Security engineer jobs in South Carolina

DNI is on the lookout for a Senior Cyber Security Analyst - Information Systems Security Manager (ISSM) to deliver expert guidance in Information Systems Security and cybersecurity support for the Enterprise Information Services at the Department of Energy (DOE) Savannah River Operations Office (DOE-SR), located at the Savannah River Site (SRS) in Aiken, SC. Requirements Reports to the Chief Information Security Officer (CISO) and Program Manager. Oversee the Authority to Operate (ATO) lifecycle, manage risk assessments, develop and monitor Plan of Action and Milestones (POAMs), ensuring compliance with security standards and timely mitigation of organizational boundary security risks. Actively participate in the bi-weekly accreditation boundary meetings and keep the AODR informed of any changes/updates to eRAMS/POA&Ms/STAR items or any new VPM and CM issues that may arise. Provide technical and procedural cyber security advice to DOE, associate contractor partners, and Industrial Control Systems (ICS) teams as necessary. Oversee operational information systems security implementation programs. Coordinate with Information System Security Officer (ISSO) or PSO on approval of External Information Systems (e.g. guest systems, interconnected system with another organization). Oversee ISSOs to ensure they follow established policies and procedures and timelines. Ensure CM policies and procedures for authorizing the use of hardware/software on an IT system are followed. Any additions, changes or modifications to hardware, software, or firmware must be coordinated with the AODR prior to the addition, change or modification. ISSM shall have authority to veto any proposed change they feel is detrimental to security in boundaries under their purview. Appeals on an ISSM/ISSO veto may be taken to the AODR. Ensure approved procedures are used for sanitizing and releasing system components and media as necessary. Ensure proper measures are taken when cyber security incident or vulnerability is discovered. Maintain a working knowledge of system functions, security policies, technical security safeguards, and operational security measures. Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. Manage, maintain, and execute the information security continuous monitoring plan. Ensure a record is maintained of all security-related vulnerabilities and ensure serious or unresolved violations are reported to the AODR; and assess changes to the system, its environment, and operational needs that could affect the security authorization. Other related tasks as assigned. Support information technology (IT) security goals and objectives and reduce overall organizational risk; Advise senior management (e.g., Chief Information Security Officer [CISO] and Chief Information Officer [CIO] on risk levels and security posture.); Advise appropriate senior leadership of changes affecting the organization's cybersecurity posture; Communicate the value of information technology (IT) security. Knowledge, Skills, and Abilities: Highly organized individual with exceptional communication skills, ensuring all stakeholders are consistently informed and updated as required. Excellent written and oral communication skills (writing samples may be requested). Attention-to-detail is critical, proven ability to look closely at your work to identify and correct errors, spot and improve weaknesses and produce a near-perfect end-result. Ability to identify problems, brainstorm and analyze answers, and implement the best solutions. Ability to develop and review security related procedures or processes and reports. Demonstrated ability to provide clear, precise, and factual information to senior leaders, team members, and external stakeholders. Capable of attending all customer-required meetings and promptly providing responses as requested. Familiarity with applicable regulations affecting Cyber Security NIST 800 Series Standards. Clearance: Must possess (or be able to obtain) a “Q” level security clearance. Education: A bachelor's degree in information technology systems, computer science, or related field and experience in information technology systems or related area. Relevant experience may be substituted for education on a year-for-year basis. Experience: 7+ years in IT security or related field. Authority to Operate Life Cycle (ATO), Risk Management, POAMS & Milestones Certification: Highly desired certifications: Certified Information System Security Professional (CISSP) Certified Information Security Manager (CISM) Benefits Covers 100% of employee benefit premiums, including Medical (PPO or HDHP Option), Vision, Dental Matching 401K Short- and Long-Term Disability Pet Insurance Professional Development/Education Reimbursement Parking and Transit Benefits for NY, NJ, ATL, and DC Metro areas Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

