Security engineer jobs in Pittsburgh, PA - 94 jobs

Looking for an opportunity to make an impact? At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. Your greatest work is ahead! We are looking for a Substation Physical Engineer to join our team. As an Career Substation Physical Engineer, candidates will have the opportunity to work on projects for electric utilities at voltages from 12kV up to 500kV. This is an exciting and growing field in the power systems industry and allows candidates to get exposure to how the power generation such as that of renewable energy ties into the electric system. Candidates will be expected to use knowledge of digital logic design, AC and DC circuits to design substation electrical projects. * Hybrid Schedule Available: (2-3 days a week in the Pittsburgh, PA office) Successful candidates can look forward to a fast paced, diverse work environment and flexible work hours/work arrangements as well as managers who will encourage career development and growth including: * Engineer in Training Certificate (EIT). * Professional Engineer License (PE). * Project Management Professional (PMP). * Technical & Non-Technical Training Opportunities. * Leadership Opportunities. * Mentorship & Training Opportunities. * Opportunity to Lead, Grow, and Inspire a Dynamic Team Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today! The Challenge: * Experience in executing substation physical projects * Excellent communication skills and ability to interact with the internal team and clients to meet project needs. * Performing quality control checks on substation physical design projects. * Expected to read and design substation physical drawings such as one-line drawings, three-line drawings, plan-section drawings, foundation, grounding drawings. * Create and check bill of materials for substation physical * Expected to attend site visit at customer location Successful candidates must comply with quality control and safe work practices and maintain compliance with project scope, schedule, and budget. This position will be a member of a design team comprised of engineers, designers, and CAD technicians and will work with client standards to implement design. What Sets You Apart: * Bachelor's degree in electrical engineering, or related degree with two (2+) or more years of related substation physical design experience. * Experience with grounding studies/lightning protection and lighting studies. * Demonstrate Excellent communication skills and ability to interact with the internal team and clients to meet project needs. * Ability to meet deadlines under pressure situations. * Collaborator and leader who can work effectively in team environment. * Self-starter who works independently with minimal direction. * Strong analytical skills and proven problem solver in both team and independent environments. * High level of computer competency. * Willingness to travel to project / client sites and Portland, OR office as needed. You Might Also have: * Engineer Intern ("EI" or "EIT") professional certification. * Professional Engineer ("PE") License. * Working knowledge of protection and control design * Experience with bus calculation * Experience with WinIGS or CDEGS * Master's degree in related field. WHAT WE DO Leidos is a trusted and technology-focused solutions provider. Utilities and mobile operators rely on our Power Delivery Services Team for reliable power and telecommunication expertise, as reflected through our work with more than 50 investor-owned utilities, more than 160 municipals/cooperatives, as well as a growing number of mobile operators, local utility providers and private developers. In addition to providing engineering and project management services, Leidos works with an established group of industry-leading construction partners delivering meaningful Energy Delivery Solutions. Our recognition as an industry leader is confirmed by the latest national rankings by Engineering News-Record (ENR) ranking Leidos within the Top 10 T&D Firms, and Top 10 Power Firms. To explore and learn more, click here! At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business. We take care of our employees. Leidos seeks the best and the brightest, and in return, we invest in you, with an eye on your future, through career advancement, growth opportunities and continuous improvement via mentoring, formal and informal project management training and assistance with obtaining pertinent certifications. We challenge you to help solve some of the world's toughest problems, and reward you with a welcoming culture that recognizes the importance of a strong work/life balance, as well as competitive compensation and benefits. We believe that diversity and inclusion make us all better and offer the chance to have fun and make a difference. PowerDelivery PDSSUBSTATION If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares. Original Posting: September 4, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. Pay Range: Pay Range $69,550.00 - $125,725.00 The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Basic Qualifications Requires a Bachelor's degree in Engineering, or a related Science, Technology or Mathematics field. Also requires 2+ years of job-related experience, or a Master's degree and 6 months of job-related experience. CLEARANCE REQUIREMENTS: Ability to obtain a Department of Defense TS/SCI security clearance is required at time of hire. Applicants selected will be subject to a U.S. Government security investigation and must meet eligibility requirements for access to classified information. Due to the nature of work performed within our facilities, U.S. citizenship is required. Responsibilities for this Position Knowledge, Skills and Abilities: Supports the development of RMF body of evidence for security requirements, including security plans, security testing plans, Security Control Traceability Matrices, and System Impact Analyses. Performs routine security verification tasks using manual and automated methods (Cyber Test Procedures and vulnerability scans). Supports the execution of Assessment and Authorization events. Collaborates with Development and Test teams to plan, implement, and support the verification of security requirements. Actively participates in an Agile team to organize, prioritize, and status work efforts. Champions security perspective for decisions related to implementing and verifying security controls in high-security, cloud-native DevSecOps environments. Self-directed and self-starting ability. Strong written and verbal communication skills. Excellent ability to communicate issues, impacts, and corrective actions. Strong security mindset and comfortable questioning system behavior inconsistent with key security principles. Familiar with NIST SP 800-53 & Risk Management Framework (RMF). Experience with FedRAMP is a plus. Familiar with Linux and Windows operating systems and their security features. Experience with Secure Technical Implementation Guides (STIGs). Understanding of the RMF Assessment and Authorization process. Experience with automation, virtualization, containerized application deployment and orchestration, and cloud-native solutions Strong use and understanding of systems engineering concepts, principles, and theories. Contributes to the achievement of business objectives. Recognizes and incorporates various security designs and lessons learned. Able to sell concepts and ideas effectively. Able to work directly with customers. Proficient in reporting relevant cyber systems engineering design. Regular contact with senior levels of security workgroups. Ability to lead security workgroups. Works under limited direction. Frequent contact with project leaders, other professionals within the Engineering department, project teams, and external customers' security professionals. Creative thinker and good multi-tasker. Strong understanding of Microsoft Office applications. Must be able to obtain a TS/SCI Clearance within six months after hire #LI-Hybrid Salary Note This estimate represents the typical salary range for this position based on experience and other factors (geographic location, etc.). Actual pay may vary. This job posting will remain open until the position is filled. Combined Salary Range USD $95,384.00 - USD $105,817.00 /Yr. Company Overview General Dynamics Mission Systems (GDMS) engineers a diverse portfolio of high technology solutions, products and services that enable customers to successfully execute missions across all domains of operation. With a global team of 12,000+ top professionals, we partner with the best in industry to expand the bounds of innovation in the defense and scientific arenas. Given the nature of our work and who we are, we value trust, honesty, alignment and transparency. We offer highly competitive benefits and pride ourselves in being a great place to work with a shared sense of purpose. You will also enjoy a flexible work environment where contributions are recognized and rewarded. If who we are and what we do resonates with you, we invite you to join our high-performance team! Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

