk for networks and systems utilized in LVC and integrated training environments that include simulations that stimulate Army C2 Systems. * 3 years' experience planning architectures for LVC and integrated training environments and for stimulation of Army Mission Command Systems in support of Division and Above training events and distributed exercises; * 5 years' experience with military training and training support; experience designing and supporting distributed, simulation-supported exercises Why You'll Love this Job: * Purpose filled roles that contribute to impactful solutions to advance our federal clients' mission. * You may examine doctrine, plans, policies and procedures that will enhance and enrich the training environment, ensuring our warfighters are fully prepared for any challenge. * Daily opportunities to develop new skills * Team environment What We Can Offer You: * Compensation * Health & Wellbeing * We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. * Personal & Professional Development * We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have - whether you want to become a knowledge expert in your field or apply your skills to another division. * Diversity, Inclusion & Belonging * We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. * Benefits * Healthcare (medical, dental, vision, prescription drugs) * Pet Insurance * 401(k) savings plan * Paid Time Off (PTO) * Holiday pay opportunities * Basic life insurance * AD&D insurance * Company-paid Short-Term and Long-Term Disability * Employee Assistance Program * Tuition Support Options * Identity Theft Program

Are you a cybersecurity and/or AI researcher who enjoys a challenge? Are you excited about pioneering new research areas that will impact academia, industry, and national security? If so, we want you for our team, where you'll collaborate to deliver high-quality results in the emerging area of AI security. The CERT Division of the Software Engineering Institute (SEI) is seeking applicants for the AI Security Researcher role. Originally created in response to one of the first computer viruses -- the Morris worm - in 1988, CERT has remained a leader in cybersecurity research, improving the robustness of software systems, and in responding to sophisticated cybersecurity threats. Ensuring the robustness and security of AI systems is the next big challenge on the horizon, and we are seeking life-long learners in the fields of cybersecurity, AI/ML, or related areas, who are willing to cross-train to address AI Security. As part of the Threat Analysis Directorate, you will join a group of security experts focused on advancing the state of the art in AI security at a national and global scale. Our tasks include vulnerability discovery and assessments for AI systems, evaluation of the effectiveness and robustness of defenses and mitigations for AI systems, reverse engineering AI systems and models, and identifying new areas where security research is needed. We participate in communities of network defenders, software developers and vendors, security researchers, AI practitioners, and policymakers. You'll get a chance to work with elite AI and cybersecurity professionals, university faculty, and government representatives to build new methodologies and technologies that will influence national AI security strategy for decades to come. You will co-author research proposals, execute studies, and present findings and recommendations to our DoD sponsors, decision makers within government and industry, and at academic conferences. The SEI is a non-profit, federally funded research and development center (FFRDC) at Carnegie Mellon University. What you'll do: * Develop state of the art approaches for analyzing robustness of AI systems. * Apply these approaches to understanding vulnerabilities in AI systems and how attackers adapt their tradecraft to exploit those vulnerabilities. * Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats to AI systems and effectively participate in the broader security community. * Study and influence the AI security and vulnerability disclosure ecosystems. * Evaluate the effectiveness of tools, techniques and processes developed by industry and the AI security research community. * Uncover and shape some of the fundamental assumptions underlying current best practice in AI security. * Develop thought models, tools and data sets that can be used to characterize the threats to, and vulnerabilities in, AI systems, and publish those results. You will also use these results to aid in the testing, evaluation and transition of technologies developed by government-funded research programs. * Identify opportunities to apply AI to improve existing cybersecurity research. Who you are: * You have BS in machine learning, cybersecurity, statistics, or related discipline with ten (10) years of experience; OR MS in the same fields with eight (8) years of experience; OR PhD in the same fields with five (5) years of experience. * You have a deep interest in AI/ML and cybersecurity with a penchant for intellectual curiosity and a desire to make an impact beyond your organization. * You have practical experience with applying cybersecurity knowledge toward vulnerability research, analysis, disclosure, or mitigation. * You have experience with advising on a range of security topics based on research and expert opinion. * You have familiarity with implementing and applying AI/ML techniques to solving practical problems. * You have familiarity with common AI/ML software packages and tools (e.g., Numpy, Pytorch, Tensorflow, ART). * You have knowledge or familiarity with reverse engineering tools (e.g. NSA Ghidra, IDA Pro) * You have experience with Python, C/C++, or low-level programming. * You have experience developing frameworks, methodologies, or assessments to evaluate effectiveness and robustness of technologies. * You have excellent communication skills (oral and written), particularly regarding technical communications with non-experts. * You enjoy mentoring and cross-training others and sharing knowledge within the broader community. * Candidates with strong technical proficiency in either AI/ML or cybersecurity are welcome to apply, provided a demonstrated intellectual agility and commitment required for accelerated learning within the role. You are able to: * Travel to various locations to support the SEI's overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion (5%). * You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance. Why work here? * Join a world-class organization that continues to have a significant impact on software. * Work with cutting-edge technologies and dedicated experts to solve tough problems for the government and the nation. * Be surrounded by friendly and knowledgeable staff with broad expertise across AI/ML, cybersecurity, software engineering, risk management, and policy creation. * Get 8% monthly contribution for your retirement, without having to contribute yourself. * Get tuition benefits to CMU and other institutions for you and your dependent children. * Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave. * Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies. * Qualify for relocation assistance and so much more. Location Pittsburgh, PA Job Function Software/Applications Development/Engineering Position Type Staff - Regular Full time/Part time Full time Pay Basis Salary More Information: * Please visit "Why Carnegie Mellon" to learn more about becoming part of an institution inspiring innovations that change the world. * Click here to view a listing of employee benefits * Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran. * Statement of Assurance