CULTURE SNAPSHOT: Broad River Retail is an organization of integrity, diversity and culture working together for the purpose of ‘ Furnishing Life's Best Memories' . At Broad River, we call all our employees “Memory Makers.” We do this because we know everyone that works for our Company has the power to make positive memories not only for our Guests, but also for their families, co-workers, and communities. We take pride in training and developing our teams so that they can provide a premier customer experience to every Guest. Our Memory Makers are the driving force that has led us to being the largest and fastest growing Ashley licensee in the U.S. and landing us on the Top Places to Work list two years in a row in our industry. AT A GLANCE: The IT Security Manager reports directly to the VP of IT/BI and is part of the IT/BI Department. The IT Security Manager is responsible for safeguarding the organization's digital assets by managing and monitoring, detecting, and responding to security threats. This role involves conducting risk assessments, managing incident responses, and implementing security protocols to ensure the integrity, confidentiality, and availability of enterprise systems and data. DAY IN THE LIFE AS THIS MEMORY MAKER: Monitor security networks and systems for breaches or suspicious activity. Respond to security incidents and conduct thorough investigations. Perform vulnerability assessments and penetration testing. Develop and implement security measures and protocols. Analyze security alerts and determine appropriate response actions. Collaborate with IT teams to ensure secure system configurations. Prepare regular security reports for management. Conduct security awareness training for staff. Lead and manage security-related projects and initiatives. WHAT YOU'LL NEED TO SUCCEED: Bachelor's degree in Computer Science, Information Technology, or related field. 5+ years of experience in cybersecurity or related roles. 3+ years of Information Technology Management or related field Certifications such as CISSP, CISM, CEH, or GIAC preferred. Strong understanding of cybersecurity frameworks (e.g., NIST, ISO-27001, PCI-DSS). Experience with SIEM, IDS/IPS, firewalls, and endpoint protection tools. Excellent analytical, problem-solving, and communication skills. Ability to lead security-related projects and initiatives. Clearly convey ideas, expectations, and feedback to teams, ensuring transparency and alignment across all levels. Build strong relationships and a positive work culture. Address and resolve conflicts within the team, mediating differences and finding mutually beneficial solutions. Inspire and encourage team members, fostering a sense of purpose and driving performance toward shared goals. Respond to change with flexibility and a positive outlook, guiding teams through transitions and unforeseen challenges. Distribute tasks effectively based on team strengths, ensuring optimal workload balance and empowering others to take ownership. Mentor and provide constructive feedback to help team members grow, enhancing their skills and career development. WORKPLACE ENVIRONMENT: While performing the duties of this job the employee is: Prolonged periods sitting at a desk and working on a computer. Must be able to lift up to 15 pounds at a time. WORK SCHEDULE OUTLINED ON SITE, HYBRID, REMOTE WITH EXPECTATIONS Ability to work independently, as well as, in a collaborative team environment within an office setting. Physical requirements such as extended periods of sitting and computer use may be required. Physical requirements such as extended periods of standing may be required. Ability to communicate effectively verbally, in writing, and/or electronically. Ability to use logical reasoning for simple and complex problem solving. Travel up to 20% of your time. In accordance with the Americans with Disabilities Act (ADA), reasonable accommodations may be made to empower individuals with disabilities to undertake the essential duties and responsibilities of the position. MEMORY MAKER PERKS & BENEFITS: Salary Range based on background, skill, and experience Medical, dental, vision, and life insurance options Paid time off and 401K matching contribution Employee discount (40%) at BRR locations Internal Opportunities for career growth and advancement OUR COMMITMENT TO YOU: Broad River Retail is committed to creating a place where everyone feels respected, valued, and able to reach their full potential. Regardless of race, gender, religion, sexual orientation, age, disability, or if you're parenting the next generation of Memory Makers, we firmly believe our work is at its best when everyone feels free to be their most authentic self.

