Security engineer jobs in Santee, CA

General Atomics (GA), and its affiliated companies, is one of the world's leading resources for high-technology systems development ranging from the nuclear fuel cycle to remotely piloted aircraft, airborne sensors, and advanced electric, electronic, wireless and laser technologies. We have an exciting opportunity for an Information Systems Security Manager to join our Classified Computing team located in Poway, CA. This position reports to the Director of Classified IT Systems. With general direction, this position is responsible for leading the design, development and implementation of information assurance programs and related procedures. **DUTIES AND RESPONSIBILITIES:** + Leads the design, development, and implementation of information security programs, procedures and systems for classified enclaves. + Ensures system compliance with the authoritative US Government requirements including (but not limited to): ICD503, JSIG, DISA STIGS, DD254, SCGs, etc. + Maintain authorization of classified systems/circuits via the continuous monitoring process to keep it in good standing with governing authorities. + Ensures vulnerability scanners and host-based security tools/suites are deployed and monitored in accordance with US Government regulations. + Assesses and mitigates system security threats and risks. + Oversees the patch management process. + Oversees and executes the self-inspection process. + Oversees audits of information technology systems; ensures periodic self-inspections are conducted. + Plans, designs and develops strategic initiatives to ensure secure operation and requirements are met. Represents the organization as a primary contact with internal and external representatives. + Develops information security curriculum and course contents and implements training. + Functions in a leadership role by providing direction to support and professional staff. + Responsible for observing all laws, regulations and other applicable obligations wherever and whenever business is conducted on behalf of the Company. + Expected to work in a safe manner in accordance with established operating procedures and practices. + Performs additional duties as assigned. We recognize and appreciate the value and contributions of individuals with diverse backgrounds and experiences and welcome all qualified individuals to apply. 51859 **Job Qualifications:** + Typically requires a bachelor's degree in a related discipline, Information Assurance certification and five or more years of professional experience in information assurance or a related field. Equivalent professional experience may be substituted in lieu of education. + Must possess an active IC/DoD Top Secret (TS) Clearance with the ability to obtain and maintain access to Sensitive Compartmented Information (SCI) and Special Access Information (SAP), and willingness to undergo CI polygraph. + Must have a current (favorably adjudicated) polygraph examination or be willing to undergo a polygraph examination with favorable adjudication. + Must demonstrate in-depth knowledge of NIST 800-53 (Risk Management Framework), JSIG, DAAPM, and other related information assurance principles, theories, concepts and techniques. + Experience with Microsoft Active Directory, networking/routing principles, multi-factor authentication, host-based security systems, and Nessus. + Experience with system assessment/hardening tools - DISA STIGs, SCAP, Nessus, etc. + Must demonstrate a broad understanding of information assurance principles, theories, concepts and techniques. + Must have experience organizing, planning, scheduling, conducting, and leading work assignments to meet project milestones or established completion dates. + Must possess the ability to understand new concepts quickly and apply them in an evolving environment while contributing to the development of new processes. + Must be customer focused and possess: + The ability to identify issues, analyze data and develop solutions to a variety of highly complex technical and administrative problems. + DoD 8570 IAM Level III certification required (e.g. CISSP, CISM or GSLC). + Experience with Sensitive Compartmented Information is required. + Experience with Special Access Programs is desired. + Experience with multiple Government information security policies and regulations: e.g. Risk Management Framework (RMF), ICD-503, JSIG, and NIST 800 series special publications. + Excellent analytical, verbal and written communication skills to accurately document, report, and present findings. + Excellent interpersonal skills enabling an effective interface with other professionals. Ability to work independently or in a team environment is essential as is the ability to work extended hours as required. **Salary:** $112,320 - $205,058 **Travel Percentage Required** 0 - 25 **Relocation Assistance Provided** Not Provided **US Citizenship Required?** Yes **Clearance Required?** Yes **Clearance Level** Management **Workstyle** Onsite General Atomics is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity/Affirmative Action Employer and will consider all qualified applicants for employment without regard to race, color, religion, religious creed, ancestry, gender, pregnancy, sex, sexual orientation, transitioning status, gender identity, gender expression, national origin, age, genetic information, military and veteran status, marital status, medical condition, mental disability, physical disability, or any other basis protected by local, state, or federal law. EEO is the law. We also prohibit compensation discrimination under all applicable laws. To learn more visit ************************************************* Notices.pdf. U.S. Citizenship is required for certain positions.

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500 . Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone. Job Description **PLEASE NOTE**: This role requires a minimum of 2 days per week in our San Diego, CA ServiceNow Office. Please do not apply if you cannot meet this requirement. Thank you The ServiceNow Security Organization (SSO): The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact Team: Product Security is Shifting Everywhere and holistically improving the maturity of the security program. The Secure Software Development Lifecycle (SSDL) team helps the organization measure and improve security activities. The team leads product threat modeling, helps to improve security behaviors, and manages a highly visible security champions program. The team is both highly technical and strategic. Role: As a Staff Product Security Engineer on the ServiceNow SSDL team, you will collaborate with developers and software architects on highly technical solutions and help the organization build secure and resilient software. You will be threat modeling software products and services to identify potential risk and participate in architectural reviews of products in development. A key part of this position is to ensure the continued success of a large and growing security champions program. You will help mentor security champions and assist them in secure software design. As a Staff Product Security Engineer, you will help security champions be successful. What you get to do in this role: Work on a wide range of technologies Work on complex architectural and technical challenges Participate in threat modeling activities Mentor and collaborate with development teams to adopt secure coding practices Work on strategic and highly visible security activities across the organization Be an advocate for security and participate in a security champions program Qualifications To be successful in this role, we need someone who has: Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI's potential impact on the function or industry. 2+ years of experience in software development 8+ years of experience in software security (AppSec) 2+ years of experience in threat modeling software applications and services Proficient in threat modeling methodologies such as STRIDE or PASTA and their applied use in fast-moving, iterative development lifecycles In-depth knowledge of common web application vulnerabilities (OWASP Top 10) Developer-level proficiency in one or more languages - Python, Java, JavaScript, and Golang preferred Working knowledge of Machine Learning and taxonomies such as BIML that categorize known attacks on machine learning models In-depth knowledge of software design patterns and their security considerations In-depth knowledge of authentication and authorization standards including OAuth, OIDC, SAML, JWT, and PASETO Knowledge of symmetric and asymmetric cryptography, digital signatures, PKI, TLS, and cryptographic hash functions Knowledge of cloud native technologies including containers, Kubernetes, and services provided by AWS, GCP, and Azure Knowledge of static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) security tools Knowledge of OWASP ASVS, SCVS, and related verification standards Ability to work collaboratively in a highly distributed team Ability to communicate technical concepts to business stakeholders A passion for security #SecurityJobs For positions in this location, we offer a base pay of: $155,800 to $272,700 plus equity (when applicable), variable/incentive compensation and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the base pay shown is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location. We also offer health plans, including flexible spending accounts, a 401(k) Plan with company match, ESPP, matching donations, a flexible time away plan and family leave programs. Compensation is based on the geographic location in which the role is located and is subject to change based on work location. Additional Information Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service. Equal Opportunity Employer ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. Accommodations We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance. Export Control Regulations For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.

We are seeking a talented Detection Engineer to join our Security Incident Response Team (SIRT) and help us protect our organization from cyber threats. The ideal candidate will have a deep understanding of security detection techniques and be able to design, implement, and maintain detection controls that detect and respond to security incidents. As a member of our SIRT, you will work closely with other engineers to identify and mitigate threats, shape detection strategy, and provide guidance on the design and implementation of security controls. **Responsibilities** + Develop and maintain detection controls to monitor and detect security events that threaten the confidentiality, integrity, and availability of our organization's data and systems + Analyze telemetry data from diverse sources to detect known and unknown security incidents using various security tools, such as SIEM (Splunk), EDR (Crowdstrike Falcon), CSPM (Wiz) and network traffic analysis + Engage with threat hunting, event analysis and incident response squads to identify threats and vulnerabilities seen internally + Build and implement security automation workflows using SOAR tools to streamline and enhance SIRT analysis and incident resolution. + Proactively research, identify, and understand the latest security threats and emerging trends, including their potential impact on our organization + Collaborate with other engineers to design, implement, and maintain security controls based on security standards, best practices, policies, and regulatory requirements + Provide guidance to enhance the creation, documentation, implementation, and adherence of security policies and procedures + Participate in security incident response activities and help develop mitigation and remediation strategies + Communicate security results and findings to technical audiences and management stakeholders through detailed analysis, briefings, and reports _Intuit provides a competitive compensation package with a strong pay for performance rewards approach. The expected base pay range for this position is:_ Bay Area California $206,000 - $278,500 San Diego Area California $187,000 - $252,500 _This position will be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs (see more about our compensation and benefits at Intuit : Careers | Benefits (************************************************************** _)._ _Pay offered is based on factors such as job-related knowledge, skills, experience, and work location. To drive ongoing pay equity for employees, Intuit conducts regular comparisons across categories of ethnicity and gender._ **Qualifications** + BS/MS in Computer Science or related field or equivalent relevant experience. Experience in Cybersecurity and/or Identity and Access Management is strongly desired. + 7+ years of professional experience on/leading policy or analytics teams in a compliance, security, risk, or financial fraud environment + Developer experience in Python or comparable language preferred + Expert in producing user-friendly data visualizations and adept at communicating with data + Demonstrated project management skills for planning/driving tasks across organizations while keeping initiatives on track to achieve desired outcomes + Ability to understand and demonstrate empathy for opposing points of view on highly complex issues + Excellent written and verbal communication skills; ability to succinctly communicate technical and business requirements, business cases and other findings across organizational levels + Proven ability to use productivity/collaboration tools such as MS Office, Google Suite, and Slack If you have a passion for cybersecurity and a proven track record in security detection and incident response, we invite you to apply for this role. Join our SIRT team and help us protect our organization and customers from cyber threats. Intuit provides a competitive compensation package with a strong pay for performance rewards approach. This position will be eligible for a cash bonus, equity rewards and benefits, in accordance with our applicable plans and programs (see more about our compensation and benefits at Intuit : Careers | Benefits (************************************************************* ). Pay offered is based on factors such as job-related knowledge, skills, experience, and work location. To drive ongoing fair pay for employees, Intuit conducts regular comparisons across categories of ethnicity and gender. The expected base pay range for this position is: EOE AA M/F/Vet/Disability. Intuit will consider for employment qualified applicants with criminal histories in a manner consistent with requirements of local law.