Are you a cybersecurity and/or AI researcher who enjoys a challenge? Are you excited about pioneering new research areas that will impact academia, industry, and national security? If so, we want you for our team, where you'll collaborate to deliver high-quality results in the emerging area of AI security. The CERT Division of the Software Engineering Institute (SEI) is seeking applicants for the AI Security Researcher role. Originally created in response to one of the first computer viruses -- the Morris worm - in 1988, CERT has remained a leader in cybersecurity research, improving the robustness of software systems, and in responding to sophisticated cybersecurity threats. Ensuring the robustness and security of AI systems is the next big challenge on the horizon, and we are seeking life-long learners in the fields of cybersecurity, AI/ML, or related areas, who are willing to cross-train to address AI Security. As part of the Threat Analysis Directorate, you will join a group of security experts focused on advancing the state of the art in AI security at a national and global scale. Our tasks include vulnerability discovery and assessments for AI systems, evaluation of the effectiveness and robustness of defenses and mitigations for AI systems, reverse engineering AI systems and models, and identifying new areas where security research is needed. We participate in communities of network defenders, software developers and vendors, security researchers, AI practitioners, and policymakers. You'll get a chance to work with elite AI and cybersecurity professionals, university faculty, and government representatives to build new methodologies and technologies that will influence national AI security strategy for decades to come. You will co-author research proposals, execute studies, and present findings and recommendations to our DoD sponsors, decision makers within government and industry, and at academic conferences. The SEI is a non-profit, federally funded research and development center (FFRDC) at Carnegie Mellon University. What you'll do: Develop state of the art approaches for analyzing robustness of AI systems. Apply these approaches to understanding vulnerabilities in AI systems and how attackers adapt their tradecraft to exploit those vulnerabilities. Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats to AI systems and effectively participate in the broader security community. Study and influence the AI security and vulnerability disclosure ecosystems. Evaluate the effectiveness of tools, techniques and processes developed by industry and the AI security research community. Uncover and shape some of the fundamental assumptions underlying current best practice in AI security. Develop thought models, tools and data sets that can be used to characterize the threats to, and vulnerabilities in, AI systems, and publish those results. You will also use these results to aid in the testing, evaluation and transition of technologies developed by government-funded research programs. Identify opportunities to apply AI to improve existing cybersecurity research. Who you are: You have BS in machine learning, cybersecurity, statistics, or related discipline with ten (10) years of experience; OR MS in the same fields with eight (8) years of experience; OR PhD in the same fields with five (5) years of experience. You have a deep interest in AI/ML and cybersecurity with a penchant for intellectual curiosity and a desire to make an impact beyond your organization. You have practical experience with applying cybersecurity knowledge toward vulnerability research, analysis, disclosure, or mitigation. You have experience with advising on a range of security topics based on research and expert opinion. You have familiarity with implementing and applying AI/ML techniques to solving practical problems. You have familiarity with common AI/ML software packages and tools (e.g., Numpy, Pytorch, Tensorflow, ART). You have knowledge or familiarity with reverse engineering tools (e.g. NSA Ghidra, IDA Pro) You have experience with Python, C/C++, or low-level programming. You have experience developing frameworks, methodologies, or assessments to evaluate effectiveness and robustness of technologies. You have excellent communication skills (oral and written), particularly regarding technical communications with non-experts. You enjoy mentoring and cross-training others and sharing knowledge within the broader community. Candidates with strong technical proficiency in either AI/ML or cybersecurity are welcome to apply, provided a demonstrated intellectual agility and commitment required for accelerated learning within the role. You are able to: Travel to various locations to support the SEI's overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion (5%). You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance. Why work here? Join a world-class organization that continues to have a significant impact on software. Work with cutting-edge technologies and dedicated experts to solve tough problems for the government and the nation. Be surrounded by friendly and knowledgeable staff with broad expertise across AI/ML, cybersecurity, software engineering, risk management, and policy creation. Get 8% monthly contribution for your retirement, without having to contribute yourself. Get tuition benefits to CMU and other institutions for you and your dependent children. Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave. Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies. Qualify for relocation assistance and so much more. Joining the CMU team opens the door to an array of exceptional benefits. Benefits eligible employees enjoy a wide array of benefits including comprehensive medical, prescription, dental, and vision insurance as well as a generous retirement savings program with employer contributions. Unlock your potential with tuition benefits, take well-deserved breaks with ample paid time off and observed holidays, and rest easy with life and accidental death and disability insurance. Additional perks include a free Pittsburgh Regional Transit bus pass, access to our Family Concierge Team to help navigate childcare needs, fitness center access, and much more! For a comprehensive overview of the benefits available, explore our Benefits page. At Carnegie Mellon, we value the whole package when extending offers of employment. Beyond credentials, we evaluate the role and responsibilities, your valuable work experience, and the knowledge gained through education and training. We appreciate your unique skills and the perspective you bring. Your journey with us is about more than just a job; it's about finding the perfect fit for your professional growth and personal aspirations. Are you interested in an exciting opportunity with an exceptional organization?! Apply today! Location Pittsburgh, PA Job Function Software/Applications Development/Engineering Position Type Staff - Regular Full Time/Part time Full time Pay Basis Salary More Information: Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world. Click here to view a listing of employee benefits Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran. Statement of Assurance

Pittsburgh, PA Founded in 2000, Ivalua is a leading global provider of cloud-based procurement solutions. At Ivalua we are a global community of exceptional professionals, who believe that digital transformation revolutionizes supply chain sustainability and resiliency to unlock the power of supplier collaboration. We achieve this through our leading cloud-based spend management platform that empowers hundreds of the world's most admired brands to effectively manage all categories of spend and all suppliers to increase profitability, improve ESG (environmental, social, and corporate governance) performance, lower risk, and improve productivity. Driven by our passions and fueled by our shared ambitions, we empower and challenge each other to create meaningful experiences for our colleagues, customers, partners, and communities. Learn more at *************** Follow us on LinkedIn THE OPPORTUNITY CONTEXT: Our growing international IT department (EMEA, AMER, APAC) is composed of over sixty experts responsible for the deployment and operation of the Ivalua Cloud, which hosts environments for our clients around the world. It is also responsible for internal IT infrastructure, IT applications and data, as well as IT support for our users. In this context of growth, we are looking for an experienced Security Analyst (SOC) to strengthen our global SOC team. ROLE: As part of the SOC (Security Operations Center) team, you will be responsible for developing and implementing the SOC strategy for our information systems. You will detect suspicious or malicious activities. You will contribute to the handling of confirmed security incidents in support of the InfoSec teams. Your experience will allow you to mentor more junior SOC analysts and act as a liaison between the SOC team and the company's IT and cybersecurity communities. As the highest-level technical officer of the SOC, you will be responsible for: The technical aspects of a SOC, ensuring that security measures are implemented and maintained to protect Ivalua's information assets Day-to-day operations, ensuring that security incidents are identified, analyzed, and addressed quickly and efficiently WHAT YOU WILL DO WITH US Be the technical point of contact for the SOC team, collaborating directly with the infrastructure, infosec, and cybersecurity solution management teams Serve as the highest escalation point for other SOC analysts Provide mentorship, share best practices, and lead security projects Provide technical advice and support to team members Be the driving force behind