Systems Engineer 29406, Charleston, South Carolina (Onsite) Full Time Permanent Any Secret Clearance is mandatory Client is seeking a Systems Engineer of Automation for an effort to provide systems engineering and integration of Defence software systems. Must Have: US Citizenship Security Clearance 5+ years' experience in a systems engineer role automating complex IT infrastructure Experience with Microsoft Windows Server and Client Operating Systems Ability to effectively install, configure, and administer in a multi-system and/or multi-application environment Expertise with Microsoft PowerShell is critical as it is heavily leveraged to automate installation, configuration, hardening, and maintenance tasks Ability to automate the installation and configuration of applications Working knowledge and experience with Agile framework and Scrum Knowledge of Linux/Windows OS and networking from a system design perspective Ability to create and test virtualized environments (VMWare, OpenShift, Hyper-V, AWS) Strong documentation and oral communication skills to clearly communicate with all levels of users, engineers, managers, and organizations Ability to work with others in a highly collaborative environment Self-Motivated, strong work ethic and commitment to quality Ability to multi-task and balance multiple goals and priorities We'd be Impressed if You Had: A bachelor's degree in computer science or engineering 10+ years' experience in systems engineering Demonstrated experience with: Git, GitLab, GitLab Pipelines, Artifactory, Confluence and Jira Ansible development (Inventories, Collections, Roles, Modules, Playbooks, etc.) Programming/scripting languages (Bash/Python/HTML/etc) Integrated development environment (IDE, Visual Studio Code) for GIT management and code revision Test Driven Development VMware virtual infrastructure Linux administration and BASH scripting network device configuration and automation Certifications: Microsoft certification (i.e., MCIT, MCSA, MCSE, etc.) CISSP, SANS, ITIL

1. Experience with Windows server. 2. GPO and Powershell 3. Microsoft Active Directory 4. Experience with backup and (Disaster Recovery (DR) 5. Advanced knowledge of computer and network hardware, software, operating systems 6. Experience with security and data classification related to CDC, HIPAA, and CJIS. 7. Advanced knowledge of information technology system analysis, design, testing and maintenance techniques

Scope of the project: DPH has recently moved its server environment to the State IT Data Center. Although the primary migration has occurred, additional remediation efforts are required to get that environment into a segmented framework. Due to the volume of systems, interdependencies, servers, and various locations throughout the state, additional staff is needed to support the effort. The team will ensure systems are set up following industry best practices to ensure strategic initiatives and compliance with federal and state regulatory laws and ensure business continuity. These positions will be a part of the team responsible for the implementation of this project. They will also be involved with supporting the day-to-day operations of the Agency's Server Hosting environment. Candidates should be self-motivated, team-oriented, work under limited supervision, and respond to priority tasks as needed. Scope of the project: DPH has recently moved its server environment to the State IT Data Center. Although the primary migration has occurred, additional remediation efforts are required to get that environment into a segmented framework. Due to the volume of systems, interdependencies, servers, and various locations throughout the state, additional staff is needed to support the effort. The team will ensure systems are set up following industry best practices to ensure strategic initiatives and compliance with federal and state regulatory laws and ensure business continuity. These positions will be a part of the team responsible for the implementation of this project. They will also be involved with supporting the day-to-day operations of the Agency's Server Hosting environment. Candidates should be self-motivated, team-oriented, work under limited supervision, and respond to priority tasks as needed. traditional business hours when necessary. Module support of the project. DPH will require that selected personnel sign the DPH confidentially agreement and/or Business Associate (BA) agreement if applicable. All web services must be secure. DPH will not accept any offers including an “up-lift” charge. The rate paid per consultant must not exceed the maximum rate established for this position described in the State contract terms. Contractors must be onsite during each week throughout the term of the contract. Follow agency IT Standards, policies, and procedures to include documentation. All source code (compiled and un-compiled) will become the sole property of the South Carolina Department of Health and Environmental Control. Any source code, data, product, or functionality resulting from this SOW or previously owned/developed by DPH will remain the sole property of DPH and is not to be incorporated into the core product of any vendor's application. Any modifications and interfaces developed under said contract will be not be used by the contractor for any independent project of the contractor or published or publicized by the contractor without written permission of DPH. DPH has the final say on all programming choices. Required Skills (rank in order of Importance): 1. Experience with Windows server. 2. GPO and Powershell 3. Microsoft Active Directory 4. Experience with backup and (Disaster Recovery (DR) 5. Advanced knowledge of computer and network hardware, software, operating systems 6. Experience with security and data classification related to CDC, HIPAA, and CJIS. Advanced knowledge of information technology system analysis, design, testing and maintenance techniques Preferred Skills (rank in order of Importance): Prefer experience with Microsoft HyperV Experience with Linux Server, AIX Experience with DataDobi Experience with Solarwinds Experience with Lansweeper CITRIX Presentation Server or XenApp Soft Skills: Critical thinking skills and problem resolution Ability to establish positive working relationships with technical staff, customers and others involved in data-centric management. Excellent written, oral, and interpersonal communication skills Required Education: Bachelor's or Master's Degree in a relevant field of work or equivalent work experience.