Are you a cybersecurity and/or AI researcher who enjoys a challenge? Are you excited about pioneering new research areas that will impact academia, industry, and national security? If so, we want you for our team, where you'll collaborate to deliver high-quality results in the emerging area of AI security. The CERT Division of the Software Engineering Institute (SEI) is seeking applicants for the AI Security Researcher role. Originally created in response to one of the first computer viruses -- the Morris worm - in 1988, CERT has remained a leader in cybersecurity research, improving the robustness of software systems, and in responding to sophisticated cybersecurity threats. Ensuring the robustness and security of AI systems is the next big challenge on the horizon, and we are seeking life-long learners in the fields of cybersecurity, AI/ML, or related areas, who are willing to cross-train to address AI Security. As part of the Threat Analysis Directorate, you will join a group of security experts focused on advancing the state of the art in AI security at a national and global scale. Our tasks include vulnerability discovery and assessments for AI systems, evaluation of the effectiveness and robustness of defenses and mitigations for AI systems, reverse engineering AI systems and models, and identifying new areas where security research is needed. We participate in communities of network defenders, software developers and vendors, security researchers, AI practitioners, and policymakers. You'll get a chance to work with elite AI and cybersecurity professionals, university faculty, and government representatives to build new methodologies and technologies that will influence national AI security strategy for decades to come. You will co-author research proposals, execute studies, and present findings and recommendations to our DoD sponsors, decision makers within government and industry, and at academic conferences. The SEI is a non-profit, federally funded research and development center (FFRDC) at Carnegie Mellon University. What you'll do: Develop state of the art approaches for analyzing robustness of AI systems. Apply these approaches to understanding vulnerabilities in AI systems and how attackers adapt their tradecraft to exploit those vulnerabilities. Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats to AI systems and effectively participate in the broader security community. Study and influence the AI security and vulnerability disclosure ecosystems. Evaluate the effectiveness of tools, techniques and processes developed by industry and the AI security research community. Uncover and shape some of the fundamental assumptions underlying current best practice in AI security. Develop thought models, tools and data sets that can be used to characterize the threats to, and vulnerabilities in, AI systems, and publish those results. You will also use these results to aid in the testing, evaluation and transition of technologies developed by government-funded research programs. Identify opportunities to apply AI to improve existing cybersecurity research. Who you are: You have BS in machine learning, cybersecurity, statistics, or related discipline with ten (10) years of experience; OR MS in the same fields with eight (8) years of experience; OR PhD in the same fields with five (5) years of experience. You have a deep interest in AI/ML and cybersecurity with a penchant for intellectual curiosity and a desire to make an impact beyond your organization. You have practical experience with applying cybersecurity knowledge toward vulnerability research, analysis, disclosure, or mitigation. You have experience with advising on a range of security topics based on research and expert opinion. You have familiarity with implementing and applying AI/ML techniques to solving practical problems. You have familiarity with common AI/ML software packages and tools (e.g., Numpy, Pytorch, Tensorflow, ART). You have knowledge or familiarity with reverse engineering tools (e.g. NSA Ghidra, IDA Pro) You have experience with Python, C/C++, or low-level programming. You have experience developing frameworks, methodologies, or assessments to evaluate effectiveness and robustness of technologies. You have excellent communication skills (oral and written), particularly regarding technical communications with non-experts. You enjoy mentoring and cross-training others and sharing knowledge within the broader community. Candidates with strong technical proficiency in either AI/ML or cybersecurity are welcome to apply, provided a demonstrated intellectual agility and commitment required for accelerated learning within the role. You are able to: Travel to various locations to support the SEI's overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion (5%). You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance. Why work here? Join a world-class organization that continues to have a significant impact on software. Work with cutting-edge technologies and dedicated experts to solve tough problems for the government and the nation. Be surrounded by friendly and knowledgeable staff with broad expertise across AI/ML, cybersecurity, software engineering, risk management, and policy creation. Get 8% monthly contribution for your retirement, without having to contribute yourself. Get tuition benefits to CMU and other institutions for you and your dependent children. Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave. Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies. Qualify for relocation assistance and so much more. Joining the CMU team opens the door to an array of exceptional benefits. Benefits eligible employees enjoy a wide array of benefits including comprehensive medical, prescription, dental, and vision insurance as well as a generous retirement savings program with employer contributions. Unlock your potential with tuition benefits, take well-deserved breaks with ample paid time off and observed holidays, and rest easy with life and accidental death and disability insurance. Additional perks include a free Pittsburgh Regional Transit bus pass, access to our Family Concierge Team to help navigate childcare needs, fitness center access, and much more! For a comprehensive overview of the benefits available, explore our Benefits page. At Carnegie Mellon, we value the whole package when extending offers of employment. Beyond credentials, we evaluate the role and responsibilities, your valuable work experience, and the knowledge gained through education and training. We appreciate your unique skills and the perspective you bring. Your journey with us is about more than just a job; it's about finding the perfect fit for your professional growth and personal aspirations. Are you interested in an exciting opportunity with an exceptional organization?! Apply today! Location Pittsburgh, PA Job Function Software/Applications Development/Engineering Position Type Staff - Regular Full Time/Part time Full time Pay Basis Salary More Information: Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world. Click here to view a listing of employee benefits Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran. Statement of Assurance

Are you a cybersecurity and/or AI researcher who enjoys a challenge? Are you excited about pioneering new research areas that will impact academia, industry, and national security? If so, we want you for our team, where you'll collaborate to deliver high-quality results in the emerging area of AI security. The CERT Division of the Software Engineering Institute (SEI) is seeking applicants for the AI Security Researcher role. Originally created in response to one of the first computer viruses -- the Morris worm - in 1988, CERT has remained a leader in cybersecurity research, improving the robustness of software systems, and in responding to sophisticated cybersecurity threats. Ensuring the robustness and security of AI systems is the next big challenge on the horizon, and we are seeking life-long learners in the fields of cybersecurity, AI/ML, or related areas, who are willing to cross-train to address AI Security. As part of the Threat Analysis Directorate, you will join a group of security experts focused on advancing the state of the art in AI security at a national and global scale. Our tasks include vulnerability discovery and assessments for AI systems, evaluation of the effectiveness and robustness of defenses and mitigations for AI systems, reverse engineering AI systems and models, and identifying new areas where security research is needed. We participate in communities of network defenders, software developers and vendors, security researchers, AI practitioners, and policymakers. You'll get a chance to work with elite AI and cybersecurity professionals, university faculty, and government representatives to build new methodologies and technologies that will influence national AI security strategy for decades to come. You will co-author research proposals, execute studies, and present findings and recommendations to our DoD sponsors, decision makers within government and industry, and at academic conferences. The SEI is a non-profit, federally funded research and development center (FFRDC) at Carnegie Mellon University. What you'll do: * Develop state of the art approaches for analyzing robustness of AI systems. * Apply these approaches to understanding vulnerabilities in AI systems and how attackers adapt their tradecraft to exploit those vulnerabilities. * Reverse engineer malicious code in support of high-impact customers, design and develop new analysis methods and tools, work to identify and address emerging and complex threats to AI systems and effectively participate in the broader security community. * Study and influence the AI security and vulnerability disclosure ecosystems. * Evaluate the effectiveness of tools, techniques and processes developed by industry and the AI security research community. * Uncover and shape some of the fundamental assumptions underlying current best practice in AI security. * Develop thought models, tools and data sets that can be used to characterize the threats to, and vulnerabilities in, AI systems, and publish those results. You will also use these results to aid in the testing, evaluation and transition of technologies developed by government-funded research programs. * Identify opportunities to apply AI to improve existing cybersecurity research. Who you are: * You have BS in machine learning, cybersecurity, statistics, or related discipline with ten (10) years of experience; OR MS in the same fields with eight (8) years of experience; OR PhD in the same fields with five (5) years of experience. * You have a deep interest in AI/ML and cybersecurity with a penchant for intellectual curiosity and a desire to make an impact beyond your organization. * You have practical experience with applying cybersecurity knowledge toward vulnerability research, analysis, disclosure, or mitigation. * You have experience with advising on a range of security topics based on research and expert opinion. * You have familiarity with implementing and applying AI/ML techniques to solving practical problems. * You have familiarity with common AI/ML software packages and tools (e.g., Numpy, Pytorch, Tensorflow, ART). * You have knowledge or familiarity with reverse engineering tools (e.g. NSA Ghidra, IDA Pro) * You have experience with Python, C/C++, or low-level programming. * You have experience developing frameworks, methodologies, or assessments to evaluate effectiveness and robustness of technologies. * You have excellent communication skills (oral and written), particularly regarding technical communications with non-experts. * You enjoy mentoring and cross-training others and sharing knowledge within the broader community. * Candidates with strong technical proficiency in either AI/ML or cybersecurity are welcome to apply, provided a demonstrated intellectual agility and commitment required for accelerated learning within the role. You are able to: * Travel to various locations to support the SEI's overall mission. This includes within the SEI and CMU community, sponsor sites, conferences, and offsite meetings on occasion (5%). * You will be subject to a background check and will need to obtain and maintain a Department of Defense security clearance. Why work here? * Join a world-class organization that continues to have a significant impact on software. * Work with cutting-edge technologies and dedicated experts to solve tough problems for the government and the nation. * Be surrounded by friendly and knowledgeable staff with broad expertise across AI/ML, cybersecurity, software engineering, risk management, and policy creation. * Get 8% monthly contribution for your retirement, without having to contribute yourself. * Get tuition benefits to CMU and other institutions for you and your dependent children. * Enjoy a healthy work/life balance with flexible work arrangements and paid parental and military leave. * Enjoy annual professional development opportunities; attend conferences and training or obtain a certification and get reimbursed for membership in professional societies. * Qualify for relocation assistance and so much more. Location Pittsburgh, PA Job Function Software/Applications Development/Engineering Position Type Staff - Regular Full time/Part time Full time Pay Basis Salary More Information: * Please visit "Why Carnegie Mellon" to learn more about becoming part of an institution inspiring innovations that change the world. * Click here to view a listing of employee benefits * Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran. * Statement of Assurance