the continuous improvement of SOC processes and tools Contribute to standard SOC activities, including monitoring, incident management, and vulnerability management Participate in threat intelligence activities in direct collaboration with the infosec teams Guard SOC communication with other teams (Security, Infrastructure, Business IT, R&D, etc.) as well as senior IT management Participate in the studies, deployments, and development of cybersecurity solutions, particularly SOC tools Implement the necessary processes and reports to analyze logs to detect abnormal user and software behavior, using our SIEM tool and other security consoles. Define the event log collection strategy. Performs regular vulnerability assessments, prioritizes remediation, and tracks closure of security gaps. Manage the coordination, tracking, and remediation of incidents at the global level (EMEA, AMER, APAC). Contributes to ongoing monitoring of threats, vulnerabilities, and attack methods. Improve dashboards reporting on alert tracking and SOC KPIs. Maintain SOC procedures and tools, as well as documentation and knowledge bases. Ensures adherence to security policies, standards, and regulatory requirements (e.g., GDPR, HIPAA, SOC, FEDRAMP, etc. YOUR PROFILE If you have the below experience and strengths this role could be for you: Skills and Experience: Bachelor's degree in relevant field preferred with a minimum of 7 years of relevant professional experience, OR Master's degree in relevant field with a minimum of 5 years of relevant professional experience, OR Equivalent combination of education and experience Minimum of 7 years in the field of IT security, primarily in SOC (analyst, senior analyst, lead, etc.) Solid knowledge of Systems and Networks Knowledge of SIEM tools (MS Sentinel, ELK, Q-Radar, Splunk, AlienVault, etc.) Knowledge of EDR tools (Microsoft Defender, CrowdStrike, etc.) Knowledge of Rapid7 or other vulnerability scanning tools would be a plus Relevant certifications (e.g., CSA, CySA+, CISSP, GCIA,CEH) a plus Desired Qualities: Rigor, attention to detail, curiosity, autonomy, analytical thinking, adaptability, problem-solving Leadership & mentorship, continuous learning, ethical judgment Good communication and writing skills Motivation to thrive in a scale-up, international, dynamic, and fast-growing environment WHAT HAPPENS NEXT If your application fits this specific position's needs, our skilled Talent team will reach out to schedule an initial screening call. Get one step closer to achieving your goals - apply today! Our Talent team will guide you through every step of the interview process - from preparation to completion. They're here to support you! Our recruitment process is designed to assess your competencies through a series of personalized interviews with internal stakeholders relevant to the role. Interviews will be conducted virtually via video or on-site with face-to-face meetings. LIFE AT IVALUA Hybrid working model (3 days in the office per week) We're a team dedicated to pushing the boundaries of product innovation and technology Sustainable Growth, Privately Held A stable and cash-flow positive Company since 10 years Snacks and weekly lunches in the office Feel empowered to pursue your goals with improved team collaboration and increased creativity/productivity Unlock and unleash your full professional potential with our exceptional training and career development program Join a dynamic and international team of top-notch professionals who are experts in their respective fields. Collaborate with like-minded individuals who are deeply passionate and highly motivated about their work. Experience a truly diverse and inclusive work environment where your unique contributions are highly valued Regular social events, competitive outings, team running events, and musical activities, Comparably recognized Ivalua for the following (******************************************** : Powered by People - Powered by You! United by our values we embrace diversity and equity in the broadest possible sense to create an inclusive workplace. To help our customers make supply chains more efficient, sustainable and resilient, we rely on a global team with a variety of backgrounds, skills and views. We believe in equal opportunity and in diversity as a driver of innovation that cultivates a spirit of inclusiveness, creates a productive and fun place to work, and provides fulfilling career opportunities for all Ivaluans. ********************************************** One of Ivalua's core values is to Care & Grow People. We take matters like pay equity very seriously and strive to reward our employees appropriately and fairly for their talents. The salary range for this position is based upon careful and continual market compensation research. In addition to location, salary may also vary based upon job-related knowledge, skills, and experience. Title: Sr Security Analyst Base range minimum: $115,000 Base range maximum: $175,000 *Additional compensation / rewards: In addition to the base salary information above, Ivalua offers an uncapped commission plan as part of the competitive compensation package. Other compensation factors may also be considered. Ivalua also offers exceptional benefits including medical, dental, vision, retirement (with company match), and much more. #LI-SG1 #LI-HYBRID

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives. This role is required to be ONSITE in Malvern, PA Monday through Thursday with Friday remote. Must be eligible to work in the U.S. without requiring sponsorship now or in the future. Who is Customers Bank? Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with. We get you further, faster. Focused on you: We provide every customer with a single point of contact. A dedicated team member who's committed to meeting your needs today and tomorrow. On the leading edge: We're innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead. Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we're a partner you can trust. What you'll do: * Control Testing & Evaluation: Assist in definition of and execute testing procedures to assess the design and effectiveness of key internal controls across business units, technology, and operational processes. * Risk & Compliance Alignment: Ensure testing activities are aligned with regulatory standards (SOX, FFIEC, FDIC, etc.) and internal policies. * Issue Identification & Reporting: Document test results, identify control deficiencies, and provide clear recommendations for remediation. * Collaboration: Work closely with business process owners, auditors, compliance, and risk teams to ensure timely resolution of identified issues. * Process Improvement: Recommend enhancements to testing methodologies, control design, and risk management practices to strengthen the bank's control environment. Maintain awareness of industry regulatory environment and threat landscape. * Documentation & Communication: Prepare executive-ready reports, dashboards, and presentations for senior management and regulators, and information technology peers. * Continuous Monitoring: Participate in ongoing monitoring and follow-up activities to confirm remediation effectiveness and sustainability. What do you need? * Must-Haves * 3+ years of experience in internal audit, compliance testing, risk management, or internal controls. * Strong knowledge of information security and IT risk control frameworks (e.g., COSO, COBIT, NIST). * Understanding of financial, operational, and IT control environments. * Strong analytical skills with attention to detail and accuracy. * Excellent written and verbal communication skills with the ability to present complex findings clearly. * Bachelor's degree in information systems, or related field. * Key Skills * Risk and control assessments in highly regulated environments * Understanding of information technology infrastructure (networking, Active Directory, backups, etc.) * Process analysis and documentation. * Strong interpersonal skills to work across departments. * Proficiency with Microsoft Office applications (Excel, Word, PowerPoint). * Develop and maintain working relationships with audit, GRC, and IT teams to promote continuous control awareness and improvements. * Nice-to-Haves * Professional certifications such as CIA, CISSP, CISA, Microsoft certifications, or CRMA. * Experience with GRC (Governance, Risk, and Compliance) tools. * Banking or financial services industry experience Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also provide "reasonable accommodations", upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws. Diversity Statement: At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us! Let's take on tomorrow.