Our Deloitte Cyber team understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful solutions to help our clients navigate the ever-changing threat landscape. Through powerful solutions and managed services that simplify complexity, we enable our clients to operate with resilience, grow with confidence, and proactively manage to secure success. Recruiting for this role ends on 12/31/25 The team Our Cyber Defense & Resilience offering assists clients in defending against advanced threats by transforming security operations, monitoring technology, data analytics, and threat intelligence. Helps manage and protect dynamic attack surfaces and provides rapid crisis and cyber incident response, ensuring clients can be ready for, respond to, and recover from business disruptions. Work You'll Do + Lead the design and deployment of Next-Generation SOC platforms, like Cortex XSIAM, including advanced detection rules and SOAR playbooks, and SIEM ingestion. + Integrate diverse log and telemetry sources, ensuring data quality and normalization. + Develop and optimize automated response workflows for incident containment and remediation. + Advise clients on advanced use cases, threat detection, and automation strategies. + Collaborate with cross-functional teams for solution enhancements and threat intelligence integration. + Present technical findings and recommendations to stakeholders. Required Qualifications + BA/BS degree in a technical field (e.g., Computer Science, Cyber Security) + 4-6 years of progressively responsible experience in cloud, network, or identity security domains, demonstrating increasing levels of responsibility, technical depth, and leadership over time + 3-4 years of experience with Security Operations tools and platforms including Cortex XSIAM, Cortex XDR, Splunk, or similar SIEM technologies + 3-4 years of Security Operations Center experience demonstrating expertise in detection engineering, automation and playbook development, or SOC maturity methodologies + 3-4 years of experience with one or more cloud service providers (AWS, GCP, Azure) and native security tools + 3-4 years of experience with management of log sources, data normalization, ingestion and manipulation of data + 3-4 years of experience working with detection and response platforms (EDR) like Microsoft Defender, Cortex XDR, CrowdStrike + 3-4 years of experience with governance, risk, or compliance initiatives involving common frameworks + Certifications including Palo Alto Networks' PCNSE or Certified Cybersecurity Associate or equivalent and/or similar cybersecurity certifications + Ability to travel up to 50%, on average, based on the work you perform and the clients and industries/sectors you serve. + Limited immigration sponsorship may be available Preferred Qualifications + Experience with Palo Alto Networks' platform of solutions including, but not limited to, next-generation firewalls, Cortex & Prisma Cloud, and Prisma Access, XDR, etc. + Strong understanding of vendor competitive analysis within Security Operations (e.g., competitive differences between competing SIEM solutions) + Proficiency with advanced scripting, playbook development within a SIEM, SOAR or Security platform + Basic proficiency with network routing protocols (e.g., BGP, ECMP) and network architecture concepts (e.g., network segmentation), in support of on-premise and secure cloud infrastructure use cases + Ability to communicate and advise on solution design based on client use-cases, requirements, or other success criteria + Previous consulting or "Big 4" experience + Relevant advanced cybersecurity or related network engineering certifications (e.g., CISSP, CEH, CCSP) Information for applicants with a need for accommodation: ************************************************************************************************************ The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $102,500 - $188,900. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

About us One team. Global challenges. Infinite opportunities. At Viasat, we're on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We're looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team. What you'll do We're excited to announce a fantastic opportunity for a Cyber Security professional to join our growing team! Join our Cyber Security Risk Management team and be ready to change the way risks are identified, analyzed and reported. In this role, you'll be instrumental in implementing a risk management process which is fully aligned to the organization's key business priorities, introducing state-of-the-art Cyber Risk Quantification (CRQ) tools and methodologies. You will work closely with our security engineers to enable effective and efficient use of our resources, maximizing the return on our security investment. You will coordinate with, and provide support to, our security governance and compliance team, streamlining and automating our risk identification and reporting process. Embrace the opportunity to apply your analytical and technical skills for CRQ in shaping Cyber Security Risk Management at Viasat. The day-to-day As a Cybersecurity Risk Management Engineer, you will be a key component of a team which will implement, manage and own a robust, agile and scalable Risk Management process. You will maintain and update the organization's cyber risk register, embedding CRQ frameworks and tools in the risk management process, and leveraging CRQ to track and prioritize remediation efforts. You will prepare clear, actionable reports and presentations for the CISO and senior leaders, demonstrating the value that CRQ delivers to the company. You will also build strong connections and close relationships with key stakeholders across the organization, ensuring risk management practices are embedded into projects, systems and third-party engagements. What you'll need * Bachelor's degree or higher in Cyber Security, Information Technology, Risk Management, a related field or equivalent years of experience. * 5+ years of experience in Cyber Security, Risk Analysis, IT Risk Management, or Governance, Risk and Compliance roles. * A strong understanding of Cyber Risk Management principles, Security Frameworks, and Regulatory Standards. * Experience in implementation of CRQ tools and methodologies within the organization. * Data analytics skills and experience. * Good knowledge of Information Security fundamentals, technologies, and principles. * Strong communication, collaboration, and problem-solving skills, along with an analytical mindset, and an ability to translate technical risks into business terms. * US Citizenship is required. * Must be able to obtain a United States Confidential Clearance. * Must be able to come onsite to a Viasat office location. What will help you on the job * Relevant Certifications (e.g., CRISC, CISM, CISSP). * Good understanding of the FAIR (Factorial Analysis of Information Risk) approach to measuring and managing information risk. * Hands-on experience with off-the-shelf Cyber Risk Management tools. * Practical knowledge of Bayesian statistical methods. * Familiarity with Monte Carlo simulations. * Proficiency in Jira. * Eagerness to learn new skills and be self-motivated. * Work well under pressure and under your own initiative. * Ability to work in a constantly changing and fast paced environment. * Comfortable working in a multi-stakeholder environment. #LI-BBS Salary range $129,000.00 - $204,000.00 / annually. For specific work locations within San Jose, the San Francisco Bay area and New York City metropolitan area, the base pay range for this role is $160,500.00- $240,500.00/ annually At Viasat, we consider many factors when it comes to compensation, including the scope of the position as well as your background and experience. Base pay may vary depending on job-related knowledge, skills, and experience. Additional cash or stock incentives may be provided as part of the compensation package, in addition to a range of medical, financial, and/or other benefits, dependent on the position offered. Learn more about Viasat's comprehensive benefit offerings that are focused on your holistic health and wellness at ************************************ EEO Statement Viasat is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, ancestry, physical or mental disability, medical condition, marital status, genetics, age, or veteran status or any other applicable legally protected status or characteristic. If you would like to request an accommodation on the basis of disability for completing this on-line application, please click here. * Bachelor's degree or higher in Cyber Security, Information Technology, Risk Management, a related field or equivalent years of experience. * 5+ years of experience in Cyber Security, Risk Analysis, IT Risk Management, or Governance, Risk and Compliance roles. * A strong understanding of Cyber Risk Management principles, Security Frameworks, and Regulatory Standards. * Experience in implementation of CRQ tools and methodologies within the organization. * Data analytics skills and experience. * Good knowledge of Information Security fundamentals, technologies, and principles. * Strong communication, collaboration, and problem-solving skills, along with an analytical mindset, and an ability to translate technical risks into business terms. * US Citizenship is required. * Must be able to obtain a United States Confidential Clearance. * Must be able to come onsite to a Viasat office location. As a Cybersecurity Risk Management Engineer, you will be a key component of a team which will implement, manage and own a robust, agile and scalable Risk Management process. You will maintain and update the organization's cyber risk register, embedding CRQ frameworks and tools in the risk management process, and leveraging CRQ to track and prioritize remediation efforts. You will prepare clear, actionable reports and presentations for the CISO and senior leaders, demonstrating the value that CRQ delivers to the company. You will also build strong connections and close relationships with key stakeholders across the organization, ensuring risk management practices are embedded into projects, systems and third-party engagements.