Primary Office Location:626 Washington Place. Pittsburgh, Pennsylvania. 15219.Join our team. Make a difference - for us and for your future. Cyber Security Specialist Business Unit: Risk Management Reports to: Manager of Cyber Security Position Overview: This position is primarily responsible for performing all procedures necessary to ensure the safety of information systems assets and protecting systems from intentional or inadvertent access or destruction under the supervision of the Manager of Cyber Security. The incumbent demonstrates the ability to develop IT security standards and procedures, has demonstrated knowledge and understanding of IT industry trends and emerging technologies and an ability to relate them to the corporation and it's objectives. Primary Responsibilities: Investigates, escalates and documents cyber security events or incidents according to standard operating procedures (SOP), as needed. Writes comprehensive reports of incident investigations. Evaluates and improves Security Information and Event Management (SIEM) rule set based on threat and vulnerability indicators. Analyzes information from variable threat sources and provide necessary awareness to management, IT and impact business areas. Tracks remediation of identified issues based on incident investigations. Utilizes forensic resources to understand event impacts and generates incident reports. Assists management in preparation of reports of current threats. Uses PowerShell scripting or other programming languages to automate tasks. Leverages various toolsets to gain awareness of potentially suspicious activity and alerts to threats, intrusions and/or compromises. Performs other related duties and projects as assigned. All employees have the responsibility and the accountability to serve as risk managers for their businesses by understanding, reporting, responding to, managing and monitoring the risk they encounter daily as required by F.N.B. Corporation's risk management program. F.N.B. Corporation is committed to achieving superior levels of compliance by adhering to regulatory laws and guidelines. Compliance with regulatory laws and company procedures is a required component of all position descriptions. Minimum Level of Education Required to Perform the Primary Responsibilities of this Position: BA or BS Minimum # of Years of Job Related Experience Required to Perform the Primary Responsibilities of this Position: 3 Skills Required to Perform the Primary Responsibilities of this Position: Excellent communication skills, both written and verbal Excellent customer service skills Excellent project management skills Detail-oriented Strong security background in network/systems/physical security, authentication, authorization and usability. Comprehensive knowledge of the OSI model. Working knowledge of packet collection and analysis tools. Licensures/Certifications Required to Perform the Primary Responsibilities of this Position: Valid Drivers License CISSP, Security+, Network+, GCIA, GCIH, CEH, CISM, CSX Physical Requirements or Work Conditions Beyond Traditional Office Work: Heavy Lifting over 45 lbs. Equal Employment Opportunity (EEO): It is the policy of FNB not to discriminate against any employee or applicant for employment because of his or her race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, or status as a protected veteran. FNB provides all applicants and employees a discrimination and harassment free workplace.

We are seeking an experienced AI Security Engineer to lead the development of next -generation cybersecurity solutions for advanced AI systems. This individual will be responsible for researching, designing, and implementing cutting -edge security controls to protect AI models, data pipelines, and infrastructure from adversarial attacks, privacy vulnerabilities, and regulatory risks. The ideal candidate has a strong background in AI and understanding of cybersecurity principles, has been published in leading academic conferences (NeurIPS, ICLR, Black Hat, DEFCON, etc.), and has experience working at a frontier AI lab. Requirements Experience: 5+ years in AI/ML with a strong focus on cybersecurity. Education: Bachelor's or Master's in Computer Science, Cybersecurity, AI/ML, or a related field. PhD preferred. Technical Expertise: Strong understanding of AI security challenges, including adversarial ML, LLM backdoor, (in)direct prompt injections, model poisoning, and data leakage. Proficiency in cybersecurity frameworks (NIST, MITRE ATLAS, OWASP AI Top 10) and security tools. Hands -on experience with AI frameworks (TensorFlow, PyTorch, OpenAI API, Hugging Face) and securing AI pipelines. Expertise in cryptography, secure data handling, and privacy -preserving AI techniques (federated learning, differential privacy). Proficiency in Python and security -related programming (e.g., secure coding, AI model evaluation). Familiarity with AI agents, autonomous agents, large language models (LLMs), and multi -modal AI systems. Preferred: Experience in compliance, regulatory, or risk frameworks for AI (e.g., OWASP, MITRE, GDPR, HIPAA, GLBA, NIST AI RMF). An interest in robotics would be preferred as well. Publication & Research: Proven track record of research contributions in top AI/ML and cybersecurity conferences. Industry Experience: Prior work at a leading AI research lab, security -focused AI startup, or a major tech company's AI division. Benefits Competitive salary and equity options. 100% paid medical insurance coverage. Research and publication opportunities. Opportunity to work on cutting -edge AI security challenges that expand beyond software systems. Flexible work environment with remote and in -office options. Access to industry -leading AI security research and resources. A dynamic, mission -driven team shaping the future of AI security.

Are you ready to elevate security practices to new heights? Our organization is on the lookout for a dynamic Application Security Engineer who will revolutionize our application security strategies. Located in the vibrant city of Pittsburgh, PA, this on\-site role is the perfect opportunity to collaborate with key stakeholders in Technology, Product, and Strategic Business Units to tackle the most pressing security challenges head\-on. As a Application Security Engineer, you will spearhead the secure software development lifecycle, embedding cutting\-edge security practices at every step of our DevOps pipelines and application security processes. Your expertise in maturity models like DSOMM (DevSecOps Maturity Model), CI\/CD pipelines, and vulnerability management tools will be crucial in transforming our security landscape. Join forces with our engineering, DevOps, Product, and Technology teams to implement automated security controls, threat modeling, and risk mitigation strategies that will shape the future of our software development lifecycle. This role requires minimal travel and the ability to work in a fast\-paced, dynamic environment. The position may involve working outside normal business hours to address urgent compliance or security incidents. Key Responsibilities DevSecOps & Maturity Measurement Implementation: Assess, report, and assist with improving application security and DevSecOps Maturity, utilizing a measurement framework such as DSOMM or BSIMM, across the organization. Define and implement security policies, standards, and best practices for DevOps, CI\/CD pipelines, and cloud security. Work with development and DevOps teams to integrate automated security testing (SAST, DAST, SCA, IaC security scanning, etc.) into pipelines. Establish security gates in CI\/CD workflows to prevent deployment of vulnerable code. Application Security & Code Vulnerabilities: Perform code reviews, static\/dynamic security testing (SAST\/DAST), and secure coding guidance to developers. Identify and remediate vulnerabilities in application code, libraries, containers, and infrastructure as code (IaC). Develop and enforce secure coding standards in alignment with OWASP, NIST, and other frameworks. Conduct threat modeling and security architecture reviews for applications and services. For example, assist application teams with developing accurate data flow diagrams and developing appropriate identity management solutions. Manage and mature Bot Management services for all applications. Assist with WAF management and maturity. Improve secrets management and API security. Vulnerability Management & Risk Reduction: Manage and mature enterprise\-wide Bug Bounty program (e.g. BugCrowd, HackerOne) Manage vulnerability scanning tools (e.g., Tenable, Qualys, Sonar, Snyk) and prioritize remediation efforts. Track, assess, and coordinate the remediation of vulnerabilities across the application, infrastructure, and cloud environments. Develop risk\-based vulnerability management workflows and collaborate with engineering teams to drive fixes. Monitor security dashboards and metrics, ensuring vulnerabilities are patched in alignment with SLAs. Security CI\/CD Automation & Tooling: Implement security automation using APIs, scripts, and cloud\-native security controls. Work with DevOps engineers to integrate security tooling (like SemGrep, Snyk, Cycode) or within Jenkins, GitHub, GitLab CI\/CD, or AWS DevOps. Automate security findings triage, reporting, and prioritization processes. Security Awareness & Collaboration: Train and mentor developers on secure coding, threat modeling, DevSecOps, and vulnerability management best practices. Collaborate with security operations, incident response, and compliance teams on security initiatives. Participate in security assessments, penetration testing, and security incident investigations. Requirements Qualifications & Experience Bachelor's Degree in Information Security, Cybersecurity, Computer Science, or a related field OR a minimum of 6 years' equivalent experience in lieu of a degree 4+ years of experience in application security, DevSecOps, and security engineering OR a combination of 2+ years experience as a developer and 2+ years in application security, DevSecOps, and security engineering Hands\-on experience with DevSecOps tools (SAST, DAST, SCA, container security, IaC security), integrating security solutions within CI\/CD pipelines, strong knowledge of secure coding principles (OWASP Top 10, SANS CWE Top 25), and familiarity with AI ML or LLM usage within security tooling. Experience with vulnerability management, web app penetration testing tooling, and security certifications like CISSP, OSCP, GCPN, GCSA, AWS Security Specialty, or CSSLP are preferred. Proficiency in Bot Management tooling, client\-side monitoring tooling, and implementing maturity measurement frameworks such as DSOMM or BSIMM in an enterprise setting. Ability to understand and communicate best\-practice system architectures, data flows, and security controls within modern web applications and cloud (SaaS\/PaaS, IaaS). Excellent verbal and written communication skills, with the ability to communicate complex security concepts to technical and non\-technical stakeholders. "}}],"is Mobile":false,"iframe":"true","job Type":"Full time","apply Name":"Apply Now","zsoid":"641871163","FontFamily":"PuviRegular","job OtherDetails":[{"field Label":"Industry","uitype":2,"value":"Engineering"},{"field Label":"Work Experience","uitype":2,"value":"5+ years"},{"field Label":"City","uitype":1,"value":"Pittsburgh"},{"field Label":"State\/Province","uitype":1,"value":"Pennsylvania"},{"field Label":"Zip\/Postal Code","uitype":1,"value":"15205"}],"header Name":"Application Security Engineer","widget Id":"**********00072311","is JobBoard":"false","user Id":"**********00133003","attach Arr":[],"custom Template":"5","is CandidateLoginEnabled":true,"job Id":"**********06714003","FontSize":"15","google IndexUrl":"https:\/\/hdjassociates.zohorecruit.com\/recruit\/ViewJob.na?digest=UnBknG4YeUTpH3g.ao7JoWAjgPO2l6C2tdKjPQTIaoc\-&embedsource=Google","location":"Pittsburgh","embedsource":"CareerSite","indeed CallBackUrl":"https:\/\/recruit.zoho.com\/recruit\/JBApplyAuth.do"}