APPLICATION INSTRUCTIONS: * CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process. Please do not apply here, apply internally through Workday. * CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process. Please do not apply here, apply internally through Workday. * If you are NOT a current employee or student, please click "Apply" and complete the application process for external applicants. Approval of remote and hybrid work is not guaranteed regardless of work location. For additional information on remote work at Penn State, see Notice to Out of State Applicants. POSITION SPECIFICS We are searching for an experienced Information Systems Security Manager (ISSM) to join our Cybersecurity Division at the Applied Research Laboratory (ARL) at Penn State. Information Technology Services provides ARL's administrative and research computing environments and capabilities, delivering secure, responsive, efficient, effective, and compliant IT services and operations to meet the demanding needs of ARL's leading edge research. This position will have a focus on the unclassified space, overseeing and owning the unclassified information security program, including implementing our various compliance requirements like the Cybersecurity Maturity Model Certification (CMMC). This ISSM will however operate within and support both unclassified and collateral spaces, backing up fellow ISSM's and enforcing commonalities between environments where possible. They will be responsible for developing and maintaining policy and security documentation, providing cybersecurity recommendations for system, network, and application design, leading information system risk assessments, assist in leading incident response actions, setting standards for continuous monitoring processes such as auditing or vulnerability assessments, and ensuring cybersecurity requirements are effectively and efficiently communicated to operational and researcher team leadership to ensure integration into their respective team processes. ARL is an authorized DoD SkillBridge partner and welcomes all transitioning military members to apply. You will: * Develop, validate, submit, and maintain information system security plans, certification and authorization packages, and plans of action and milestones in support of compliance requirements * Oversee development and implementation of risk assessments against information systems in all phases of their lifecycles * Provide cybersecurity recommendations for system, network, and application design * Monitor and assist in the assessment and review of current and new systems and networks to ensure compliance with current cybersecurity policies, concepts, and measures * Develop training material related to compliance and audit requirements to assist employees in individual compliance/audits as applicable * Assist in technical requirements such as; vulnerability scanning, review of security/event logs, network analysis, and incident response on an as-needed basis Required skills/experience areas include: * Current eligibility for access to classified information at the Top-Secret level or higher and may be subject to a government background investigation to upgrade clearance eligibility, if required * Assessment and Authorization experience of systems and networks using CMMC and RMF * NIST/ISO standards (eg. NIST SP 800-53 and NIST SP 800-171), Department of Defense directives, DISA STIG, and regulatory requirements * Strong technical background, with significant experience using multiple operating systems to include Windows and Linux * Policy, procedure, plan of action and milestone, risk assessment and security plan development with experience of continuous monitoring for compliance with said documentation * System functions, security policies, technical security safeguards, and operational security measures * The ability to certify and maintain information security related certifications (eg. Security+, CISSP, and any other required certifications) * Excellent communications, analytical and problem-solving skills * Efficient organizational, multitasking, and time management abilities Preferred skills/experience areas include: * A Bachelor's degree in Information Security, Information Technology, or Computer Science * Management or leadership experience in IT and information security space * Vulnerability scanning and mitigation utilizing Nessus, Retina, GFI Languard, or similar tool * Experience with networking fundamentals including various concepts, tools, and administrative functions * Working knowledge of container image security and experience overseeing security for containerized environments (docker, podman, etc) * SEIM management or use for analysis, such as Splunk, ELK, or AlienVault * VMWare and management of Virtual Machines * Training material development Your working location will be located in State College, PA in a hybrid on-site/work from home format. Questions related to flexible work should be directed to the hiring manager during the interview process. This position will require periodic travel to remote locations. MINIMUM EDUCATION, WORK EXPERIENCE & REQUIRED CERTIFICATIONS If filled as Cyber Information Assurance Analyst - Principal Professional, this position requires: Master's Degree 8+ years of relevant experience; or an equivalent combination of education and experience accepted Required Certifications: None If filled as Cyber Information Assurance Analyst - Senior Professional, this position requires: Bachelor's Degree 6+ years of relevant experience; or an equivalent combination of education and experience accepted Required Certifications: None ARL's purpose is to research and develop innovative solutions to challenging scientific, engineering, and technology problems in support of the Navy, the Department of Defense (DoD), and the Intel Community (IC). FOR FURTHER INFORMATION on ARL, visit our web site at **************** BACKGROUND CHECKS/CLEARANCES Employment with the University will require successful completion of background check(s) in accordance with University policies. All positions at ARL require candidates to possess the ability to obtain a government security clearance; you will be notified during the interview process if this position is subject to a government background investigation. You must be a U.S. citizen to apply. Employment with the ARL will require successful completion of a pre-employment drug screen. SALARY & BENEFITS The salary range for this position, including all possible grades, is $86,300.00 - $145,700.00.THE PROPOSED SALARY RANGE MAY BE IMPACTED BY GEOGRAPHIC DIFFERENTIAL Salary Structure - Information on Penn State's salary structure Penn State provides a competitive benefits package for full-time employees designed to support both personal and professional well-being. In addition to comprehensive medical, dental, and vision coverage, employees enjoy robust retirement plans and substantial paid time off which includes holidays, vacation and sick time. One of the standout benefits is the generous 75% tuition discount, available to employees as well as eligible spouses and children. For more detailed information, please visit our Benefits Page. CAMPUS SECURITY CRIME STATISTICS Pursuant to the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act and the Pennsylvania Act of 1988, Penn State publishes a combined Annual Security and Annual Fire Safety Report (ASR). The ASR includes crime statistics and institutional policies concerning campus security, such as those concerning alcohol and drug use, crime prevention, the reporting of crimes, sexual assault, and other matters. The ASR is available for review here. EEO IS THE LAW Penn State is an equal opportunity employer and is committed to providing employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If you are unable to use our online application process due to an impairment or disability, please contact ************. Federal Contractors Labor Law Poster PA State Labor Law Poster Penn State Policies Copyright Information Hotlines