Duties and Responsibilities Maintain and operate cybersecurity technology and and provide expertise in area of focus (e.g. Risk Assessments, Controls Engineering or Incident Response). Collaborates with the business to understand their needs in order to tailor security offerings unique to their environment. Uses working knowledge of IT system functionality, architecture and capabilities to effectively diagnose and troubleshoot issues with some assistance. Conducts competitive analyses on (in-use and alternative) cyber technologies and documents recommendations for our environment. Provides awareness and guidance within Sempra Infrastructure community on secure business processes, architecture design, and technical controls. Maintains awareness of evolving cybersecurity threats and best practices for mitigation. Develops procedures and guidelines for implementing information security systems and practices. Develops and aggregates metrics to measure, monitor and report on the effectiveness of information security controls and compliance with information security policies. Performs other duties as assigned (no more than 5% of duties). Education Bachelor's degree in Computer Science or other science or technology major or equivalent experience required. Experience Minimum of 2-5 years of direct experience within the information security field required. In-depth experience in at least one cybersecurity discipline required. Experience with projects of moderately sized security related initiatives to successful completion required. Demonstrated experience in vendor selection, testing, implementation, and operations of a broad array of security technologies required. Knowledge, Skills and Abilities Familiarization with Endpoint protection software such as Trellix and Microsoft Defender. Familiarization in deploying vulnerability management agents. Experience deploying logging agents and configurations. Knowledge of firewalls and security zone. Experience working in an Operation Technology (OT), ICS / SCADA environment. Experience with SCADA network protocols. Experience with OT network monitoring tools (such as but not limited to: Dragos, Cybervision, CyberX). Ability to take initiative and work independently when needed. Ability to maintain, upgrade and recommend operational cybersecurity tools. Ability to work with Cybersecurity OT Engineering to make recommendations for new tools and capabilities. Ability to work effectively on multiple projects within a team structure and excellent written and oral communication skills. Licenses and Certifications Certified Information Systems Security Professional (CISSP) certification, Global Information Security Professional (GISP) certification, Global Information Assurance Certification (GIAC), Certified Information Systems Auditor (CISA), or Certified Internal Auditor (CIA) certificate preferred. Targeted professional cybersecurity certifications (i.e. forensics and incident response) preferred. Other Qualifications Bilingual in English/Spanish preferred.

Exemption Status:United States of America (Exempt)$110,982 - $155,376 - $199,769 “Pay scale information is not necessarily reflective of actual compensation that may be earned, nor a promise of any specific pay for any selected candidate or employee, which is always dependent on actual experience, education, qualifications, and other factors. A full review of our comprehensive pay and benefits will be discussed at the offer stage with the selected candidate.” This position is not eligible for Sponsorship. MedImpact Healthcare Systems, Inc. is looking for extraordinary people to join our team! Why join MedImpact? Because our success is dependent on you; innovative professionals with top notch skills who thrive on opportunity, high performance, and teamwork. We look for individuals who want to work on a team that cares about making a difference in the value of healthcare. At MedImpact, we deliver leading edge pharmaceutical and technology related solutions that dramatically improve the value of health care. We provide superior outcomes to those we serve through innovative products, systems, and services that provide transparency and promote choice in decision making. Our vision is to set the standard in providing solutions that optimize satisfaction, service, cost, and quality in the healthcare industry. We are the premier Pharmacy Benefits Management solution! Job Description Summary The Information Security Engineer II develops, executes, and monitors enterprise-wide information security from policy through implementation across all Security departments including SECOPS, DEVSECOPS and Threat Analytics. This position expands the duties of the Security Engineer I to include direct security support for departments in corporate subsidiaries with identified areas of need which require experienced oversight. This position is required to ensure that business information is secure from unauthorized access, protected from inappropriate alteration, and is physically secure. This “hands-on” position serves as the process owner for all ongoing security activities and is responsible for the protection of the confidentiality and integrity of client, employee, and proprietary business information in accordance with federal/state laws and regulations. Enforcement of and adherence to MedImpact's corporate policies and procedures is required by all Security team members. Essential Duties and Responsibilities include the following. Other duties may be assigned. Enforces policy and supports security procedures, applications, and systems through the documentation of the resolution of assigned cases that range from simple to complex. Recommends changes to existing security process and procedures. Ability to utilize Endpoint Threat Detection and Response/Hunting toolsets Creates requirements for product evaluations and/or procedures to enhance productivity and effectiveness. Provides direct support to the business and IT staff for security related issues. Drives the delivery of new and upgraded security applications, systems, and workflow. Tests new systems for effective operations. Leads efforts to proactively maintain and improve the automation, reliability, consistency, and the quality of existing IT security tools and environments throughout the organization. Assists in the design, deployment, integration and configuration of security solutions or enhancements to ensure functionality. Ensures the confidentiality, integrity, and availability of data residing on or transmitted to, from, or through the enterprise workstations, servers, application systems, and data repositories. Initiates, facilitates, and promotes activities to create information security awareness. Disseminates and educates users on security policies and practices. Participates in regular security awareness training and updates to ensure consistent compliance with IT Security Policies. Works cross-functionally and interacts with internal business units and stakeholders to support the business' needs. Using an automated customer case request system, tracks and documents security service requests and completed cases. Participates in daily activities and reporting required for regulatory and contractual information security obligations. Coordinates tasks that are performed within the infrastructure (system administration, network administration, application support, etc.) for security updates and initiatives. Performs analysis, design and development of security features for system architecture. Participates in security incident investigations and provides on-going communication to security management. Identifies root causes of security events and proposes solutions; closes out and documents investigations. Ensures confidentiality and appropriate personnel are involved in the investigation. Maintains up-to-date industry knowledge through formal/informal training, industry associations and research of latest technologies critical to the success of the company's information security program. Continuously works to identify and improve security solutions to defend the company against data security threats. Apprises and keeps management aware of security issues; handles and/or escalates issues appropriately. Provides guidance/training to less experienced staff. Apprises and keeps management aware of security issues; handles and/or escalates issues appropriately. Provides IT Security consultative support to internal and external clients. Manages IT Security related projects and assignments as assigned. Supervisory Responsibilities No supervisory responsibilities Client Responsibilities This is an internal and external client facing position that requires excellent customer service skills and interpersonal communication skills (listening/verbal/written). One must be able to; manage difficult or emotional client situations; Respond promptly to client needs; Solicit client feedback to improve service; Respond to requests for service and assistance from clients; Meet commitments to clients. Qualifications To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Education and/or Experience BS/BA and 8+ years' experience or equivalent combination of education and experience, and 4 years of SME in respective areas Computer Skills To perform this job successfully, an individual should have knowledge of Microsoft Office Suite. Additional expertise is required in the following: Endpoint Management Experience (BigFix, WSUS/SCCM, Symantec, Trend Micro, etc) Identity and Access Management Certificate Management Patch Management (Windows and Unix) Intrusion Detection and Prevention Security Awareness Training Mobile Device Management EDR (Endpoint detection and response) Web Content Filtering Device Encryption Vulnerability Assessment Tools Firewall and VPN Secure E-mail, Anti-SPAM Webserver applications Web API Service Security Business Continuity (Disaster Recovery) Compliance and Audit (HIPAA, HITRUST, SOC, GovRAMP and PCI a plus) OS Administration (Windows, Linux and Unix) Authentication and SSO Container Security Certificates, Licenses, Registrations Security Certification strongly preferred OWASP, ISSA, ISACA membership a plus Other Skills and Abilities Must have excellent analytical, problem solving and communication skills. Familiarity with SSAE SOC 1 and SOC 2, HITRUST, federal/state security and privacy frameworks, HIPAA, PCI and regulatory requirements for information security. Must be able to work on a team and build good working relationships with team members and internal clients. Must have good understanding of standard policies and procedures for information security. Reasoning Ability Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists. Ability to define problems, collect data, establish facts, and draw valid conclusions. Mathematical Skills Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations. Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals. Ability to compute rate, ratio, and percent and to draw and interpret bar graphs. Language Skills Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Ability to respond effectively to the most sensitive inquiries or complaints. Competencies To perform the job successfully, an individual should demonstrate the following competencies: Composure Decision Quality Organizational Agility Problem Solving Customer Focus Drive for Results Peer Relations Time Management Dealing with Ambiguity Learning on the Fly Political Savvy Physical Demands The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this Job, the employee is regularly required to sit and talk or hear. The employee is regularly required to stand; walk; use hands to finger, handle, or feel and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Work Environment The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. This position may regularly be exposed to or encounter moving mechanical parts, high, precarious places, fumes or airborne particles, toxic or caustic chemicals, outdoor weather conditions, risk of electrical shock or vibration. The noise level in the work environment is usually moderate (examples: business office with computers and printers, light traffic). Work Location This position must work on-site at the San Diego Headquarters for purposes of providing adequate support to internal clients; being available for face-to-face interactions and coordination of work with other employees, colleagues, clients, or vendors; as well as for facilitation of quick and effective decisions through collaboration with stakeholders. Remote work is not an option for these purposes. Working Hours This is an exempt level position requiring the incumbent to work the hours required to fully accomplish job responsibilities and reasonably meet deadlines for work deliverables. The individual must have the flexibility to work beyond traditional hours and be able to work nights, at weekends or on holidays as required. Work hours may be changed from time to time to meet the needs of the business. Typical core business hours are Monday through Friday from 8:00am to 5:00pm. Travel This position requires domestic travel of up to 10% of the time. The Perks: Medical / Dental / Vision / Wellness Programs Paid Time Off / Company Paid Holidays Incentive Compensation 401K with Company match Life and Disability Insurance Tuition Reimbursement Employee Referral Bonus To explore all that MedImpact has to offer, and the greatness you can bring to our teams, please submit your resume to ************************* MedImpact, is a privately-held pharmacy benefit manager (PBM) headquartered in San Diego, California. Our solutions and services positively influence healthcare outcomes and expenditures, improving the position of our clients in the market. MedImpact offers high-value solutions to payers, providers and consumers of healthcare in the U.S. and foreign markets. Equal Opportunity Employer, Male/Female/Disabilities/VeteransOSHA/ADA: To perform this job successfully, the successful candidate must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Disclaimer: The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.