The Information Security Specialist plays a vital role in protecting the Bank's information assets by ensuring the integrity, confidentiality, and availability of systems across the enterprise. This position is responsible for the effective application of security controls across both business operations and technology environments. The successful candidate will perform security administration, conduct continuous monitoring, and lead investigations into security events triggered by the Bank's security infrastructure. Organization Overview FHLBank Pittsburgh provides reliable funding and liquidity to its member financial institutions, which include commercial and savings banks, community development financial institutions, credit unions and insurance companies in Delaware, Pennsylvania and West Virginia. FHLBank products and resources help support community lending, housing and economic development. As one of 11 Federal Home Loan Banks established by Congress, FHLBank has been an integral and reliable part of the financial system since 1932. Primary Success Factors * Supports the efficient and effective implementation and maintenance of security for the Bank's information assets and resources; evaluates, installs and maintains security software on a variety of platforms; and actively promotes the advancement of sound security policies and procedures. Provides customer support for email processing and security, Help Desk ticket queues for security and account requests. * Monitoring and investigation of security events generated by the Bank's security infrastructure * Designs appropriate security measures in new system development efforts as defined by security requirements, product options and implementation strategies. * Evaluates, engineers, and recommends security enhancements to Bank's current environment and architecture. * Establishes and executes procedures for authorizing access to information across all platforms to appropriately restrict access. * Participates in establishing and maintaining security policies and procedures * Provides daily support and management of Security incident and event Management (SIEM) solution according to industry best practice and Bank policy. * Performs monitoring, analysis, and reporting of security events across a complex environment. * Establishes and executes procedures for performing self-audits of the security administration function to detect inappropriately defined security parameters. * Manages bank firewalls to ensure access and controls are properly applied to all systems. * Manages security systems (IDS, firewall, mail/web filtering, etc.) to ensure systems are properly functioning and upgraded. * Works with business users to ensure proper access to applications is in place. * Regularly reviews systems and networks to ensure compliance with IT Security policy. * Assists in the designing of network architecture to ensure industry-standard network practices are enforced. * Deciphers network packet captures for troubleshooting. * Ensures compliance with applicable policies, procedures, and regulations to ensure safe and sound business operations. Required Experience * Bachelor's degree in Computer Science, Information Systems or related degree or equivalent work experience * At least one of the following professional Security-related certifications required: CISSP, SANS GIAC, CCSP * Five or more years of experience in an information security role * At least two years of hands-on experience with firewall administration * Hands-on experience with administering security in Windows Active Directory Security * Demonstrated knowledge of managing and administering spam filtering system * Demonstrated knowledge of securing and administering security on multiple operating environments: Linux, Windows * Demonstrated knowledge of host-based and network-based Intrusion Detection System concepts * Experience with DDOS mitigation and related network traffic risk mitigation techniques * Experience with Network Access Control Platforms and Procedures Candidates with at least three years of experience in an information security role and Windows Active Directory Security will be considered for an alternative role. It is the policy of the Federal Home Loan Bank of Pittsburgh to ensure equal employment opportunity (EEO) for all employees and applicants for employment without regard to race, religion, color, sex, national origin, age, disability status, genetic information, veteran's status, ancestry, sexual orientation or status as a parent as defined by applicable law. It is the Bank's policy to comply with applicable laws concerning the employment of persons with disabilities, including reasonable accommodation for applicants and employees with disabilities.

Enterprise Security Architect Duration: Full Time Interview mode: Inperson Brand new role Serve as a member of the enterprise architecture team, providing technical security insight that aligns with business objectives and security requirements. Establish and evangelize the security architecture (principles, policies, standards and patterns) to development groups, business groups and other stakeholders; Govern adherence to the architecture golden rules. Analyze gaps between current and target security architecture and develops plans to close the gaps. Responsibilities: Works with IT departments, information security architects, technical architects, data custodians, and governance groups to develop and update Client security policies, standards, procedures, and solutions for secure application architecture. Ensures that security practices are aligned with Client's overall business strategies. Advises and drives the security maturity of the development lifecycle including secure coding and system security for operations. Recommends and implements changes in security procedures and practices using best-in-class information to ensure that Client is maintaining best-in-class security practices. Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs. Conducts Penetration Test, Vulnerability, and Risk assessments to improve the security architecture and security product toolset. Prepares system security reports by collecting, analyzing, and summarizing data and trends. Executes validation by external vendors. Verifies security systems and network configurations by developing and implementing test scripts while monitoring adherence to standards in architecture, application design, development, and testing frameworks. Qualifications Qualifications: Bachelor degree with Master preferred. Security certification required. 7 to 10 years of experience operating in a cloud environment (e.g. Azure, AWS, Rackspace) along with at least 5 years working in a dedicated information security role with a focus on Security Architecture for at least 3 years. 7 to 10 years of experience with PaaS, IaaS, SaaS, and/or mobile architecture Solid experience with security hacking tools and techniques. Solid understanding in application architectures and technology including web applications, mobile technology, identity and access management, security event and incident management as well as web security controls (e.g. Web Application Firewall, Database Activity Monitor, Distributed Denial of Service controls, etc.) Extensive working knowledge of web application security best practices to include, but not limited to, Cloud Security Alliance controls matrix, OWASP Top 10. Experience with compliance standards such as HIPAA, CMS, SOX, GLBA; as well as security frameworks such as SANS 20 CSC, CoBIT, or NIST. Previous involvement with developing and/or maintaining an Enterprise Security Architecture. Familiarity with TOGAF is a plus Strong understanding and experience of software development methodologies and life cycles Excellent written and verbal communications skills required, with the ability to explain advanced concepts to audiences of varying levels Can be counted on to exceed goals successfully, very bottom-line orientated while steadfastly pushes self and others for results. Has working knowledge of web application security best practices to include, but not limited to, Cloud Security Alliance controls matrix, OWASP Top 10. Demonstrated ability to make sound decisions using a mixture of analysis, wisdom, experience, and judgement coupled with a strong ability to learn on the fly (quickly learns new tasks, open to change). Certifications, licenses or registrations: Security+, CISSP, CISA, CEH Proven ability to organize/manage multiple priorities coupled with the flexibility to quickly adapt to ever-changing business needs. Additional Information All your information will be kept confidential according to EEO guidelines.

* Bachelor degree or equivalent required; Bachelor degree in IT related field preferred * Seven to twelve years of experience in the development and implementation of information security systems required * Experience or detailed technical knowledge of securing applications, operating systems and networks required * Experience or detailed knowledge of security technology including: Next Generation Firewalls, Email Security, network monitoring, Identity Access Solutions and endpoint security devices required * Working knowledge of: risk assessment products; IS automated tools; various authentication schemes (including Active Directory); browser security functionality; policy development; data privacy; and common information security issues preferred MAJOR DUTIES: * Works across multiple technology teams to effectively identify our technology vision. * Ensures the overall environment continuously evolves to support the firm's objectives, across investment management, trading, IM operations, compliance, product development, marketing, sales, corporate management, etc. * Create an Information Security Strategy that works across the enterprise to enable the secure use of leading edge technology. * Assist in building a strategic roadmap that implements the strategy by properly sequencing people, process and technology solutions. * Execute the strategic roadmap by streamlining the overall suite of security tools, and making cost effective and optimized investment in emerging security technology. * Provide security expertise for security-relevant enterprise initiatives such as data governance, account administration, and governance processes. * Assists in establishing and maintaining standards and policies related to Information Security. HOURS/LOCATION: * 8:30 a.m. - 5:00 p.m. (over time as required) * Warrendale Location - Warrendale, PA 15086 (will be required to work at other Federated locations) EXPLANATORY COMMENTS * Strong oral and written communication skills * Effective people management and customer service skills * Demonstrates a cooperative attitude and effective interpersonal and communication skills with clients, coworkers and vendors. * Demonstrates flexibility and the ability to work as a member of a team * Possess the ability to facilitate technical discussions and negotiate resolutions when there are differing technical opinions