The Systems Engineer position is responsible for providing full cycle implementation and support of customer systems, while working across multiple company departments to ensure full client satisfaction. Under the direction of a manager or dispatcher, coordinates the design and maintenance of all access control, intrusion, and video surveillance systems. Incumbent receives and evaluates work orders and requests, investigates requests and troubleshoots problems where appropriate, establishes priorities and coordinates with contractors, when required. Requirements Essential functions and responsibilities: Assists with security systems integration, mapping and software updates and helps train personnel in the use of these systems. Assists on new projects in both existing areas and new construction helping with security assessments, vendor selection, technology upgrades, product selections, testing, field verification of systems and inspection of work in progress for compliance with standards Assess work sites, conditions, and logistics for each project; Develop Method of Procedure based on pre-project assessment. Design, develop and provide documentation of systems, configurations, and other pertinent information for the customer. Communicate with clients to resolve issues in a professional and confidential manner; Develop and execute client specific solutions. Manage the allocation of project resources, including software, hardware, tools, and related items specific to each customer and/or project. Direct the work responsibilities of union labor personnel based on specific project needs. Design and oversee training programs for new and existing customers; Determine which customers receive training. Collaborate with Customer Relationship Managers on demonstrations for new and potential clients. Perform installation, configuration, programming, and final commissioning of customer systems. Work collaboratively with installation, project management and engineering teams. Perform infrastructure services, including pulling cables, installing wall, and ceiling cabling, and installing surface mounted devices, as required. Perform system wiring and terminations services, as required. Deliver on-going remote and on-site technical support for existing customers and systems. Additional responsibilities may be required as necessary, including but not limited to: Provide internal support for basic trouble shooting. Organizes and manage parts stock and tools. Perform other duties as needed. Success factors/job competencies: Effectively communicate both in writing and verbally Work independently and prioritize multiple tasks and adapt to needed change Analysis Mechanical aptitude Comprehend technical language and read and interpret blueprints, wiring diagrams, and schematics Safety orientation Customer Focus Attention to Detail Teamwork/Collaboration Stay abreast of changes in security technology Physical demands and work environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Individual will be required to travel to customer sites as needed. While performing the duties of this job, the employee is occasionally exposed to moving mechanical parts. The employee is occasionally exposed to outside weather conditions and risk of electrical shock. Individual will regularly be required to lift, push, pull, and carry up to 50 pounds, and occasionally up to 75 pounds. Incumbent will be required to use a computer with keyboard, telephone, or handheld mobile device for extended periods of time, and office machinery as needed. Incumbent must be able to read, see, hear, and speak. Workdays and Shifts: Position works Monday-Friday, daylight hours, and additional time as needed to complete work. Education/Certification(s)/License(s) required: Bachelor's Degree in Electronics, Information Technology or related field, or equivalent experience. May be required to participate in safety trainings and/or certifications provided by the Company or customers. Valid driver's license, as employee will be required to travel to local and overnight client sites as needed. Manufacturer specific certifications, as required. Responsible to maintain active certifications and obtain new and updated certifications as required by the Company. Experience/Other required: Position requires two (2) to three (3) years of relevant experience in the electronic services. Strong knowledge of Microsoft Office. Strong computer skills with advanced software aptitude. Security systems to include, service and maintenance across a broad spectrum of access control, intrusion and video surveillance systems such as, Genetec, Milestone, Bosch, and DMP. Applicants must be currently authorized to work in the United States on a full-time basis. Visa sponsorship is not available for this position. This is a full-time, in-person position, and candidates must be able to work from our office located in Pittsburgh, Pennsylvania.

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today! Job Details Job Description for IAM Hygiene Analyst III role This role is responsible for supporting the Execution and Improvement of IAM operations across the enterprise, specifically within the IAM Hygiene space. This role will assist with continuously detecting, remediating, and preventing identity-related risks by maintaining accurate, minimal, and secure identity data, access configurations, and authentication mechanisms, as well as assisting with other IAM Governance related functions where needed. The Analyst II will be responsible to generate possible hygiene actions (hypotheses), using approved Cencora tooling, to proactively identify and escalate potential identity-related control gaps, data integrity issues, process deficiencies, and other hygiene concerns; collaborate with stakeholders to validate gaps, evaluate root causes and drive timely remediation. This role is key to creating and maintaining a mature IAM Hygiene function to ensure access is controlled, organized, and following the concept of “least privilege”. The ideal candidate will have hands-on experience remediating identity and access related risks. This role works closely with more senior IAM analysts, engineers, and business stakeholders to ensure secure and efficient access to systems and data. The Analyst II also supports the development of IAM procedures, participates in user support and troubleshooting, and contributes to continuous improvement efforts. They are expected to demonstrate learning agility, attention to detail, and a strong commitment to operational excellence and user experience. Primary Duties and Responsibilities: Identify and take appropriate actions around unused or stale accounts. Identify and take appropriate actions around unused or stale accounts. Ensure Policies and Control Standards are being followed and work toward training, awareness, and resolution where gaps are identified. Monitor and analyze identity-related activities to identify and remediate risky accounts, authorizations, and configurations, ensuring compliance with policies. Assist in the development and maintenance of comprehensive processes for identity threat detection and response, including the creation of runbooks and workflows. Collaborate with cross-functional teams to evaluate and align on identity analytics tools and data structures to enhance IAM capabilities. Develop and track key performance indicators (KPIs) and key risk indicators (KRIs) for IAM hygiene, providing insights and recommendations to improve identity management practices. Support the establishment of a culture of continuous improvement by leveraging incident learnings to refine IAM processes and protocols. Ensure Policies and Control Standards are being followed and work toward training, awareness, and resolution where gaps are identified. Qualifications: 4+ years of experience IAM or related field 1+ years in an IAM Hygiene or IAM Governance role Bachelors degree or equivalent experience Skills and Knowledge: Behavioral: Strong understanding of IAM concepts, practices, and technologies including Least Privilege, Privileged Access Management (PAM), Identity Lifecycle management and access controls Familiarity with SailPoint Familiarity with Axonius (preferred) Familiarity with NIST framework Strong analytical and problem-solving skills, with the ability to interpret data and make informed decisions. Ability to operate independently and within a team structure Effective communication and collaboration skills Strong time management, with ability to multi-task and shift from task to task effectively in a fast-paced environment. Technical Skills: IAM Lifecycle and Access provisioning Authentication Support (MFA and SSO) IAM Policy and Standards (NIST, ISO 27001, HITRUST) IT Risk and Compliance Awareness Root Cause Analysis and Incident Support Reporting and Documentation Threat Monitoring and Alert Response Tools Knowledge: IAM Platforms (e.g., SailPoint, Saviynt, Okta, Ping Identity) Directory Services (Active Directory, Azure AD) ITSM Tools (e.g., ServiceNow) Security Tools (SIEM, EDR, SOAR) Programming/Scripting (e.g., Python, PowerShell, SQL) Microsoft Office Suite What Cencora offers We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit ************************************** Full time Equal Employment Opportunity Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law. The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory. Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call ************ or email ****************. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned Affiliated CompaniesAffiliated Companies: AmerisourceBergen Services Corporation