Job DescriptionThe Cyber Analyst team member is responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) as well as on-premises and cloud enterprise networks. This includes analysis of device communication, forensic analysis of Windows or Linux systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, and malware identification/triage. An ideal candidate for this position will be a proactive self-starter who has experience with system administration, Windows and Linux operating systems (OS) mechanics including filesystem structures, disk and memory forensics, cyber aware Operational Technology or Control Systems operators, commonly used mechanisms for maintaining security persistence, privilege escalation, and lateral data movement, operating system log analysis, and triaging suspicious file artifacts for unusual behavior. This role requires a familiarity with what routine OS activities and common software/user behavior looks like in the context of forensic artifacts or timelines. Analysts should also be familiar with common categories and formats of host-based indicators of compromise (IOCs) and how/where they can be leveraged to identify known-bad files/activity on an endpoint. Candidate will utilize the Cyber Kill Chain and synthesize the entire attack life cycle along with creating detailed reports on how impacts may or have occurred. Responsibilities Support SOC team in operating and performing duties in a Security Operations Center (SOC) to provide a secure environment that facilitates monitoring, incident response, malware analysis, and threat hunting activities. Develop and utilize analytics on the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices. Asses Security Technical Implementation Guides (STIGs) compliance and completion. Utilize asset mapping tools to verify connected inventory. Handle Information Assurance Vulnerability Management (IVAM) notifications. Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions. Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency. Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non- technical audiences. Qualifications (Journeyman level) At least 3 years, (Junior level) applicable 1 to 2 years of experience in security operations, demonstrating analytical duties and preforming host or network security analysis. Proficient in analyzing cyber-attacks, with a deep understanding of attack classifications, stages, system/application vulnerabilities, and compliance with Department of Defense (DoD) policies and procedures. Applied knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center. Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations. Desired Skill sets Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS) Strong analytical and troubleshooting skills Able to provide expert content development in Splunk Enterprise Security using tstats and data models Understands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliances Experience in other tools and protocols as applicable such as Nessus, Endgame, CrowdStrike, Gray Noise, Shodan, Bacnet, MODBus, SCADA systems, and PCAP Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases Familiar with the operations and functions of Nessus or security center management Can assist and provide technical input to research, discover, implement hardware and software Understands importance and fundamentals of logistics and evidence handling Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or relevant IT technology certification Examples of other certifications include: o Offensive Security Certified Professional (OSCP) o GIAC Response and Industrial Defense (GRID) o CERT Certified Computer Security Incident Handler o ECC CEH (Electronic Commerce Council Certified Ethical Hacker) o GCIH (GIAC Certified Incident Handler) o GISF (GIAC Information Security Fundamentals) o CISSP (Certified Information System Security Professional) Additional certifications at an equivalent may also be considered. Powered by JazzHR qPd0DTcQVL

The Opportunity: Are you looking for an opportunity to advance your experience in information assurance and cybersecurity policy to safeguard our nation? As a systems security and network security engineer, you can identify the tools, applications, and systems needed to assess vulnerabilities and recommend the best solution and security strategy. We need your experience to develop and implement security solutions that will protect our military. On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy and risk management. You'll use your curiosity for technology and market trends to further research and develop security solutions. Using your experience in vulnerability scanning, virtualization, and cyber hardening, you'll assess security threats and implement infrastructure controls. In this role, you'll closely impact Navy missions by championing cybersecurity, discovering cyber risks, and providing support to critical mission areas. With mentoring, challenging hands-on problem-solving, and opportunities to learn new tools and skills, we focus on growing as a team to make the best solutions for our customers. Work with us as we secure and protect our military's cybersecurity posture for the better. What You'll Work On: Develop relationships quickly and easily with other teams, communicating the complexities of security with a wide variety of audiences, including senior management. Implement infrastructure and cyber security controls, including enhanced detection and vulnerability capabilities and improved event correlation in large enterprises. Perform risk and vulnerability assessments in network, system, and application areas; leverage big data analytics and traditional security event types to identify advanced threats or indicators of compromise. Join us. The world can't wait. You Have: 4+ years of experience supporting the Information Technology (IT) systems for DoD or a government agency 4+ years of experience with the Navy Risk Management Framework (RMF), including Assessment and Authorization (A&A) activities, RMF artifacts including System Security Plans (SSP), Security Assessment Plans (SAP), and Plans of Action and Milestones (POA&M), and deliverables across all steps Experience performing vulnerability analysis of networks, systems, and communications protocols Experience with operating systems, platforms, and technologies, including Windows, Linux, cloud, or virtualization Experience with eMASS, including Security Plan development and hands-on processing of packages through workflows, analyzing security policies, evaluating assessment documentation, and developing written security risks, mitigations, and recommendations Knowledge of cybersecurity compliance testing using industry standard tools, including Assured Compliance Assessment Solution (ACAS), DoD Security Technical Implementation Guides (STIG), and Evaluate-STIG Ability to devise and execute client deliverables, work independently, identify problems, devise analysis and solutions, communicate results, and lead the accomplishments of client tasks from inception to completion Secret clearance Bachelor's degree in Engineering, Computer Science, Mathematics, Cybersecurity, or Physical Science DoD 8140 Certification Nice If You Have: Experience as a Navy Qualified Validator (NQV) Experience with Navy acquisition and engineering processes Experience with Tactical Networks Experience with DevSecOps and Application Integration (AI) Experience with deploying, implementing, maintaining, and integrating cybersecurity tools and applications Experience with network engineering functions, including Windows, Linux, and virtual operating systems, security tools, platforms, and technologies, including network and web application firewalls, web proxy, intrusion prevention systems, vulnerability scanners, and penetration tools Ability to meet cyber schedule, performance, and quality metrics within the systems development lifecycle and acquisition lifecycle Ability to identify and analyze risk and opportunities at both tactical and strategic levels Top Secret clearance Master's degree Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $61,900.00 to $141,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Work Model Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely. If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility. If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Are you looking to make an impactful difference in your work, yourself, and your community? Why settle for just a job when you can land a career? At ICW Group, we are hiring team members who are ready to use their skills, curiosity, and drive to be part of our journey as we strive to transform the insurance carrier space. We're proud to be in business for over 50 years, and its change agents like yourself that will help us continue to deliver our mission to create the best insurance experience possible. Headquartered in San Diego with regional offices located throughout the United States, ICW Group has been named for ten consecutive years as a Top 50 performing P&C organization offering the stability of a large, profitable and growing company combined with a focus on all things people. It's our team members who make us an employer of choice and the vibrant company we are today. We strive to make both our internal and external communities better everyday! Learn more about why you want to be here! PURPOSE OF THE JOB The purpose of this job is to design secure architectures and develop cybersecurity approaches and techniques to evaluate the security of a system or network. This position will assist with strategic initiatives for short and long-term plans to identify and reduce the attack surface across applications and systems. The position exists to monitor and defend ICW Group's technology against potential threats that jeopardize the financial growth and security goals of the Company. ESSENTIAL DUTIES AND RESPONSIBILITIES Monitors and protects information assets across hybrid environments. Monitors data flows and access events across AWS, on-prem, and SaaS platforms using DLP, CASB, SIEM, and AWS-native tools such as Macie, GuardDuty, CloudTrail, and Security Hub. Detects and investigates data breaches, insider threats, and exfiltration attempts; leads data-centric incident response through containment, analysis, and recovery. Implements and enforces data classification, labeling, and tagging frameworks integrated with AWS S3, RDS, and enterprise file systems. Designs and manages encryption and key management solutions using AWS KMS, CloudHSM, and on-premise HSMs to secure data at rest and in transit. Collaborates with development and DevOps teams to embed data protection into CI/CD pipelines and application code, ensuring secure data handling throughout SDLC. Conducts forensic reviews and produces actionable reports, metrics, and dashboards highlighting data risks and anomalies across hybrid systems. Leads complex data protection initiatives and resolves data security risks. Leads enterprise data security projects, including AWS DLP implementation, sensitive data discovery, structured/unstructured data protection, and automated alerting. Defines and enforces data governance standards for both AWS and on-prem environments, aligning to ICW's data lifecycle management and retention requirements. Partners with database, app dev, and analytics teams to integrate encryption, tokenization, and privacy-by-design principles into application workflows. Designs and maintains role-based and attribute-based access controls (RBAC/ABAC) across AWS Identity and Access Management (IAM), Active Directory, and application layers. Collaborates with Privacy, Legal, and Compliance to operationalize data protection impact assessments (DPIAs) and retention/deletion automation. Produces executive and board-level reports detailing data protection maturity, compliance metrics, and emerging risk areas. Serves as a technical escalation point for AWS data protection incidents, third-party integrations, and complex remediation efforts. Serves as ICW's senior data security SME and technical advisor. Provides expert consulting to architecture, engineering, and product teams on AWS-native security services and hybrid data protection models. Advises leadership on emerging cloud data security trends and recommends architectures that balance scalability with compliance and risk reduction. Conducts advanced data risk assessments, privacy impact analyses, and forensic reviews to guide remediation and control design. Defines AWS-aligned compliance strategies supporting NIST CSF, NYDFS 500, GLBA, and state privacy laws. Evaluates and integrates modern data security solutions such as SASE/CASB platforms, insider risk analytics, and automated data classification tools. Mentors junior engineers and fosters a data-first security mindset across ICW's engineering organization. Partners with project management and internal teams to mature hybrid data security. Implements technical and process controls to continuously improve data protection maturity in AWS and on-prem applications. Partners with cloud engineering and on-prem development teams to design secure data pipelines, storage, and access control mechanisms. Contributes to automation and orchestration of data protection activities using AWS Lambda, EventBridge, and native integration APIs. Leads knowledge sharing on emerging AWS capabilities while ensuring backward compatibility with existing on-prem data flows. Coaches development and data engineering teams to identify and mitigate data leakage risks during application and infrastructure design. SUPERVISORY RESPONSIBILITIES This position has no supervisory responsibility but may mentor and train junior engineers. EDUCATION AND EXPERIENCE Bachelor's Degree from four-year college or university required with major or emphasis Engineering, Cybersecurity, Networking, or Computer Science related discipline. Minimum 8 years of experience working in a security engineering related role designing secure networks, systems and application architectures or equivalent combination of education and experience required. Minimum 3-5 years of experience in AWS Cloud Security services preferred. Direct experience using advanced technologies such as Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus software, Network Packet Analyzers, content filtering, Malware analysis and forensics tools to detect intrusions. Experience in cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management concepts and practices, and policy and procedure development. Experience with AWS Services such as AWS Identity & Access Management, AWS Organizations, AWS Security HuB, Guard Duty, CloudTrail, AWS CloudTrail. CERTIFICATES, LICENSES, REGISTRATIONS Certification in GSEC, CISSP, and/or Security+. AWS Certified Security - Specialty, preferred KNOWLEDGE AND SKILLS Knowledge of risk assessment tools, technologies, and methodologies. Knowledge of disaster recovery, computer forensic tools, technologies, and methods. Knowledge of enterprise security platforms. Ability to communicate network security issues to peers and management. Ability to read and use the results of mobile code, malicious code, and anti-virus software. Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention. Demonstrated experience as a lead engineer in the design, implementation and support in an enterprise IT environment. Ability to work with mathematical concepts such as probability and statistical inference. Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems. Ability to combine disparate skills and thinking to craft solutions and solve complex operational problems. Ability to hypothesize on root cause of inefficiencies and then test out probable solutions against those hypotheses. Ability to read, analyze, and interpret technical journals, financial reports, security analysis reports and other IT related documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Must be able to read, write and speak English effectively. Ability to effectively communicate/present technical information to a non-technical audience. Ability to cross train and share information with team members. PHYSICAL REQUIREMENTS Office environment - no specific or unusual physical or environmental demands and employees are regularly required to sit, walk, stand, talk, and hear. Employees are required to reach with hands and arms; stoop, kneel, crouch, or crawl. Employees must occasionally lift and/or move up to 30 pounds. Employees are required to have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time. WORK ENVIRONMENT This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment. We are currently not offering employment sponsorship for this opportunity. #LI-TM1 #LI-HYBRID The current range for this position is $121,624.81 - $217,710.99 This range is exclusive of fringe benefits and potential bonuses. If hired at ICW Group, your final base salary compensation will be determined by factors unique to each candidate, including experience, education and the location of the role and considers employees performing substantially similar work. WHY JOIN ICW GROUP? • Challenging work and the ability to make a difference • You will have a voice and feel a sense of belonging • We offer a competitive benefits package, with generous medical, dental, and vision plans as well as 401K retirement plans and company match • Bonus potential for all positions • Paid Time Off with an accrual rate of 5.23 hours per pay period (equal to 17 days per year) • 11 paid holidays throughout the calendar year • Want to continue learning? We'll support you 100% ICW Group is committed to creating a diverse environment and is proud to be an Equal Opportunity Employer. ICW Group will not discriminate against an applicant or employee on the basis of race, color, religion, national origin, ancestry, sex/gender, age, physical or mental disability, military or veteran status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other characteristic protected by applicable federal, state or local law. ___________________ Job Category IT