We specialize in Staffing, Consulting, Software Development, and Training along with IT services to small to medium size companies. AG's primary objective is to help companies maximize their IT resources and meet the ever-changing IT needs and challenges. In addition, AG offers enterprise resource planning and enterprise application integration, supply-chain management, e-commerce solutions, and B2B public exchanges and B2B process integration solutions. Our company provides application analysis, design, development and programming, software engineering, systems development, testing, integration, and implementation, and management consulting services to various clients - including governmental agencies and private companies - throughout the United States and India. We provide these services in multiple computing environments and use technologies such as client/server architecture, object-oriented programming languages and tools, distributed database management systems, state-of-the-art networking, and communications infrastructures. Our honest and realistic approach to recruiting dictates that AG does not entice or lure engineers from their employers. We represent only high caliber technical professionals who have committed to making a change required by career. Job Description MUST HAVE: Experience with implementing a vulnerability scanner Familiarity with both Windows and Linux platforms Experience with a log management system (Splunk, Elastic Search, etc) General understanding of incident management systems Experience patching operating systems/applications Experience configuring operating systems/applications Knows and applies the fundamental concepts, practices and procedures of IT security hardware, software, management software, and troubleshooting tools Candidate should have a strong knowledge of IT security, including demonstrated knowledge of current security trends and issues Ability to effectively and professionally communicate with customers and technical support staff at remote locations including team members in foreign countries; excellent verbal and written communication skills Highly self-motivated and flexible Manage priorities for timely completion of assignments Strong analytical and problem-solving skills Demonstrated success managing confidential/secure information with a high level of integrity NICE TO HAVE: Nessus experience HP Service Manager Additional Information Good comm skills are a big priority Duration: 3+ Months LOCALS PREFERRED Interview: Phone+F2F

Who We Are… Since our founding in 1901, Limbach's primary core value has always been simple: We Care. That commitment extends to our people, our customers, and the communities we serve-driving a culture of belonging across our industry. Limbach Facility Services LLC, a subsidiary of Limbach Holdings, Inc., (NASDAQ: LMB), is a leading building systems solutions firm delivering mission-critical systems that support life's most important moments. We specialize in revitalizing and maintaining HVAC, mechanical, electrical, plumbing, and control systems within existing facilities-ensuring buildings are always ready to perform when it matters most. Learn more about Limbach by checking out our YouTube channel: We Are Limbach - YouTube From healthcare and education to government and commercial facilities, we partner with building owners and operators to safeguard reliability, efficiency, and comfort where it's needed most. Our vision is to create value for building owners targeting opportunities for long term relationships. Our purpose is to create great opportunities for people. Learn more about Limbach's commitment to our people and career opportunities, straight from our employees via the Limbach Unlocked podcast: Limbach Unlocked - Why We Chose Limbach We carry out our vision and purpose through a commitment to our four core values… We Care We Act with Integrity We Are Innovative We Are Accountable The Benefits & Perks… Base salary range of $130K - $140K Full portfolio of medical, dental, and vision benefits, along with 401K plan and company match. HSA, FSA, and life insurance offerings. Maximize your professional development with our award-winning Learning & Engagement team. Engage in our “We Care” culture through our ERGs, brought to you by EMBRACE. Career pathing flexibility and mobility. Who You Are… As Security Analyst / Engineer, you will serve as the organization's primary, hands-on security operations lead. Reporting directly to the CIO, the candidate will triage SOC outputs, tune detection logic, drive automated response through SOAR playbooks, own the vulnerability management lifecycle, and lead incident response from detection through remediation and post-incident lessons learned. They act as a trusted partner to our outsourced SOC, the quarterback for IR, and the technical voice to the CIO and Board on operational security posture working closely with our IT Operations leader. This Position… Some examples of the work you might do includes: Security Operations & Monitoring: Serves as the primary liaison to our outsourced SOC and vCISO. Triage, validate, and prioritize alerts from SIEM (e.g., Google Chronicle, GrayMatter, or equivalent). Ensures log integrity, enrichment, and actionable alerting. SOAR & Automation: Builds, maintains, and iterates SOAR playbooks (Google SOAR or comparable) to automate containment, enrichment, and evidence collection; lowers MTTR by automating low-risk actions while preserving human judgment for high-impact events. Incident Response: Lead detection → containment → eradication → recovery workflows. Owns post-incident reviews, creates remediation roadmaps, and tracks closure of corrective actions. Conducts regular tabletop exercises and maintains IR runbooks and escalation paths. EDR/MDR/XDR Management: Administers and tunes EDR/MDR/XDR platforms (deployment health, telemetry, detection rules, containment capabilities). Investigates endpoint events, performs root cause analysis, and coordinates remediation with IT operations. Vulnerability Management: Operates the vulnerability management program (Rapid7, Tenable.io, or equivalent): schedules scans, triages findings, prioritizes by risk and asset criticality, and shepherds remediation with engineering teams. Proposes and verifies system hardening measures and baselines. Detection Engineering: Authors correlation rules, analytic searches, and detection content; reduces false positives while increasing meaningful detections. Builds dashboards and KPIs that communicate detection coverage and efficacy. M&A & Integration Security: Leads security due diligence and integration activities for acquisitions: identities & accesses reviews, vulnerability scans, endpoint posture checks, and integration playbooks to onboard new entities into Limbach's security baselines. Training & Knowledge Transfer: Develops and delivers IR and detection training for IT and business teams. Produces clear operational documentation, SOPs, and playbooks. Coaches SOC engineers and champions continuous improvement. Reporting & Executive Communication: Produces monthly operational and executive risk reports (incidents, vulnerability trends, MTTR, coverage gaps). Briefs the CIO and Board with concise risk-based recommendations. Third-Party Coordination: Manages relationships and SLAs with MDR/MSSP/MDR providers, forensic firms, and other security partners. What You Need… 5+ years of progressive, hands-on cybersecurity experience, with significant time spent in SOC and incident response environments. Demonstrated experience in incident response, threat hunting, and digital forensics. Demonstrated expertise with SIEM and SOAR platforms (Google Chronicle, GrayMatter, Chronicle SOAR, or comparable). Proven track record managing EDR/MDR/XDR solutions and performing endpoint investigations. Hands-on experience owning vulnerability programs with Rapid7, Tenable.io, or similar tooling. Experience writing detection logic, playbooks, and incident runbooks; demonstrable success in alert tuning and automation. Real-world experience coordinating cross-functional incident response activities and driving remediation to completion. Scripting and automation skills (PowerShell, Python, Bash) to automate enrichment, containment, and evidence collection. Strong Windows and Linux administration/forensics fundamentals; network fundamentals and packet-level troubleshooting. Familiarity with cloud security (Azure, Microsoft 365, Intune, Conditional Access) and endpoint management tools. Knowledge of security controls, hardening standards, and configuration baselines. Ability to read and interpret logs and telemetry across endpoints, network devices, and cloud services. Superior written and verbal communication; able to explain technical findings to non-technical and executive audiences. Decisive under pressure, methodical in evidence collection, and disciplined in documentation. Collaborative, tactful, and experienced at working with cross-functional teams (IT ops, HR, Legal, vendor partners). Strong project management and organizational skills with an eye for measurable outcomes. Ability to travel up to 15% of the time. Preferred Qualifications: Relevant industry certifications, including advanced training from SANS in incident handling, threat hunting, and digital forensics (e.g., SEC504, FOR508, FOR572, or equivalent). Certifications: CISSP, GCIH, GCFA, ECIH, or Security+ (or equivalent). Prior role as a dedicated incident responder or IR team lead. Experience with Microsoft Defender for Endpoint, Azure Security Center, and native cloud telemetry. Familiarity with compliance frameworks (SOC 2, NIST CSF/800-171, ISO 27001) and how detection/IR maps to them. Experience in multi-site enterprise environments and with M&A integration security. Conduct Standards: Maintains appropriate Company confidentiality at all times. Protects the assets of the Company and ethically upholds the Code of Conduct & Ethics in all situations. Cultivates and promotes the “Hearts & Minds” safety culture. Consistently exemplifies the Core Values of the Company (we CARE, we act with INTEGRITY, we are INNOVATIVE, and we are ACCOUNTABLE). Work Environment: This position operates primarily in an office environment and routinely utilizes standard office equipment, such as computers, phones, copiers, and filing cabinets. The Company's Remote Work Policy is applicable to this position. Physical Demands: In performing the duties of this job, the incumbent is regularly required to talk, hear, perform repetitive motion, and possess an appropriate degree of both visual acuity and manual dexterity. This is considered a sedentary position, which means possible exertion up to ten (10) pounds of force occasionally, and/or negligible amount of force frequently or constantly to lift, carry, push, pull, or otherwise move objects. This job description is intended to describe the general nature of work being performed by the individual who assumes this role, not an exhaustive list of responsibilities. Duties, responsibilities, and activities may change at any time, with or without notice, as business needs dictate. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position. Limbach Facility Services LLC is an Equal Opportunity Employer. #LFS