About the Role: The Network Security Engineer will design, implement, and manage secure network infrastructure to ensure uninterrupted business operations. Responsibilities: Configure and maintain firewalls, VPNs, and IDS/IPS systems. Perform network security monitoring and incident response. Conduct penetration testing and simulate attacks to identify weaknesses. Harden routers, switches, and network devices. Optimize performance without compromising security. Requirements: 3+ years experience in network engineering/security. Strong knowledge of Cisco, Palo Alto, or Fortinet firewalls. Experience with network protocols (TCP/IP, DNS, SSL, VPN). CCNA Security, CCNP Security, or equivalent certifications. Required Skills: Information Security Security

McLaughlin Research has several openings (pending award) for Information Systems Security Engineers at the Naval Surface Warfare Center, Philadelphia Division. The Information System Security Engineer (ISSE) designs, develops, implements, and integrates advanced cybersecurity solutions to protect the organization's information systems and data assets. The ISSE III functions as a technical subject matter expert, applying security engineering principles across the system development lifecycle to identify vulnerabilities, mitigate risks, and maintain compliance with information assurance standards. This position often works with classified systems and complex networking environments. Requirements Key Responsibilities Security Architecture and Design: Designing and implementing security architectures for various environments and ensuring trusted relationships between systems. Risk Management and Compliance: Assessing and mitigating threats, leading the creation of security artifacts like SSPs and RARs, supporting system accreditation under frameworks like RMF, and ensuring compliance with policies such as DoD and NIST SP 800-series. Vulnerability Management and Incident Response: Conducting vulnerability assessments and ethical hacking, performing risk assessments, leading incident response, and managing automated scanning tools like ACAS and SCAP. Mentorship and Team Leadership: Guiding junior engineers and analysts and leading teams to achieve security goals. Cross-Functional Collaboration: Representing security engineering on technical teams and interfacing with stakeholders to translate requirements. Required Qualifications Education: BS in Computer Science or relevant field. Experience: 3-10 years in information security engineering, with specific experience potentially needed for DoD or SAP environments. Certifications: Must meet DoD 8570/8140 compliance (IASAE Level III, IAT Level III, or IAM Level III) and hold certifications such as CISSP, CASP+, CISM, CSSLP, or CISSP-ISSEP. Technical Skills: Expertise in RMF, NIST SP 800-53, DISA STIGs/SRGs, experience with security tools (e.g., eMASS, ACAS, Splunk), and knowledge of operating systems and networks (Windows, Linux, Cisco). Scripting proficiency is beneficial. Security Clearance: U.S. citizenship and eligibility to obtain an active security clearance. Equal Employment Opportunity Statement: McLaughlin Research Corporation is an Equal Opportunity and Affirmative Action Employer. It is our policy to recruit, hire, promote, and train for all positions without regard to age, race, creed, religion, national origin, gender identity, marital status, sexual orientation, family responsibilities, pregnancy, minorities, genetic information, status as a person with a disability, amnesty or status as a protected veteran, and to base all such decisions upon the individual's qualifications and ability to perform the work assigned, consistent with contractual requirements and all federal, state and, local laws. EEO is the Law: Applicants and employees are protected under Federal law from discrimination.

360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and JQuery mobile. Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us. We make sure that we deliver performance driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change. Title:Network Security Engineer Location:Mechanicsburg, PA Duration: 6+ months Job Description: Must Have: 5+ years of experience in the field of Telecommunications and Network Security Experience with TCP/IP, HTTP, HTTPS, FTP, DNS Protocols Experience with Network Security technologies - Firewalls (Check Point, Juniper, & Cisco), F5 BIG-IP LTM & GTM, Web Application Firewalls (WAF), Remote Access VPNs, Anti-DDoS, and Proxy Technologies Strong experience with Linux DNS/DHCP on BT Diamond IP Ability to work independently and under time and workload pressure Excellent communication, prioritization and organization skills Nice To Have: F5 & Blue Coat proxy solutions Additional Information Thanks | Preeti Nahar | Sr. Talent & Client Acquisition Specialist | 360 IT PRO Solutions.|510-254-3300 Ext 825

Dynamic Solutions Technology, LLC, a premier strategic services firm that meets IT and Service needs for commercial and government clients, is seeking a full-time Information Systems Security Engineer III (ISSE III). This position is an exempt role that support will be provided on site in the government customer's area of operation in the Philadelphia, PA location. ----------------------------------------------------- Active Secret Clearance Required -------------------------------------- RESPONSIBILIES Assist with the developing, maintaining, and tracking Risk Management Framework (RMF) system security plans, which include System Categorization Forms, Platform Information Technology (PIT) Determination Checklists, Assess Only (AO) Determination Checklists, Implementation Plans, System Level Continuous Monitoring (SLCM) Strategies, System Level Policies, Hardware Lists, Software List, System Diagrams, Privacy Impact Assessments (PIA), and Plans of Action and Milestones (POA&M). Execute the RMF process in support of obtaining and maintaining Interim Authority to Test (IATT), AO approval, Authorization to Operate (ATO), and Denial of Authorization to Operate (DATO). Identify and tailor IT and Cyber Security (CS) control baselines based on RMF guidelines and categorization of the RMF boundary. Perform Ports, Protocols, and Services Management (PPSM). Perform IT and CS vulnerability-level risk assessments. Execute security control testing as required by a risk assessment or annual security review (ASR). Mitigate and remediate IT and CS system level vulnerabilities for all assets within the boundary per STIG requirements. Develop and maintain Plans of Actions and Milestones (POA&M) in Enterprise Mission Assurance Support Service (eMASS). Develop and maintain system level IT and CS policies and procedures for respective RMF boundaries in accordance with guidance provided by the command ISSMs. Implement and assess STIG and SRGs. Perform and develop vulnerability assessments with automated tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) Compliance Check (SCC) and Evaluate STIG. Deploy security updates to Information System components. Perform routine audits of IT system hardware and software components. Maintain inventory of Information System components. Participate in IT change control and configuration management processes. Upload vulnerability data in Vulnerability Remediation Asset Manager (VRAM). Image or re-image assets that are part of the assigned RMF boundary. Install software and troubleshoot software issues as necessary to support compliance of the RMF boundaries' assets. Assist with removal of Solid-State Drive (SSD), Hard Disk Drive (HDD) or other critical components of assets before destruction and removal from the RMF boundary. Support configuration change documentation and control processes and maintaining DOD STIG Compliance. Support cyber compliance of assets that are part of an enterprise IT network to include Windows server and CISCO networking hardware; This includes assessing vulnerabilities, patching and meeting requirements of the STIG for the hardware. Report compliance issues of network hardware to management to avoid operational loss of the network. EXPERIENCE AND EDUCATION REQUIREMENTS: Secret security clearance required Bachelor's degree in computer science, information technology, or an equivalent STEM l degree from an accredited college or university. Minimum Seven (7) years professional relevant experience Must Meet DoD IAT-III level Certification Requirements: At a minimum 2-3 of one of the following certifications: CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP Experience and Skills: Excellent oral and written skills. Excellent critical thinking skills. Proficient in Microsoft applications such as Word, Excel, PowerPoint, and Outlook. Ability to work independently and as a team member Ability to learn and apply technical concepts to assigned duties