About Analog Devices Analog Devices, Inc. (NASDAQ: ADI ) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world. With revenue of more than $9 billion in FY24 and approximately 24,000 people globally, ADI ensures today's innovators stay Ahead of What's Possible. Learn more at ************** and on LinkedIn and Twitter (X). Network Security Engineer Cyber Defence Job Req: Role Overview The Network Security Engineer is responsible for designing, implementing, and maintaining secure network infrastructures. This role ensures the organisation's firewalls, VPNs, and network security controls are properly configured, monitored, and compliant with industry standards. We are looking for a proactive and solution orientated professional with excellent problem-solving and analytical skills. You will want to stay current with emerging threats, technologies, and best practices and will have the ability to think strategically and act tactically. You will be the authority on keeping an Analog Devices' computer networks safe from threats and ensuring secure connectivity for critical business operations. Key Responsibilities * Provide governance for the configuration, management, and optimisation firewalls, IDS/IPS, and network security appliances. * Perform firewall posture management, including rule audits, cleanup, and compliance checks. * Govern the implementation and maintenance of network segmentation, secure remote access, and VPN solutions. * Monitor network traffic for anomalies and respond to security incidents. * Develop and enforce network security policies and standards. Ensure compliance with security standards and regulations. * Conduct vulnerability assessments and support patching of network devices. * Automate routine tasks using scripts or security orchestration tools. * Implement cloud security controls across AWS, Azure, and GCP, applying Zero Trust principles and securing hybrid network architectures for resilience * Establish reporting for ADIs network security posture and help to develop plans for continuous improvement * Develop and maintain detection logic leveraging network telemetry (e.g., NetFlow, DNS logs, proxy logs) to identify anomalous or malicious activity. * Collaborate with SOC teams to create and update run-books for network-related incidents, ensuring consistent and efficient response workflows. * Continuously improve detection coverage by analysing threat trends and incorporating new indicators into network monitoring tools Essential * More than three (3) years' experience in a network security engineering role * An in-depth understanding of networking protocols and technologies * Demonstrable hands-on experience with security tools and platforms: Network Detection & Response, Secure Web Gateways/Proxies, Intrusion detection and prevention systems (IDS/IPS), Enterprise firewalls and SIEM platforms and vulnerability management tools * Experience with cloud security for AWS, Azure, or GCP and securing cloud networking components. * Familiarity with security frameworks such as NIST, ISO 27001, or CIS and operational resilience frameworks * Demonstrate social and cultural flexibility by effectively collaborating with diverse teams across global regions Qualifications * University degree in computer science, information security, or relevant field. * Professional certifications or equivalent practical experience. * Demonstrable competence with network security protocols and cyber testing tools. * Strong understanding of common security frameworks and compliance requirements. * Excellent analytical and problem-solving skills. * Good oral and written skills in English to be able to successfully communicate and collaborate across our Global business. #LI-TK1 For positions requiring access to technical data, Analog Devices, Inc. may have to obtain export licensing approval from the U.S. Department of Commerce - Bureau of Industry and Security and/or the U.S. Department of State - Directorate of Defense Trade Controls. As such, applicants for this position - except US Citizens, US Permanent Residents, and protected individuals as defined by 8 U.S.C. 1324b(a)(3) - may have to go through an export licensing review process. Analog Devices is an equal opportunity employer. We foster a culture where everyone has an opportunity to succeed regardless of their race, color, religion, age, ancestry, national origin, social or ethnic origin, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, parental status, disability, medical condition, genetic information, military or veteran status, union membership, and political affiliation, or any other legally protected group. Job Req Type: Experienced Required Travel: Yes, 10% of the time Shift Type: 1st Shift/Days