Come join our family! Microbac Laboratories is an essential business offering competitive pay and benefits including medical, dental, vision, life insurance, disability, generous paid time off including vacation, holidays and flex-time, a wellness program, referral bonus, tuition reimbursement and more! Whether you are just starting your career in science or looking to further it, Microbac will put you on the path of an exciting career with room to grow. Quality, safety, giving back to our communities, diversity and inclusion, customer success and employee wellbeing are part of our core culture. We are looking for motivated individuals to join our family as a Cybersecurity Engineer. ABOUT MICROBAC Microbac Laboratories, Inc. is a premier commercial laboratory testing firm that partners with clients worldwide, offering laboratory solutions to the life science, food and nutrition, and environmental industries and serves our clients with the utmost expertise and respect for their market requirements, constraints, and challenges. We embody a company-wide commitment to exceptional customer experience, which has been refined over nearly 50 years of trusted, analytical and measurement experience. Through our network of laboratories, offices, and field services, we have the flexibility to meet the unique requirements for each client, project, and scope. As a privately held third-party testing company, Microbac operates with a commitment to safety, quality, and compliance. Our diverse work portfolio includes broad accreditation offerings and tested insights across the environmental, food and nutrition and life science markets. JOB SUMMARY We are seeking a hands-on Cybersecurity Engineer to own day-to-day security operations and incident response across our network of 30+ laboratories. This role is execution-focused and ideal for a candidate who enjoys working in lean environments, partnering closely with Infrastructure and Quality teams, and directly configuring and operating security controls. You will serve as the primary escalation point for security incidents while helping mature the organization's security posture as the business grows. Essential Functions: Own daily cybersecurity operations, monitoring alerts and responding to incidents Act as the primary escalation point for security events Lead incident response from detection through remediation and root cause analysis Configure and maintain security controls across business platforms Manage identity, access controls, MFA, Conditional Access, and privileged access models Perform hands-on investigations Develop, test, and maintain incident response playbooks and escalation paths Create security policies and translate them into enforceable technical controls Partner closely with Infrastructure on architecture, network changes, cloud services, and new tools Continuously assess risk, identify gaps, and implement practical security improvements Partner with Quality to ensure compliance with industry standard regulations Set a positive example through high standards and professional conduct. Continuously monitor emerging cybersecurity threats, regulatory changes, and industry best practices to keep organizational security strategies current and effective. Other duties as assigned. Minimum Requirements: Bachelor's degree in Computer Science, Information Systems or related field. 3+ years of experience in cybersecurity related positions Willingness to travel to lab locations as needed to provide on-site IT support. Preferred Qualifications: Certifications: CompTIA Security+, CompTIA CySA+, GSEC, CompTIA PenTest+, CCSP, CISSP, CISM Knowledge of advanced persistent threats (APTs) and their tactics, techniques, and procedures (TTPs) Fundamental understanding of Windows, Mac OSX, and Linux operating systems Fundamental understanding of OSI model, basic networking and troubleshooting concepts Experience with programming or scripting, including PowerShell, Bash, Python, Yara, and Perl Experience in managing SSO/IAM, email security, phishing and user awareness training Experience in EDR platforms Experience with cloud deployments such as Azure, AWS or similar platforms Experience working with distributed teams and other cross functional stakeholders Familiarity with commercial solutions for logging and security event management, including SIEM or SOAR platforms Familiarity with vulnerability management and IDS/IPS Demonstrated intermediate experience with security incident detection, response frameworks, and established incident handling procedures Understanding and knowledge of various log formats from a variety of network and computer devices Knowledge of Cyber risks and threats related to Cyber attackers Knowledge of recent Cyber events and interpreting kill chain process and threat impacts Presentation, analytical, and critical-thinking skills Ability to manage competing priorities and workload WORKING CONDITIONS AND PHYSICAL REQUIREMENTS The physical demands and working conditions described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Physical Requirements: While performing the duties of this job, the employee is regularly required to use hands to finger, handle, or feel objects, tools; talk or hear. The employee is occasionally required to stand, walk, and sit. The employee must occassionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include color vision and depth perception. Working Conditions: Home internet acceptable for remote computer work. The noise level in the work environment is usually moderate. This job may require travel less than 20% As a privately held third-party testing company, Microbac operates with a commitment to safety, quality, and compliance. Our diverse work portfolio includes broad accreditation offerings and tested insights across the environmental, food and life science markets. OTHER: This is not an exhaustive list of all duties an employee may be required to perform. Microbac reserves the right to revise the job description at any time. Employment is at-will. Microbac, promotes a drug-free, alcohol-free workplace. Applicants considered for hire must pass a drug test before beginning work. Refusal to submit to testing will result in disqualification of further employment consideration. Microbac is an Equal Opportunity Employer - We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. All qualified applicants will receive consideration for employment.

Artech Information Systems is the #1 Largest Women-Owned IT Staffing Company in the U.S. and an employer of choice for over 7,200 consultants. We recruit world-class talent for IT, engineering, and other professional jobs at 70+ Fortune and Global 500 companies coast-to-coast across the U.S., India, and China. We are one of the fastest-growing companies in the US and we welcome you to search the thousands of jobs in our cutting-edge GEM system for employment opportunities that fit your qualifications. Job Title: Security Analyst Location: Pittsburgh, PA/ Lake Mary, FL / Nashville, TN Duration: 12 months contract with possible extension/ conversion FTE Job Description: Client is looking for a talented and self-motivated individual with strong technical skills and the ability to rapidly learn new technologies. We are looking for an exceptional candidate that shares our passion for delivering solutions to complex security problems, while maximizing productivity and minimizing employee friction. The candidate will contribute to IAMO Transformation program by aiding in the configuration and implementation of the new SailPoint LCM product. The candidate will perform business critical analysis to help with the implementation of application access requests and workflows across IAM. This role will support access provisioning, remediation for audit findings, workflow creation and modifications, and ensuring revocations and certifications are completed within the guidelines established by Corporate Policy. This position is critical to ensure Service Level Objectives and Internal project deadlines are met. The candidate will require increased technical and analytical skillsets and provide Sailpoint Product Support with a focus on: • Experience with designing, developing, testing, implementing, and integrating IGA solutions involving SailPoint Identity Now (IIQ). • Experience in SailPoint Identity IQ implementation and configuration for application on-boarding for access request and approval and access certifications o Configuration of simple and advanced LCM workflows within SailPoint o Creating and managing workgroups in SailPoint o Configuration and management of most common direct connectors (i.e. Active Directory, LDAP, Mainframe, etc.) o Creation of preventative and detective Segregation of Duty rules o Experience with role-based access controls and configuring automate provisioning and deprovisioning. • Train and mentor other team members on the use of the SailPoint Identity Now platform. • Experience with identity lifecycle flows including leaver, joiner, and mover. • Experience with consultative and complex technical deployment projects, managing various stakeholder relationships. • Strong knowledge and experience with incident/problem management processes. • Possess critical thinking skills. • Strong functional knowledge of MS Office Suite software products, Jira, and Confluence. • Strong communications skills, oral and written. • Ability to collaborate and interact productively with team members and key stakeholders. • Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner. • Ability to effectively influence and convince others to make appropriate changes in their priorities and behaviors for the benefit of the organization. • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business. • Ensures integration end state protects information resources against unauthorized use, inappropriate degrees of access, disclosure, damage and/or loss. • Design and code rules, applications, workflows, custom tasks, custom connectors, UI pages and custom reports in SailPoint Identity Now. • Develop working relationship with IT engineering resources to drive solution features adoption. • Develop control adoption templates for IT resources to understand and implement connections required for the SailPoint Identity Now service. • Review SailPoint IGA to ensure the solution is optimized for the highest level of service and establish an ongoing practice to perform periodic reviews. • Interpret policies and standards with InfoSec, Risk and Compliance teams, ensuring policies and standards are properly followed by IAM control solutions. • Design and maintain flowchart diagrams, process workflows and standard documentation required to sustain the SailPoint platform. • Promote security policies, standards, and best practices across the organization. • Supports and resolves system incidents, problems, and changes. Qualifications 5 years of Sailpoint experience -Will consider experience over degree -Locations: Pittsburgh, Lake Mary or Nashville -2000+ applications to be migrated into sailpoint -Configure workflows -Create/manage work groups -Create duty rules -Invisio, Confluence, Jira, Excel Additional Information All your information will be kept confidential according to EEO guidelines.