Join Aya Healthcare, winner of multiple Top Workplace awards! Working closely with the Platform Security team, the Senior Security Engineer role will be responsible for collaboratively maintaining, automating, and supporting all aspects of cloud infrastructure security focusing on vulnerability management, security reporting, and risk mitigation. This is a senior-level position on our Platform Security team. The ideal candidate is highly experienced with Azure architecture and design, is comfortable with all areas of Azure IaaS and PaaS including but not limited to Azure Active Directory, Identity & Access Management, Servers, Storage Accounts, DNS, SSL Certificates & Certificate Management, SQL, Application Gateways, App Services, AKS, Docker and performance metrics & tuning. The role will be responsible for managing and maintaining existing solutions as well as assisting with new solutions in both containerized and serverless workloads working with architects and engineers to develop proof of concepts and development frameworks that can be leveraged by engineering teams. This position will involve facilitating knowledge transfer and socializing our security practices within our cloud & network architectures and our workflow processes. The ability to multi-task, while maintaining structure and organization, is essential in this position. The ideal candidate for this job is resourceful, an excellent problem solver, and a superb communicator. Who We Are: We're a $10+ billion, rapidly growing workforce solutions provider in the healthcare industry. We deliver tech-enabled services that help healthcare organizations meet and manage their contingent labor needs. We build and manage tech-enabled marketplaces for national and local healthcare talent and deliver contingent labor management solutions through our proprietary software platform. At Aya, we're obsessed with creating exceptional experiences for our clients, clinicians, and employees. In fact, we put employee satisfaction above all else. Our team members are responsible for incomparable customer experience and we know that happy employees are critical to maintaining happy clients. We foster an entrepreneurial, high-energy, low-bureaucracy culture and value innovative thinking and creative problem-solving. We embrace diversity in thought and backgrounds unified by a commitment to high achievement. When you join Aya, you'll be surrounded by teammates who care about you as an individual and leaders who will help you grow both personally and professionally. Responsibilities: Collaboratively plan, implement, and maintain Azure cloud-based security processes and solutions with a focus on networking, virtual servers, web applications, databases and storage. Experience with one or more scripting languages such as PowerShell, Bash, Azure CLI, ARM Templates, Terraform is preferred. Make recommendations regarding vulnerability management and remediation to the DevOps & development teams on areas related to the security of the platform. Demonstrate a strong initiative and follow through in executing project responsibilities, overcoming obstacles, and balancing multiple priorities effectively. Strong awareness of networking and internet protocols, including TCP/IP, DNS, SMTP, HTTP, SSL/TLS, and distributed networks. Should be able to understand overall VLAN design, ACL rules, route tables, firewall rules, and Azure Policy. Coordinate with various teams to provide uninterrupted delivery of security services to ensure architecture meets compliance and operational security requirements. Required Qualifications: Systems/Security engineering: 10+ years Microsoft Azure: 5+ years Experience in a technical lead role with a deep understanding of Azure Architectures. Strong interpersonal skills - team player, personable, professional, and organized. Takes initiative, uses tact and diplomacy. Ability to define problems, collect data, establish facts and draw valid conclusions. Strong communication (written and verbal) and presentation skills. Working collaboratively across teams to drive risk reduction and security adoption. Experience with network, hardware and software security architectures and design evolution at various levels of the design lifecycle. String experience with security controls, architectures and operations. Hands on experience with AKS, Docker and it's security/networking is a must. Intermediate to advanced experience with Terraform is required. AI/ML security controls and solutions experience. Experience designing and implementing automated remediation workflows. Good understanding of DEVOPS and GitHub actions. Ability to design and deploy policy as code for multiple cloud environments. Familiarity with data privacy and similar regulatory and contractual requirements is a plus. Azure Security/CISSP/Certifications a plus. What We Offer: Free premium medical, dental, life and vision insurance Generous 401(k) match Aya also offers other benefits to those that are eligible and where required by applicable law, including reimbursements and discretionary bonuses Aya provides paid sick leave in accordance with all applicable state, federal, and local laws. Aya's general sick leave policy is that employees accrue one hour of paid sick leave for every 30 hours worked. However, to the extent any provisions of the statement above conflict with any applicable paid sick leave laws, the applicable paid sick leave laws are controlling Celebrations! We hit our goals and reward ourselves. Company-sponsored virtual events, happy hours and team-building activities are always on the horizon - plus, you get a special treat on your birthday! Unlimited DTO - we believe in time off! Virtual yoga, meditation or boot camp classes offered daily Compensation: Aya reasonably anticipates the pay scale for this position to be an annual salary of $170,000 to $190,000. The pay scale for this position may vary if applicant possesses experience outside of what Aya reasonably anticipates for this position. Bonuses are subject to the role and your manager's discretion. Aya is an Equal Opportunity Employer (EEO), including Disability / Vets, and welcomes all to apply. Please click here for our EEO policy

Location: San Diego CARequired Clearance: Secret Certifications: DoD 8570.01-M in accordance with (IAW) DFARS ************ Baseline Certification, minimum IAT Level III Required Education: Bachelor's degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System, Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines Required Experience: Ten (10) years of full-time professional experience Position Description: PingWind is seeking the right fit to join a team of Cyber professionals as they support critical functions to provide Cyber Security for the Navy's network. You will ensure the highest level of cyber security by implementing STIGS, performing scans using tools such as ACAS, and tracking/patching/mitigating vulnerability findings. You will monitor and act upon situations involving Firewalls, Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Switch/Routers, Cross Domain Solutions (CDS), EMASS and, Endpoint Security Solution (ESS). Key goal is to ensure the warfighter can achieve their mission without the interference of adversaries and opportunistic hackers. Work is performed in support of Naval Surface Warfare Center (NSWC), DAHLGREN DIVISION in Virgina Beach as it conducts Research, Development, Test & Evaluation (RDT&E), analysis, systems engineering, integration, and certification of complex Department of Defense systems. Primary Responsibilities: Level III: Ten (10) years of full-time professional experience performing system hardening with demonstrated experience in the following areas:• Interrupting, implementing, tracking and reporting security measures such as STIGs and high impact vulnerability software patching• Monitoring firewalls and overall network for intrusion detection and prevention; acting on security events as they happen and reporting to senior leaders• Involvement in the Navy ATO process to ensure all security risks are removed, mitigated or avoided• Research and tackle security risks as they arise; understand the risk involved, recommend strategies to deal with them, and track/brief risks to leadership, keeping all stakeholders informed until an issue is resolved. Required Qualifications: • Secret• DoD 8570.01-M in accordance with (IAW) DFARS ************ Baseline Certification, minimum IAT Level III • Bachelor's degree in Cybersecurity, Cyber Operations, Cyber Engineering, Information System, Information Technology, Computer, Electrical, or Electronics Engineering, Software Engineering, Computer Science, Mathematics with a concentration in Computer Science, or equivalent to above disciplines• Combined total of ten (10) years of full-time professional experience in the following skillsets/disciplines:• Littoral Combat Ship (LCS) Total Ship Computing Environment (TSCE) experience• Computer security, military system specifications, Security Management policy guidance and directives, DoD and cybersecurity policies;• Risk Management Framework (RMF) and the implementation of Cybersecurity and IA boundary defense techniques and various IA-enabled appliances. Examples of these appliances and applications are Firewalls, IDS, IPS, Switch/Routers, Cross Domain Solutions (CDS), EMASS and Endpoint Security Solution (ESS);• Performing STIG implementation;• Performing vulnerability assessments with the Assured Compliance Assessment Solution tool; and• Remediating vulnerability findings to include implementing vendor patches on both Linux and Windows Operating systems Desired Qualifications/Experience: • DoD 8570.01-M CSSP certification• RMF experience About PingWind PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity, development, IT infrastructure, supply chain management and other professional services such as system design and continuous improvement. PingWind is a VA CVE certified Service-Disabled Veteran-Owned Small Business (SDVOSB) with offices in Washington DC and Northern Virginia. **************** Our benefits include: • Paid Federal Holidays• Robust Health & Dental Insurance Options• 401k with matching• Paid vacation and sick leave• Continuing education assistance• Short Term / Long Term Disability & Life Insurance• Employee Assistance Program through Sun Life Financial EAP Guidance Resources Veterans are encouraged to apply PingWind, Inc. does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law.