Data Intelligence, LLC (DI) is seeking a qualified and experienced Information Systems Security Officer III to support the Naval Surface Warfare Center (NSWC) in Philadelphia, PA. The successful candidate will be responsible for coordinating security efforts to ensure the safety and integrity of classified and unclassified information systems and assist in maintaining a secure operating environment. This position requires a strong understanding of cybersecurity protocols, as well as the ability to coordinate and implement security measures to meet the specific needs of the organization. **This position is contingent upon award of contract** Key Responsibilities: Collaborate with various levels of the organization to implement required security changes and ensure compliance with established security policies and standards. Conduct comprehensive cybersecurity vulnerability and threat assessments to identify and mitigate risks to information systems. Lead cyber-incident-response efforts, including isolating affected systems, conducting initial investigations, collecting relevant data, and providing status updates and reports to leadership. Provide guidance on best practices and recommend improvements to the organization's security posture. Perform risk assessments and develop mitigation strategies to protect sensitive data from internal and external threats. Support continuous monitoring of information systems and provide regular status reports on security compliance. Maintain up-to-date knowledge of emerging cybersecurity threats and industry best practices. Required Skills/Experience: Bachelor's degree in Computer Science, Information Technology, Communications Systems Management, or an equivalent science, technology, engineering, and mathematics (STEM) field. A minimum of 6 years of relevant experience in cybersecurity or information systems security. Prior experience supporting Navy programs. Current IAM Level II certification (or higher) in accordance with DoD 8570.01-M. At least a Secret-level security clearance is required, with the ability to obtain higher-level clearance if necessary. Proficiency in cybersecurity frameworks, risk management processes, and security controls. Strong analytical and problem-solving skills with attention to detail. Excellent communication and interpersonal skills, with the ability to work effectively with a diverse team. Preferred Qualifications: Experience with DoD security requirements and systems. Familiarity with NIST, RMF, and other relevant cybersecurity standards. Ability to work in a potentially remote environment with occasional on-site requirements. Why Work with Data Intelligence, LLC? At Data Intelligence, LLC, we are committed to delivering cutting-edge technology solutions and security expertise to our government clients. Our team members play an integral role in the development and protection of critical national security systems. Join our team and contribute to the defense of vital information assets while advancing your career in a collaborative and rewarding environment. About Us: Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status. Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Job Description Type: Full Time Overtime Exempt: Yes Reports To: ARMADA HQ Security Clearance Required: Secret ************CONTINGENT UPON AWARD*************** Duties & Responsibilities: The Information Systems Security Engineer II (ISSE II) shall assist with the developing, maintaining, and tracking Risk Management Framework (RMF) system security plans which include System Categorization Forms, Platform Information Technology (PIT) Determination Checklists, Assess Only (AO) Determination Checklists, Implementation Plans, System Level Continuous Monitoring (SLCM) Strategies, System Level Policies, Hardware Lists, Software List, System Diagrams, Privacy Impact Assessments (PIA), and Plans of Action and Milestones (POA&M). The Information Systems Security Engineer II shall execute the RMF process in support of obtaining and maintaining Interim Authority to Test (IATT), AO approval, Authorization to Operate (ATO), and Denial of Authorization to Operate (DATO). The Information Systems Security Engineer II shall identify and tailor IT and CS security control baselines based on RMF guidelines and categorization of the RMF boundary. The ISSE II shall perform Ports, Protocols, and Services Management (PPSM). The ISSE II shall perform IT and CS vulnerability-level risk assessments. The ISSE II shall execute security control testing as required by a risk assessment or annual security review (ASR). The ISSE II shall mitigate and remediate IT and CS system level vulnerabilities for all assets withing the boundary per STIG requirements. The ISSE II shall develop and maintain Plans of Actions and Milestones (POA&M) in Enterprise Mission Assurance Support Service (eMASS). The ISSE II shall develop and maintain system level IT and CS policies and procedures for respective RMF boundaries and/or guidance provided by the command ISSMs. The ISSE II shall implement and assess STIG and SRGs. The ISSE II shall perform and develop vulnerability assessments with automated tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) Compliance Check (SCC) and Evaluate STIG. The ISSE II shall deploy security updates to Information System components. The ISSE II shall perform routine audits of IT system hardware and software components. The ISSE II shall maintain inventory of Information System components. The ISSE II shall participate in IT change control and configuration management processes. The ISSE II shall upload vulnerability data in Vulnerability Remediation Asset Manager (VRAM). The ISSE II shall image or re-image assets that are part of the assigned RMF boundary The ISSE II shall install software and troubleshoot software issues as necessary to support compliance of the RMF boundaries' assets. The ISSE II shall assist with removal of SSD, HDD or other critical components of assets before destruction and removal from the RMF boundary. The ISSE II shall provide cybersecurity patching of assets in times of DoD and DoN TASKORDs, FRAGORDs, or even designated by Command ISSM, ACIO, and/or Code 104 management. The ISSE II shall support configuration change documentation and control processes and maintaining DOD STIG Compliance. The ISSE II shall support cyber compliance of assets that are part of an enterprise IT network to include Windows server and CISCO networking hardware. This includes assessing vulnerabilities, patching and meeting requirements of the STIG for the hardware. The ISSE II shall report compliance issues of network hardware to management. Other duties as assigned. Knowledge, Skills, and Abilities (KSAs): Ability to work as a team member, communicate, perform office functions and use office tools, customer focused and deliver exceptional performance. Ability to develop and implement information assurance guidance and execute ISS functions with little to no supervision. Ability to travel less than 5%. Certifications: Minimum Certification Requirements: IAT Level II certification (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND and SSCP) Minimum/General Experience: Three (3) years professional experience capturing and refining information security operational and security requirements, and ensuring those requirements are properly addressed through purposeful architecting, design, development, and configuration; and implementing security controls, configuration changes, software/hardware updates/patches, vulnerability scanning, and securing configurations. Minimum Education: Bachelor's degree in computer science, information technology, or an equivalent technical degree from an accredited college or university. Disclaimer: The above information has been designed to indicate the general nature and level of work to be performed. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of the contractor assigned to this position. Applying: If you feel you have the knowledge, skills and abilities for this position visit our careers page at ****************** Special Notes: Relocation is not available for these jobs. ARMADA provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ARMADA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Must be able to successfully pass a background check, and pre-employment drug testing. Job offers are contingent upon results of background check and drug testing.