Posting Details Classification Title IT Security Specialist/ Analyst I Classification Code AM80 Pay Band 6 Subject to Drug/Alcohol Testing Guidelines No Subject to Credit Check No Internal Title Information Security Analyst Department Information Technology Services Position Type PCLS - Slotted Classified Full or Part Time Full-Time Basis 12 mo. Hours per week 37.5 hours per week Normal Work Schedule Mon-Thu: 8-5 ; Fri: 8-12:30 Job Details Coastal Carolina University is currently accepting applications for the following full-time position: Information Security Analyst in the Office of Information Technology Services. Coastal Carolina University's Information Technology Services is looking for an information security analyst who is responsible for monitoring, analyzing, and mitigating cybersecurity and compliance risks. The analyst will also aid in the development of solutions, research new technologies, assist in policy changes, and recommend content for security awareness programs. How to Apply: Interested candidates may apply online at ***************************************** Applicants must submit a cover letter, resume and list of three (3) professional references. Review of applications will begin immediately and continue until position is filled. Required Qualifications: A bachelor's degree in information technology systems, computer science, or related field and experience in information technology systems or related area. Relevant experience may be substituted for bachelor's degree on a year-for-year basis. Preferred Qualifications: Experience with incident response, security monitoring, data loss prevention, implementing security controls, administering vendor supplied security software, risk assessment, security and privacy compliance, and/or participating on disaster recovery planning team. Duties include, but are not limited to: * Research information security events, incidents, and issues to isolate and identify root or systemic causes. Responds according to policy and best practices. * Assists business units and operational teams with information security risk assessments and audits. * Gathers, compiles, and synthesizes information for security processes and systems around vulnerabilities and risk. * Aids in the development of solutions through security partnerships and research on new technologies, required policy changes, and vendor offerings. * Recommends content for information security training and awareness programs. IT Security Specialist/Analyst I (AM80/61122728/FTE-S01096P), full-time position with benefits. SC State Pay Band: 06. Salary range: $47,588.00 (minimum) - $67,817.00 (midpoint). Normal work hours are Monday through Thursday, 8:00 a.m. to 5:00 p.m. and Friday, 8:00 a.m. to 12:30 p.m. Must be flexible to meet the special scheduling needs of the university. Coastal Carolina University is a public comprehensive liberal arts institution located in Conway, South Carolina, just nine miles from the Atlantic coastal resort city of Myrtle Beach. Coastal Carolina University enrolls over 10,000 students from 49 states and 55 nations. The University is accredited by the Southern Association of Colleges and Schools Commission on Colleges to award the baccalaureate and master's degrees of national and/or regional significance in the arts and sciences, business, humanities, education, and health and human services, a specialist degree in instructional technology, and PhD degrees in marine science: coastal and marine systems science and education sciences. The University provides equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, citizenship status, national origin, or because an employee or applicant for employment is an individual with a disability or a disabled veteran, an Armed Forces service medal veteran, a recently separated veteran, or an active-duty wartime or campaign badge veteran, or other "protected veteran," as defined by law. Coastal Carolina University is an EO/AA employer. Required Qualifications A bachelor's degree in information technology systems, computer science, or related field and experience in information technology systems or related area. Relevant experience may be substituted for bachelor's degree on a year-for-year basis. Preferred Qualifications Experience with incident response, security monitoring, data loss prevention, implementing security controls, administering vendor supplied security software, risk assessment, security and privacy compliance, and/or participating on disaster recovery planning team. Knowledge, Skills & Abilities Possess knowledge of system and network security for various operating systems and local area networks. Experience with security tools and technologies for deploying, managing, measuring, and auditing system and network security. Has a foundational understanding of application, hosted service, and cloud security principles. Capable of contributing to the creation of detailed technical documentation on security processes and procedures. Demonstrates basic analytical and problem-solving skills. Understands risk concepts and principles. Communicates effectively with audiences of varying technical knowledge levels. Posting Detail Information Posting Number FTE-S01096P Number of Vacancies 1 Desired Start Date 01/12/2026 Position End Date (if temporary) Job Open Date 12/11/2025 Job Close Date Open Until Filled Yes Special Instructions to Applicants Quicklink for Posting **************************************** Job Duties