Select Cyber, an Information Security recruitment specialty firm, seeks to fill the following role for our client: Network Security Analyst I Be part of a cutting-edge Computer Incident Response Team, (CIRT) for a fortune 500 company. We are looking for individuals that want to learn a new field and grow with the company. Training provided. The selected candidate will be a part of the Security Operations Center (SOC) and its mission to improve the information security of our customers using a Security Information and Event Management (SIEM) tool to detect and analyze IT security incidents. Responsibilities: Perform the following functions as individual assignments or as part of a team: · Monitoring client networks for signs of adversarial activity. · Respond to alerts from various monitoring systems and platforms providing indicators for enterprise defensive measures. · Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs). · Triage potentially malicious events to determine severity and criticality of the event. · Follow procedures to analyze and escalate security incidents which vary from customer to customer. Experience · 1+ years technical experience in the Information Technology field. · Experience with Intrusion Detection & Prevention Systems (IDS/IPS) or Firewalls & Log Analysis a plus. · Technical degree, Associate or Bachelor's degree from an accredited institution in Computer Science or information technology field preferred. · CompTIA Network+/Security+ certifications is a plus

Saronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms. Saronic Technologies is a leader in defense autonomy at sea. We're seeking a Platform Security Engineer to secure the cloud/edge where vessels, operators, and customers meet. You'll own identity and access patterns, secrets and key management, secure network posture, and policy-as-code guardrails-working across AWS (including GovCloud), Terraform infrastructure, and service code to deliver trustworthy, auditable systems. Senior Engineers: 3+ years securing production cloud platforms (identity, secrets/KMS, network posture), preferably in autonomy, robotics, aerospace, or defense. Staff Engineers: 8+ years including technical leadership across secure-by-default platform modules, short-lived credential issuance, and cross-account policy design; demonstrated ownership from design through operational rollout.Key Responsibilities Design, develop, and maintain secure-by-default infrastructure on AWS using Terraform (ALB/OIDC, IAM, KMS, Secrets Manager, Route53, VPC/SGs). Standardize OIDC at the edge (ALB/ingress) for internal and external applications; define scopes, claims, and token lifecycles. Own secrets and key management: KMS key policies, rotation schedules, cross-account access, and automated issuance for services and tools. Enforce IMDSv2 required, least-privilege IAM roles, and tight security groups across modules; add CI/policy checks to prevent regressions. Design secure protocols/APIs for service↔service and boat↔cloud communication (mTLS/TLS, certificate issuance/rotation, revocation). Manage short-lived credentials used by fleet/overlay services; implement rotation, auditing, and incident response runbooks. Prefer service-mediated S3 access over broad pre-signed URLs; codify bucket policies, logging, and access boundaries. Build centralized, tamper-evident logging and audit trails; integrate detections and metrics to validate control effectiveness. Perform threat modeling and security reviews; document patterns and drive adoption via reusable modules and guides. Troubleshoot complex security issues in production; lead post-incident reviews and drive remediation to closure. Stay current on cloud security best practices, especially for defense/government environments. Required Qualifications: Bachelor's or Master's degree in Computer Science, Software/Computer/Electrical Engineering, or a related field. 3+ years building on AWS with Terraform (ALB/ELB, IAM, KMS, Secrets Manager, Route53, VPC/SGs). Strong knowledge of cryptographic and IAM fundamentals (key policies, rotation, certificates, OIDC/OAuth2). Demonstrated experience enforcing IMDSv2, least-privilege roles, and network controls at scale. Experience designing secure protocols/APIs and integrating auth into service code (e.g., Go/Rust/TypeScript). Proven ability to perform threat modeling and conduct design/code security reviews. Excellent problem-solving and communication skills; effective collaboration across platform, embedded, and field teams. This role requires the ability to obtain and maintain a security clearance Preferred Qualifications: Experience in AWS GovCloud, multi-account landing zones, and cross-account KMS/Secrets patterns Familiarity with fleet/overlay VPN access control and short-lived credential issuance Policy-as-code guardrails (e.g., OPA/Conftest, Terraform validations), drift detection, and CI integration Centralized logging/SIEM and cloud threat detection (e.g., CloudTrail, GuardDuty) with audit readiness PKI/CA management and, ideally, hardware roots of trust (TPM/secure elements) at the edge DoD/defense domain familiarity and prior work under export-controlled constraints Benefits:Medical Insurance: Comprehensive health insurance plans covering a range of services Saronic pays 100% of the premium for employees and 80% for dependents Dental and Vision Insurance: Coverage for routine dental check-ups, orthodontics, and vision care Saronic pays 100% of the premium under the basic plan for employees and 80% for dependents Time Off: Generous PTO and HolidaysParental Leave: Paid maternity and paternity leave to support new parents Competitive Salary: Industry-standard salaries with opportunities for performance-based bonuses Retirement Plan: 401(k) plan Stock Options: Equity options to give employees a stake in the company's success Life and Disability Insurance: Basic life insurance and short- and long-term disability coverage Pet Insurance: Discounted pet insurance options including 24/7 Telehealth helpline Additional Perks: Free lunch benefit and unlimited free drinks and snacks in the office This role requires access to export-controlled information or items that require “U.S. Person” status. As defined by U.S. law, individuals who are any one of the following are considered to be a “U.S. Person”: (1) U.S. citizens, (2) legal permanent residents (a.k.a. green card holders), and (3) certain protected classes of asylees and refugees, as defined in 8 U.S.C. 1324b(a)(3) . Saronic does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.

Hey there, Rockstar! 🚀 We are looking for you! At Agile IT, we help organizations thrive by making technology simple, secure, and strategic. As a trusted Microsoft partner and CMMC Registered Practitioner Organization (RPO), we specialize in guiding businesses through the complexities of cloud adoption, cybersecurity, and compliance, so they can focus on achieving their mission without being slowed down by IT challenges. We combine deep technical expertise with a people-first approach to deliver solutions that actually work in the real world. From CMMC compliance and security to cloud migration, collaboration, and ongoing managed services, Agile IT empowers organizations to modernize with confidence and agility. Why Work at Agile IT? Impactful Work: Everything you touch helps to keep our nation's secrets secure while also helping our client organizations thrive, making technology a true enabler instead of a roadblock. Culture of Growth: We're a team of curious learners and problem-solvers, and we invest in developing your expertise through training, certifications, and hands-on experience. Flexibility & Balance: With a remote-friendly environment and a people-first approach, you get the freedom to do your best work while living your best life. Collaborative Team: At Agile IT, you're surrounded by passionate professionals who support one another and celebrate success together. Forward-Thinking Mindset: We stay ahead of industry shifts so our team and our clients are always future-ready. Joining Agile IT means being part of a company that isn't just adapting to the future of IT-it's shaping it. Job Description At Agile IT, supporting CMMC-compliant environments means we don't just fix problems-we prevent them. As a Security Analyst at Agile IT, you'll play a critical role in safeguarding our clients. You'll monitor and analyze security events, investigate incidents, and collaborate with senior engineers and architects to deliver world-class managed security services. This is an excellent platform to sharpen your analytical and technical skills while protecting clients in today's ever-changing threat landscape. This position is designed to nurture your career growth, providing a pathway into the dynamic and evolving field of cybersecurity operations and defense. What you do: (major responsibilities) Monitor and analyze security events across client environments. Investigate alerts, perform triage, and escalate incidents when needed. Conduct threat analysis and provide actionable recommendations to reduce risk. Assist in incident response activities, including root cause analysis and reporting. Tune and improve detection rules and security use cases to enhance visibility. Communicate findings clearly to both technical and non-technical stakeholders. Stay up to date on emerging threats, vulnerabilities, and trends. Qualifications What sets you apart: (qualifications-knowledge, skills, and abilities) 2+ years of experience in a SOC/NOC or MSSP in cybersecurity; OR 5+ years of experience in cybersecurity operations role. Familiarity with SIEM tools (Sentinel, Splunk, QRadar, etc.). Strong understanding of networking, firewalls, IDS/IPS, and endpoint protection. Knowledge of security frameworks such as MITRE ATT&CK, NIST, or CIS Controls. Excellent problem-solving and communication skills. A collaborative mindset with the ability to work across teams and with customers. Nice to have skills: (preferred skills or skills that will be expected to learn) Certifications such as SC-200, Network+, Security+, CySA+, CEH, CISSP, or equivalent. Experience with Microsoft Security tools (Defender, Sentinel, Purview, Entra). Exposure to cloud platforms (Microsoft Azure, AWS, Google Cloud). Familiarity with compliance frameworks (CMMC, NIST 800-171, HIPAA, ISO 27001). Additional Information A writing sample will be requested from candidates who are chosen to move forward in the interview process. THE FINE PRINT: Compensation and Benefits *Pay range is $62,400 to $83,200 per year. Starting pay is generally lower to mid-range; based on experience. This is a remote, full-time, non-exempt position. Medical/Dental/Vision/STD/LTD Remote mental and physical health networks $200,000 basic life insurance Voluntary life 401(k) with 3% employer contribution - no vesting period Combined 18 days PTO increasing with tenure 9 paid holidays And so much more *Factors in determining the appropriate compensation for a role include experience, skills, knowledge, abilities, education, licensure and certifications, and other business and organizational needs. The Hiring Pay Scale referenced in the job posting is the budgeted salary or hourly range that Agile IT reasonably expects to pay for this position. Background checks, pre-employment aptitude, and skills testing are a mandatory part of the recruitment process. All Agile IT employees are provided with laptops and home office equipment. Due to the contractual requirements of our work with government entities, all hires must be US Citizens. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. All your information will be kept confidential according to EEO guidelines.