Techstra Solutions is seeking an experienced and dedicated Senior Cloud Security Engineer to join our team. This role is crucial for ensuring the security and compliance of our cloud infrastructure in a highly regulated financial environment. The ideal candidate will have a strong background in cloud security, a deep understanding of regulatory requirements, and the ability to design, implement, and maintain secure cloud solutions. Primary Success Factors · Design, develop, and deploy scalable cloud-based security solutions to protect sensitive financial data and ensure compliance with industry regulations. · Perform comprehensive vulnerability testing, risk analyses, and security assessments to identify and mitigate potential threats. · Develop and coordinate robust cloud security procedures · Monitor for and respond to security incidents in the cloud environment, utilizing advanced security tools and techniques. · Collaborate with IT and development teams to ensure cloud solutions are securely integrated with existing software and infrastructure, following best practices and security standards. · Keep abreast of the latest security issues, regulatory changes, and industry trends to proactively address emerging threats. · Assist with the design of security training and awareness programs to educate staff about cloud security risks and responsibilities, fostering a culture of security within the organization. · Regularly report on the status of cloud security, including any breaches or vulnerabilities, to senior management and stakeholders. · Work with third-party vendors to ensure that security requirements are met and maintain strong relationships with external security partners. · Maintain compliance with all relevant security and privacy laws and regulations, including PCI-DSS, GDPR, SOX, and other industry-specific standards Required Experience · Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Specific experience will be considered in lieu of a degree. · Minimum of 7 years of experience · Relevant certifications in Cyber Security, with Cloud specific certifications a plus. · Proven experience in cloud security engineering, preferably in a financial institution, with a track record of successfully implementing secure cloud solutions. · Strong knowledge of cloud platforms and cloud security best practices, including identity and access management, encryption, and network security. · Experience with regulatory compliance frameworks such as PCI-DSS, GDPR, and SOX, and the ability to navigate complex regulatory environments. · Excellent problem-solving skills and the ability to work under pressure, with a proactive and detail-oriented approach to security. · Strong communication and collaboration skills, with the ability to effectively convey complex security concepts to both technical and non-technical audiences. · Experience with DevSecOps practices and tools, including continuous integration and continuous deployment (CI/CD) pipelines. · Knowledge of infrastructure as code (IaC) and automation tools, such as Terraform, Ansible, or CloudFormation. · Familiarity with security monitoring and incident response tools, such as SIEM, IDS/IPS, and EDR solutions. · Ability to deliver with minimal management oversight Location: This position is based in Pittsburgh, PA and required to be on site (Hybrid) This is a full-time W2 Salaried position. Applicants must be legally authorized to work in the United States now and in the future without the need for sponsorship. At Techstra Solutions, we help top companies and brands achieve the business value of Digital and Talent Transformation. We believe there are three components in successful business transformation: Business Strategy, Technology and Talent. It is the coming together of these three disciplines that enables companies to take full advantage of opportunities. It differentiates us. Our approach is holistic and all-encompassing. We consider the full picture as we guide our clients on this journey. We are experts in transformation, business strategy, technology, innovation, and human capital management. We deliver our expertise through client consulting, innovative staffing solutions and software development. From strategy through implementation, we are dedicated to bringing our clients world-class business and talent solutions that fit strategic requirements and most importantly, deliver results. Equal Employment Opportunity Statement Techstra Solutions is an equal opportunity employer. The Company makes its decisions on merit, and its policy of equal opportunity prohibits discrimination in all phases of the employment process, including, but not limited to, recruitment, hiring, promotion, selection, transfer, demotion, layoff, termination, compensation, benefits, and other terms and conditions of employment. The policy of equal opportunity applies without regard to race, color, creed, religion, gender,, sexual orientation, gender identification, pregnancy, marital status, national origin, ancestry, age, disability that can reasonably be accommodated without undue hardship, military status, veteran status, genetic predisposition or carrier status, alienage or citizenship, domestic partnership status, arrest or conviction record, status as a victim of domestic violence, or any other protected categories under federal, state, or local law. The Company also prohibits discrimination or harassment based upon the perception that a person has, or is associated with a person who has, any of these characteristics.

The Systems Engineer position is responsible for providing full cycle implementation and support of customer systems, while working across multiple company departments to ensure full client satisfaction. Under the direction of a manager or dispatcher, coordinates the design and maintenance of all access control, intrusion, and video surveillance systems. Incumbent receives and evaluates work orders and requests, investigates requests and troubleshoots problems where appropriate, establishes priorities and coordinates with contractors, when required. Requirements Essential functions and responsibilities: Assists with security systems integration, mapping and software updates and helps train personnel in the use of these systems. Assists on new projects in both existing areas and new construction helping with security assessments, vendor selection, technology upgrades, product selections, testing, field verification of systems and inspection of work in progress for compliance with standards Assess work sites, conditions, and logistics for each project; Develop Method of Procedure based on pre-project assessment. Design, develop and provide documentation of systems, configurations, and other pertinent information for the customer. Communicate with clients to resolve issues in a professional and confidential manner; Develop and execute client specific solutions. Manage the allocation of project resources, including software, hardware, tools, and related items specific to each customer and/or project. Direct the work responsibilities of union labor personnel based on specific project needs. Design and oversee training programs for new and existing customers; Determine which customers receive training. Collaborate with Customer Relationship Managers on demonstrations for new and potential clients. Perform installation, configuration, programming, and final commissioning of customer systems. Work collaboratively with installation, project management and engineering teams. Perform infrastructure services, including pulling cables, installing wall, and ceiling cabling, and installing surface mounted devices, as required. Perform system wiring and terminations services, as required. Deliver on-going remote and on-site technical support for existing customers and systems. Additional responsibilities may be required as necessary, including but not limited to: Provide internal support for basic trouble shooting. Organizes and manage parts stock and tools. Perform other duties as needed. Success factors/job competencies: Effectively communicate both in writing and verbally Work independently and prioritize multiple tasks and adapt to needed change Analysis Mechanical aptitude Comprehend technical language and read and interpret blueprints, wiring diagrams, and schematics Safety orientation Customer Focus Attention to Detail Teamwork/Collaboration Stay abreast of changes in security technology Physical demands and work environment: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Individual will be required to travel to customer sites as needed. While performing the duties of this job, the employee is occasionally exposed to moving mechanical parts. The employee is occasionally exposed to outside weather conditions and risk of electrical shock. Individual will regularly be required to lift, push, pull, and carry up to 50 pounds, and occasionally up to 75 pounds. Incumbent will be required to use a computer with keyboard, telephone, or handheld mobile device for extended periods of time, and office machinery as needed. Incumbent must be able to read, see, hear, and speak. Workdays and Shifts: Position works Monday-Friday, daylight hours, and additional time as needed to complete work. Education/Certification(s)/License(s) required: Bachelor's Degree in Electronics, Information Technology or related field, or equivalent experience. May be required to participate in safety trainings and/or certifications provided by the Company or customers. Valid driver's license, as employee will be required to travel to local and overnight client sites as needed. Manufacturer specific certifications, as required. Responsible to maintain active certifications and obtain new and updated certifications as required by the Company. Experience/Other required: Position requires two (2) to three (3) years of relevant experience in the electronic services. Strong knowledge of Microsoft Office. Strong computer skills with advanced software aptitude. Security systems to include, service and maintenance across a broad spectrum of access control, intrusion and video surveillance systems such as, Genetec, Milestone, Bosch, and DMP. Applicants must be currently authorized to work in the United States on a full-time basis. Visa sponsorship is not available for this position. This is a full-time, in-person position, and candidates must be able to work from our office located in Pittsburgh, Pennsylvania.