We are seeking a skilled and detail-oriented AV Systems Engineer with experience in AV system commissioning to join our team. The ideal candidate will be responsible for overseeing the design, commissioning, and implementation of audio-visual systems, providing technical guidance on projects, and collaborating on fabrication and installation processes. This role requires a balance of hands-on technical expertise, problem-solving, and the ability to manage projects from concept to completion.Responsibilities: System Design and Development: Create detailed AV system designs, including schematics, signal flow diagrams, and system layouts, ensuring compliance with project specifications and industry standards. Collaborate with clients and project teams to define system requirements and technical needs. Research and recommend appropriate AV technologies, components, and solutions. Technical Project Guidance: Provide technical leadership and guidance to project teams throughout all phases of the project lifecycle. Assist in planning, scheduling, and resource allocation for AV projects. Troubleshoot and resolve technical issues during design, fabrication, and installation. Commissioning: Conduct system testing, calibration, and troubleshooting to ensure optimal performance and functionality. Perform on-site commissioning of AV systems, verifying that all components are installed and operating as intended. Develop and execute testing procedures and create detailed reports of commissioning results. Fabrication and Installation: Oversee and provide hands-on support for the fabrication and assembly of AV racks, cabling, and system components. Coordinate and assist with the installation of AV systems at client sites, ensuring quality and adherence to design plans. Work with installation teams to address any challenges or modifications required on-site. Documentation and Training: Prepare and maintain comprehensive project documentation, including as-built drawings, user manuals, and system configuration files. Provide training and support to clients and end-users on system operation and maintenance. Industry Standards and Best Practices: Stay updated on emerging AV technologies, industry standards, and best practices. Ensure all designs and installations comply with applicable codes and safety regulations.

Dynamic Solutions Technology, LLC, a premier strategic services firm that meets IT and Service needs for commercial and government clients, is seeking a full-time Information Systems Security Engineer II (ISSE II). This position is an exempt role that will provide on-site support at the government customer's area of operation in the Philadelphia, PA location. --------------------------------------- ACTIVE SECRET CLEARANCE REQUIRED ------------------------------ RESPONSIBILIES Assist with the developing, maintaining, and tracking Risk Management Framework (RMF) system security plans, which include System Categorization Forms, Platform Information Technology (PIT) Determination Privacy Impact Assessments (PIA), and Plans of Action and Milestones (POA&M). Execute the RMF process in support of obtaining and maintaining Interim Authority to Test (IATT), AO approval, Authorization to Operate (ATO), and Denial of Authorization to Operate (DATO). Identify and tailor IT and Cyber Security (CS) control baselines based on RMF guidelines and categorization of the RMF boundary. Perform Ports, Protocols, and Services Management (PPSM). Perform IT and CS vulnerability-level risk assessments. Execute security control testing as required by a risk assessment or annual security review (ASR). Mitigate and remediate IT and CS system level vulnerabilities for all assets within the boundary per STIG requirements. Develop and maintain Plans of Actions and Milestones (POA&M) in Enterprise Mission Assurance Support Service (eMASS). Develop and maintain system level IT and CS policies and procedures for respective RMF boundaries in accordance with guidance provided by the command ISSMs. Perform and develop vulnerability assessments with automated tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) Compliance Check (SCC) and Evaluate STIG. Deploy security updates to Information System components. Perform routine audits of IT system hardware and software components. Participate in IT change control and configuration management processes. Upload vulnerability data in Vulnerability Remediation Asset Manager (VRAM). Image or re-image assets that are part of the assigned RMF boundary. Install software and troubleshoot software issues as necessary to support compliance of the RMF boundaries' assets. Assist with removal of Solid-State Drive (SSD), Hard Disk Drive (HDD) or other critical components of assets before destruction and removal from the RMF boundary. Support configuration change documentation and control processes and maintaining DOD STIG Compliance. Support cyber compliance of assets that are part of an enterprise IT network to include Windows server and CISCO networking hardware; This includes assessing vulnerabilities, patching and meeting requirements of the STIG for the hardware. Report compliance issues of network hardware to management to avoid operational loss of the network. EXPERIENCE AND EDUCATION REQUIREMENTS: Secret security clearance required Bachelor's degree in computer science, information technology, or an equivalent STEM l degree from an accredited college or university. Minimum three (3) years professional relevant experience Must Meet DoD IAT-II level Certification Requirements: At a minimum one (1) of the following certifications: CCNA-Security, CySA+, GICSP, GSEC, Security+/CE, CND, GCIH, SSCP