Are you looking to make an impactful difference in your work, yourself, and your community? Why settle for just a job when you can land a career? At ICW Group, we are hiring team members who are ready to use their skills, curiosity, and drive to be part of our journey as we strive to transform the insurance carrier space. We're proud to be in business for over 50 years, and its change agents like yourself that will help us continue to deliver our mission to create the best insurance experience possible. Headquartered in San Diego with regional offices located throughout the United States, ICW Group has been named for ten consecutive years as a Top 50 performing P&C organization offering the stability of a large, profitable and growing company combined with a focus on all things people. It's our team members who make us an employer of choice and the vibrant company we are today. We strive to make both our internal and external communities better everyday! Learn more about why you want to be here! PURPOSE OF THE JOB The purpose of this job is to design secure architectures and develop cybersecurity approaches and techniques to evaluate the security of a system or network. This position will assist with strategic initiatives for short and long-term plans to identify and reduce the attack surface across applications and systems. The position exists to monitor and defend ICW Group's technology against potential threats that jeopardize the financial growth and security goals of the Company. ESSENTIAL DUTIES AND RESPONSIBILITIES Monitors and protects information assets across hybrid environments. * Monitors data flows and access events across AWS, on-prem, and SaaS platforms using DLP, CASB, SIEM, and AWS-native tools such as Macie, GuardDuty, CloudTrail, and Security Hub. * Detects and investigates data breaches, insider threats, and exfiltration attempts; leads data-centric incident response through containment, analysis, and recovery. * Implements and enforces data classification, labeling, and tagging frameworks integrated with AWS S3, RDS, and enterprise file systems. * Designs and manages encryption and key management solutions using AWS KMS, CloudHSM, and on-premise HSMs to secure data at rest and in transit. * Collaborates with development and DevOps teams to embed data protection into CI/CD pipelines and application code, ensuring secure data handling throughout SDLC. * Conducts forensic reviews and produces actionable reports, metrics, and dashboards highlighting data risks and anomalies across hybrid systems. Leads complex data protection initiatives and resolves data security risks. * Leads enterprise data security projects, including AWS DLP implementation, sensitive data discovery, structured/unstructured data protection, and automated alerting. * Defines and enforces data governance standards for both AWS and on-prem environments, aligning to ICW's data lifecycle management and retention requirements. * Partners with database, app dev, and analytics teams to integrate encryption, tokenization, and privacy-by-design principles into application workflows. * Designs and maintains role-based and attribute-based access controls (RBAC/ABAC) across AWS Identity and Access Management (IAM), Active Directory, and application layers. * Collaborates with Privacy, Legal, and Compliance to operationalize data protection impact assessments (DPIAs) and retention/deletion automation. * Produces executive and board-level reports detailing data protection maturity, compliance metrics, and emerging risk areas. * Serves as a technical escalation point for AWS data protection incidents, third-party integrations, and complex remediation efforts. Serves as ICW's senior data security SME and technical advisor. * Provides expert consulting to architecture, engineering, and product teams on AWS-native security services and hybrid data protection models. * Advises leadership on emerging cloud data security trends and recommends architectures that balance scalability with compliance and risk reduction. * Conducts advanced data risk assessments, privacy impact analyses, and forensic reviews to guide remediation and control design. * Defines AWS-aligned compliance strategies supporting NIST CSF, NYDFS 500, GLBA, and state privacy laws. * Evaluates and integrates modern data security solutions such as SASE/CASB platforms, insider risk analytics, and automated data classification tools. * Mentors junior engineers and fosters a data-first security mindset across ICW's engineering organization. Partners with project management and internal teams to mature hybrid data security. * Implements technical and process controls to continuously improve data protection maturity in AWS and on-prem applications. * Partners with cloud engineering and on-prem development teams to design secure data pipelines, storage, and access control mechanisms. * Contributes to automation and orchestration of data protection activities using AWS Lambda, EventBridge, and native integration APIs. * Leads knowledge sharing on emerging AWS capabilities while ensuring backward compatibility with existing on-prem data flows. * Coaches development and data engineering teams to identify and mitigate data leakage risks during application and infrastructure design. SUPERVISORY RESPONSIBILITIES This position has no supervisory responsibility but may mentor and train junior engineers. EDUCATION AND EXPERIENCE * Bachelor's Degree from four-year college or university required with major or emphasis Engineering, Cybersecurity, Networking, or Computer Science related discipline. * Minimum 8 years of experience working in a security engineering related role designing secure networks, systems and application architectures or equivalent combination of education and experience required. * Minimum 3-5 years of experience in AWS Cloud Security services preferred. Direct experience using advanced technologies such as Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus software, Network Packet Analyzers, content filtering, Malware analysis and forensics tools to detect intrusions. * Experience in cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management concepts and practices, and policy and procedure development. * Experience with AWS Services such as AWS Identity & Access Management, AWS Organizations, AWS Security HuB, Guard Duty, CloudTrail, AWS CloudTrail. CERTIFICATES, LICENSES, REGISTRATIONS * Certification in GSEC, CISSP, and/or Security+. * AWS Certified Security - Specialty, preferred KNOWLEDGE AND SKILLS * Knowledge of risk assessment tools, technologies, and methodologies. Knowledge of disaster recovery, computer forensic tools, technologies, and methods. * Knowledge of enterprise security platforms. * Ability to communicate network security issues to peers and management. Ability to read and use the results of mobile code, malicious code, and anti-virus software. * Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention. * Demonstrated experience as a lead engineer in the design, implementation and support in an enterprise IT environment. * Ability to work with mathematical concepts such as probability and statistical inference. * Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems. * Ability to combine disparate skills and thinking to craft solutions and solve complex operational problems. * Ability to hypothesize on root cause of inefficiencies and then test out probable solutions against those hypotheses. * Ability to read, analyze, and interpret technical journals, financial reports, security analysis reports and other IT related documents. * Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. * Must be able to read, write and speak English effectively. * Ability to effectively communicate/present technical information to a non-technical audience. * Ability to cross train and share information with team members. PHYSICAL REQUIREMENTS Office environment - no specific or unusual physical or environmental demands and employees are regularly required to sit, walk, stand, talk, and hear. Employees are required to reach with hands and arms; stoop, kneel, crouch, or crawl. Employees must occasionally lift and/or move up to 30 pounds. Employees are required to have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time. WORK ENVIRONMENT This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment. We are currently not offering employment sponsorship for this opportunity. #LI-TM1 #LI-HYBRID The current range for this position is $121,624.81 - $217,710.99 This range is exclusive of fringe benefits and potential bonuses. If hired at ICW Group, your final base salary compensation will be determined by factors unique to each candidate, including experience, education and the location of the role and considers employees performing substantially similar work. WHY JOIN ICW GROUP? * Challenging work and the ability to make a difference * You will have a voice and feel a sense of belonging * We offer a competitive benefits package, with generous medical, dental, and vision plans as well as 401K retirement plans and company match * Bonus potential for all positions * Paid Time Off with an accrual rate of 5.23 hours per pay period (equal to 17 days per year) * 11 paid holidays throughout the calendar year * Want to continue learning? We'll support you 100% ICW Group is committed to creating a diverse environment and is proud to be an Equal Opportunity Employer. ICW Group will not discriminate against an applicant or employee on the basis of race, color, religion, national origin, ancestry, sex/gender, age, physical or mental disability, military or veteran status, genetic information, sexual orientation, gender identity, gender expression, marital status, or any other characteristic protected by applicable federal, state or local law. ___________________ Job Category IT