At Everon, we truly believe that our people are the difference - for our organization, the customers we serve and the communities we protect. When you're a part of Everon, you'll have the opportunity to be a part of that difference every day. With more than 100 locations, a deep national presence, and comprehensive portfolio of solutions and services, our employees are always poised for career advancement and growth. For more information, visit *********************** or follow us on LinkedIn. (************************************************** **_Position Summary:_** The Commercial Sales Consultant is a sales representative that specializes in growing customer verticals within commercial intrusion, fire, access control, surveillance products and services. This individual will work within an assigned territory to provide a consultative, integrated solution to potential and existing commercial customers. **_Essential Duties:_** + Create new market share through prospecting and developing a new customer base. + Strengthen existing customer partnerships within commercial accounts. + Cultivate new leads through referrals, company provided leads, networking groups and cold- calling. + Efficiently manage territory resources to maximize daily production and customer relationships + Provide security consultations to customers that include design, scope of work, theory of operation and solution integration. + Promote and cross sell all Everon products and services. + Collaborate with product and manufacturing representatives and operational counterparts. **_Minimum Qualifications:_** + College Degree preferred, must have High School Diploma or GED. + Minimum of 2 years of experience in B2B sales representative, preferably in the security, telecom or technology industry. + Proficient in system design applications, bidding tools, customer management, Microsoft, etc. + Experience with integrated video surveillance, access control, and fire preferred. + Ability to read and interpret applicable documents, materials, policies, procedures, etc. as presented in English **_Skills & Competencies:_** + Expert in customer relationships, conflict resolution, negotiation, and customer service. + Excellent communication and presentation skills with the ability to present to executives. + Proven ability to generate leads + Strong Negotiation Skills + Business Acumen + Functional/Technical Skills + Results driven + Team Oriented + Problem Solving + Forward Thinker **_Other:_** + Must have valid driver's license issued by the State in which they reside. **_Rewards and Benefits:_** + Competitive compensation packages - Base + Uncapped Commissions, Bonuses. + Mileage and Cell Phone Reimbursement. + Medical, Dental, Vision, and Supplementary Insurance Plans + 401k Match + Tuition Reimbursement, Corporate Discounts, Flexible Spending Accounts. + Paid Holidays. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights (**************************** notice from the Department of Labor.

* Bachelor Degree in Computer Science, Information Systems, Information Security or Networking, or equivalent work experience required; Master Degree preferred * Minimum of 5 years of practical experience in leading development and implementation of at least two information technology disciplines Azure or other Cloud environment, including technical architecture, network management, application development, middleware, database management or operations required * Advanced, specialized technical skills in Security Technologies, including IAM, PAM required * Experience with implementing and configuring Identity Security tools required * Demonstrated ability to estimate the financial impact of architecture alternatives; to apply solutions to business problems; and, to quickly comprehend the functions and capabilities of new technologies required * Functional knowledge of cloud environments such as Azure, Office 365, AWS and related security tools such as Security Center, Sentinel or similar tools required * Extensive experience with Delinea, SailPoint, Active Directory and CrowdStrike technologies and Just-in-Time access methods * Experience applying best practices to management and best practices for privileged accounts and privileged entitlements * Experience applying best practices to service account management * Experience applying best practice methodologies to securing cloud environments, such as Cloud Security Alliance, NIST required MAJOR DUTIES: * Design, develop, test and implement solutions to problems involving multiple technologies utilizing advanced specialized technical skills in the context of defined Reference Architectures * May establish and administer standards and conventions in relevant technologies * Stand up Microsoft Servers and other Security products * Develop system documentation to convey designs and develop support documentation as appropriate * Keep abreast of advances and developing trends and standards in technology * Upgrade and patch security Equipment * Develop interfaces from Corporate/Cloud servers to IAM/PAM technologies * Assist in the identification, response, investigation, and remediation of potential breaches of and issues surrounding data security * Consult and assist internal IT staff in proving out concepts to support migration of existing on-premises applications and infrastructure to Azure hybrid PaaS/IaaS deployment * Assist in implementing CIS Controls for hardware and Software environments * Ensure deliverables relative to project needs * Apply best practice methodologies to securing the company's cloud environments and applications * Review technical designs and specification for adherence to standards * Conduct third party Vendor Security Reviews as needed * Participate in task estimation and planning HOURS/LOCATION: * 8:30 a.m. - 5:00 p.m. (Overtime as required) * Warrendale location (Hybrid schedule) * Work at downtown location when required EXPLANATORY COMMENTS: * Good communication and interpersonal skills * Good decision making and problem solving skills * Good analytical skills with attention to detail and accuracy * Ability to work on multiple projects simultaneously * Ability to work effectively both individually and as a member of a project team

Come join our family! Microbac Laboratories is an essential business offering competitive pay and benefits including medical, dental, vision, life insurance, disability, generous paid time off including vacation, holidays and flex-time, a wellness program, referral bonus, tuition reimbursement and more! Whether you are just starting your career in science or looking to further it, Microbac will put you on the path of an exciting career with room to grow. Quality, safety, giving back to our communities, diversity and inclusion, customer success and employee wellbeing are part of our core culture. We are looking for motivated individuals to join our family as a Cybersecurity Engineer. ABOUT MICROBAC Microbac Laboratories, Inc. is a premier commercial laboratory testing firm that partners with clients worldwide, offering laboratory solutions to the life science, food and nutrition, and environmental industries and serves our clients with the utmost expertise and respect for their market requirements, constraints, and challenges. We embody a company-wide commitment to exceptional customer experience, which has been refined over nearly 50 years of trusted, analytical and measurement experience. Through our network of laboratories, offices, and field services, we have the flexibility to meet the unique requirements for each client, project, and scope. As a privately held third-party testing company, Microbac operates with a commitment to safety, quality, and compliance. Our diverse work portfolio includes broad accreditation offerings and tested insights across the environmental, food and nutrition and life science markets. JOB SUMMARY We are seeking a hands-on Cybersecurity Engineer to own day-to-day security operations and incident response across our network of 30+ laboratories. This role is execution-focused and ideal for a candidate who enjoys working in lean environments, partnering closely with Infrastructure and Quality teams, and directly configuring and operating security controls. You will serve as the primary escalation point for security incidents while helping mature the organization's security posture as the business grows. Essential Functions: * Own daily cybersecurity operations, monitoring alerts and responding to incidents * Act as the primary escalation point for security events * Lead incident response from detection through remediation and root cause analysis * Configure and maintain security controls across business platforms * Manage identity, access controls, MFA, Conditional Access, and privileged access models * Perform hands-on investigations * Develop, test, and maintain incident response playbooks and escalation paths * Create security policies and translate them into enforceable technical controls * Partner closely with Infrastructure on architecture, network changes, cloud services, and new tools * Continuously assess risk, identify gaps, and implement practical security improvements * Partner with Quality to ensure compliance with industry standard regulations * Set a positive example through high standards and professional conduct. * Continuously monitor emerging cybersecurity threats, regulatory changes, and industry best practices to keep organizational security strategies current and effective. * Other duties as assigned. Minimum Requirements: * Bachelor's degree in Computer Science, Information Systems or related field. * 3+ years of experience in cybersecurity related positions * Willingness to travel to lab locations as needed to provide on-site IT support. Preferred Qualifications: * Certifications: CompTIA Security+, CompTIA CySA+, GSEC, CompTIA PenTest+, CCSP, CISSP, CISM * Knowledge of advanced persistent threats (APTs) and their tactics, techniques, and procedures (TTPs) * Fundamental understanding of Windows, Mac OSX, and Linux operating systems * Fundamental understanding of OSI model, basic networking and troubleshooting concepts * Experience with programming or scripting, including PowerShell, Bash, Python, Yara, and Perl * Experience in managing SSO/IAM, email security, phishing and user awareness training * Experience in EDR platforms * Experience with cloud deployments such as Azure, AWS or similar platforms * Experience working with distributed teams and other cross functional stakeholders * Familiarity with commercial solutions for logging and security event management, including SIEM or SOAR platforms * Familiarity with vulnerability management and IDS/IPS * Demonstrated intermediate experience with security incident detection, response frameworks, and established incident handling procedures Understanding and knowledge of various log formats from a variety of network and computer devices * Knowledge of Cyber risks and threats related to Cyber attackers * Knowledge of recent Cyber events and interpreting kill chain process and threat impacts * Presentation, analytical, and critical-thinking skills * Ability to manage competing priorities and workload WORKING CONDITIONS AND PHYSICAL REQUIREMENTS The physical demands and working conditions described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Physical Requirements: * While performing the duties of this job, the employee is regularly required to use hands to finger, handle, or feel objects, tools; talk or hear. The employee is occasionally required to stand, walk, and sit. * The employee must occassionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include color vision and depth perception. Working Conditions: * Home internet acceptable for remote computer work. * The noise level in the work environment is usually moderate. * This job may require travel less than 20% As a privately held third-party testing company, Microbac operates with a commitment to safety, quality, and compliance. Our diverse work portfolio includes broad accreditation offerings and tested insights across the environmental, food and life science markets. OTHER: This is not an exhaustive list of all duties an employee may be required to perform. Microbac reserves the right to revise the job description at any time. Employment is at-will. Microbac, promotes a drug-free, alcohol-free workplace. Applicants considered for hire must pass a drug test before beginning work. Refusal to submit to testing will result in disqualification of further employment consideration. Microbac is an Equal Opportunity Employer - We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. All qualified applicants will receive consideration for employment.