Job Details CA 8 - San Diego, CA Full Time 4 Year Degree $100000.00 - $120000.00 Salary/year Admin - ClericalDescription is contingent upon contract award Echelon Services LLC is a Native Hawaiian-owned 8(a) small business that delivers secure, mission-ready IT, cyber, data, and program support to the Department of Defense and federal partners. We value initiative, accountability, and teamwork, and we empower our people to make a measurable impact. Position Summary We are seeking a Security Cooperation Analyst who is a self-starter and highly proactive. You will help plan, coordinate, and track activities across Foreign Military Sales and Building Partner Capacity programs to support Combatant Commands, Service Components, and program offices. You will analyze case data, maintain accurate trackers and dashboards, prepare briefings and deliverables, and keep actions moving without being asked twice. This role partners closely with government leads and industry teammates in a fast-moving, mission-focused environment. Key Responsibilities • Maintain day-to-day visibility of security cooperation actions and milestones across the case lifecycle; track tasks, risks, and dependencies to keep efforts on schedule. • Develop and maintain clear trackers, spreadsheets, and dashboards that show status, funding, and execution to leadership and working-level audiences. • Draft, edit, and format program artifacts, briefs, information papers, meeting minutes, and standard operating procedures that are accurate and ready for delivery. • Support planning and coordination for case development, Letters of Request and Letters of Offer and Acceptance, requisitions, and delivery status. • Consolidate inputs from functional teams such as finance, logistics, cybersecurity, and engineering; resolve small issues directly and elevate blockers early. • Prepare and run recurring meetings; publish agendas, capture decisions and action items, and follow through to closure. • Research policy and process references and summarize the impact to the team in plain language. • Uphold configuration control and version management for shared files and trackers. • Foster strong relationships with government stakeholders, end users, and international partners through clear, timely communication. • Protect sensitive information and follow all security and handling requirements. Qualifications Required Qualifications • Active Secret clearance. • Bachelor's degree in international relations, business, data analytics, public administration, or a related field. • 1-3 years of experience supporting DoD programs, security cooperation, international programs, program analysis, or logistics. • Strong Microsoft 365 and Excel skills, including creating pivot tables, lookups, and clear visual status reports (Power BI or SharePoint experience is a plus). • Excellent written and verbal communication; able to turn rough inputs into polished, error-free products. • Demonstrated self-starter with the ability to anticipate needs, take ownership, and move tasks to completion with minimal direction. • Detail oriented with strong organization skills and the ability to manage multiple priorities in a dynamic environment. Preferred Qualifications • Familiarity with security cooperation processes and tools such as the SAMM, SCIP, DSAMS, and G-TSCMIS. • Experience supporting NAVWAR or NIWC Pacific, or similar DoD program offices. • Exposure to funding execution, obligation tracking, or basic earned value terms. • Experience building lightweight dashboards or automations with Power BI or Power Platform. Compensation and Benefits • Base salary range (California): $110,000 to $120,000 annually, based on experience, education, certifications, and work location. • Comprehensive benefits including medical, dental, vision, 401(k) with company match, paid time off, paid holidays, and paid sick leave consistent with California law. • Candidates outside California may see geographic differentials based on local market data. Echelon Services is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

BAE Systems is looking for a Senior Cyber Architect. The qualified candidate will be working on and possibly leading security engineering teams supporting cybersecurity engineering activities in a rapid development environment to support the specification, development, and application of computer security technologies, cybersecurity and information assurance management techniques to DoD systems. Tasks may include: Leading systems engineering teams Leading Assessment and Authorization (A&A) activities for DoD Systems in accordance with Risk Management Framework Supporting traditional systems engineering tasks such as CONOPS, requirements development and allocation, cyber design engineering, cyber implementation engineering, verification and Validation, and continuous monitoring efforts during deployment, Operations and Sustainment Supporting offensive architecture analysis and design of defense-in-depth solutions Supporting Development Security Operations (DevSecOps) integration Developing and assessing system security plans including, security concepts of operation, risk management matrix, security control traceability matrix, security test procedures, and plan of action and milestones Conducting and analyzing vulnerability assessments to validate system compliance with RMF controls and DISA Security Technical Information Guidelines (STIG) Analyzing static code scans and dynamic code scans to validate Application Security and Development STIG compliance This position may require business travel to customer locations in support of customer meetings, product demonstration, Integration and/or systems testing. About BAE Systems Electronic Systems BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. Electronic Systems (ES) is the global innovator behind BAE Systems' game-changing defense and commercial electronics. Exploiting every electron, we push the limits of what is possible, giving our customers the edge and our employees opportunities to change the world. Our products and capabilities can be found everywhere - from the depths of the ocean to the far reaches of space. At our core are more than 14,000 highly talented Electronic Systems employees with the brightest minds in the industry, we make an impact - for our customers and the communities we serve. This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified. Bachelor of Science degree in a Cyber, Systems, Software, Electrical, Mechanical or similarly related engineering/technical discipline, and 12+ year(s) related experience or equivalent experience, training and/or certifications. ISC2 CISSP or equivalent certification Strong engineering skills, interpersonal skills, and the ability to effectively build and lead teams Extensive experience with traditional A&A tools: ACAS Nessus, SCAP Scanner, STIG Viewer Demonstrated expertise in national Cybersecurity policies, DoD A&A processes and procedures and industry best practices on complex systems Expertise in vulnerability assessment, control allocation and risk mitigation Other cyber certifications (CISSP-ISSAP, CISSP-ISSEP, CCSP, CEH, OSCP, etc.) Top Secret/SCI security clearance by the Federal Government Understanding of offensive security tactics, techniques and procedures Experience with Cyber Failure Mode, Effects, and Criticality Analysis (FMECA) Experience writing proposals with innovative cost-effective solutions Experience with Open Container Initiative (OCI) including Platform One, Iron Bank and Repo One Experience with offensive architecting, threat modeling and attack vector analysis Experience with cloud and cross domain solution accreditations Ability to negotiate effectively with higher level managers, functional managers, customers, industry partners, and teammates Demonstrated leadership skills (supervisory experience, building teams, building customer relationships) Ability to support proposal and cost activities Working knowledge of Earned Value Management System (EVMS) systems and Project management tools such as Cost Performance Index (CPI) and Integrated Master Schedule (IMS) Experience with leading and coordinating security test events to achieve accreditation milestones Experience with verifying and validating vulnerability resolutions and/or mitigations Experience with supporting proposal and cost estimate activities Experience with Attack and Threat modeling Strong mentoring skills Good planning and organizational skills Strong oral and written communications skills Benefits Information Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics. Intern Benefits: Temporary employees generally are not eligible for BAE Systems benefits, but can elect to participate in the 401(k) savings plan. Temporary employees working 20+ hours per week are eligible for medical benefits, the employee assistance program, and business travel accident insurance. Please note: Some benefits may be different for union employees that are governed by a collective bargaining agreement (CBA) or for positions covered by a wage law called the McNamara-O'Hara Service Contract Act (SCA).

Job Description Senior Cyber Security Architect The Senior Security Architect designs and drives the secure architecture of DataHouse platforms and client solutions across cloud and hybrid environments. This role leads threat modeling, control selection, and reference architectures aligned to ISO/IEC 27001, NIST, and HIPAA, partners with engineering to embed security in delivery pipelines, and advises public-sector and healthcare clients on compliance-aligned architectures. You'll be a senior individual contributor with broad influence-mentoring engineers, shaping standards, and participating in architecture reviews and program governance. *This position requires the candidate to be based in Hawaii and able to work on-site in Honolulu as needed. Primary Responsibilities and Duties Architecture & Design: Define secure reference architectures (network, identity, data, application, and cloud) for AWS/Azure; champion zero-trust and least-privilege patterns. Risk Management: Identify, assess, and mitigate security risks to protect company assets, data, and systems from external and internal threats. Security Strategy Development: Develop and implement comprehensive security strategies and roadmaps that include key policies, procedures, and practices to safeguard the company's information technology infrastructure. Security Compliance: Ensure that security architecture meets regulatory requirements and compliance standards, such as GDPR, HIPAA, or industry-specific regulations. Governance & Compliance: Translate ISO/IEC 27001, NIST (CSF/800-53/171), and HIPAA into practical architectures, patterns, and evidence requirements; support internal audits and renewals. Advisory & Reviews: Sit on internal and client architecture review boards; support executive-level guidance to SLED and healthcare clients. Collaborate with Leadership: Work closely with senior leadership, including the CTO, and other department heads, to ensure security strategies align with business priorities and technology initiatives. Incident Readiness: Partner with SecOps to refine detection logic, playbooks, and tabletop exercises; ensure architectures support rapid containment and recovery. Mentorship & Standards: Coach engineers; author standards, patterns, and runbooks; lead brown-bags and security awareness sessions for delivery teams. Vendor Management: Work with external vendors to evaluate and select security tools, technologies, and services to enhance the company's security posture. Specific Responsibilities and Duties Develop and implement frameworks for the secure design and deployment of cloud services, network infrastructure, and enterprise applications. Lead the evaluation and integration of new security technologies and methodologies to enhance the company's security infrastructure. Collaborate with the IT department to ensure security controls are integrated into all software development and systems engineering processes. Define and enforce standards and best practices for secure software development, network security, data protection, and vulnerability management. Implement and continually improve the organization's Information Security Management System (ISMS) to maintain ongoing ISO 27001 certification. Advise client leadership teams on IT governance, budget planning, security roadmaps, and risk management programs. Ensure security practices address requirements specific to healthcare, government, and other regulated industries. Qualifications Bachelor's degree in Computer Science, Information Security, or a related field. 6+ years of experience in information security, with at least 2 years in a senior security architecture role or similar management position. Proven experience in designing and implementing security architectures for large, complex systems across multiple platforms (cloud, on-premise, hybrid). Expert knowledge of security frameworks, such as NIST, CIS, ISO 27001, comparable ISMS frameworks, and experience with industry compliance standards. Strong understanding of network security, encryption technologies, access controls, threat modeling, and risk management. Experience with public sector and healthcare IT security requirements preferred. Experience with cloud security, including public cloud platforms such as AWS, Azure, or Google Cloud. Leadership and team management experience, with the ability to mentor and inspire a security team. Excellent problem-solving and analytical skills, with the ability to design secure systems and mitigate risks proactively. Proven track record delivering security services to external clients, including executive advisory and program governance. Strong ability to communicate risk and security strategy to executives, boards, and non-technical stakeholders. Certified Information Systems Security Professional (CISSP) or other relevant certifications (e.g., Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM)) is preferred. AWS/Azure security certifications preferred.