Meta's Product Security team is seeking a experienced hacker who derives purpose in life by revealing potential weaknesses and then crafting creative solutions to eliminate those weaknesses. Your skills will be the foundation of security initiatives that protect the security and privacy of over two billion people. You will be relied upon to provide engineering and product teams with the web, mobile, or native code security expertise necessary to make informed product decisions. Come help us make life hard for the bad guys. **Required Skills:** Product Security Engineer, AI Responsibilities: 1. Security Reviews: perform manual design and implementation reviews of products and services that make up the Meta ecosystem, like Instagram, WhatsApp, Oculus, Portal, and more 2. Developer Guidance: provide guidance and education to developers that help prevent the authoring of vulnerabilities 3. Automated Analysis and Secure Frameworks: build automation (static and dynamic analysis) and frameworks with software engineers that enable Meta to scale consistently across all of our products **Minimum Qualifications:** Minimum Qualifications: 4. BS or MS in Computer Science or a related field, or equivalent experience 5. 8+ years of experience finding vulnerabilities in interpreted languages. Knowledge of best practice secure code development 6. Experience with exploiting common security vulnerabilities 7. Knowledge of common exploit mitigations and how they work 8. Coding and scripting experience in one or more general purpose languages **Preferred Qualifications:** Preferred Qualifications: 9. Experience creating software that enables security processes, especially those leveraging AI/ML for automation or augmentation 10. Experience integrating or building AI-powered tools to assist with vulnerability detection, code review, or threat modeling 11. Experience creating software that enables security processes 12. 8+ years of experience finding vulnerabilities in C/C++ code 13. Contributions to the security community (public research, blogging, presentations, bug bounty) 14. Demonstrated ability to collaborate with AI researchers or engineers to apply AI in security workflows **Public Compensation:** $177,000/year to $251,000/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our team. In this pivotal role, you will be instrumental in designing, implementing, and managing IAM solutions that secure our enterprise applications and facilitate the secure, efficient, and seamless integration of identity and access systems in context of our rapid growth through Mergers and Acquisitions. You will ensure robust access controls, streamline user experiences, and maintain operational continuity across our diverse IT landscape. The ideal candidate will have deep technical expertise in modern IAM principles, protocols and products along with strong management and communication skills. **Responsibilities:** + **Application Integration Leadership:** Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our core IAM infrastructure, ensuring secure authentication, authorization, and user provisioning/de-provisioning. + **M&A Integration Strategy & Execution:** Lead the planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Solution Design & Implementation:** Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications:** + **Education:** Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. + **Experience:** 5+ years of progressive experience as an IAM Engineer, designing and implementing enterprise scale solutions with significant experience in supporting M&A integration projects preferred. + **Technical Expertise:** + Proficiency in directory services (e.g., Active Directory, Azure AD, LDAP). + Extensive knowledge and experience with authentication standards and technologies such as SSO (SAML, OAuth, OpenID Connect), MFA, and privileged access management (PAM). + Hands-on experience with leading IAM platforms (e.g., Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). + Experience with scripting languages (e.g., PowerShell, Python) for automation and integration. + Strong understanding of security principles, risk management, and access control models (e.g., RBAC). + Understanding of DevOps practices. + Familiarity with Zero Trust architecture principles. + Familiarity with AI/ML concepts and their practical application in security and risk management, especially in IAM context. + **M&A Specific Skills:** Proven track record of managing complex integration projects, including assessing existing IAM capabilities, workflow, systems, and processes of acquired entities. Ability to navigate the complexities of integrating diverse identity infrastructures. + Strong communication and interpersonal skills to collaborate effectively with various teams and stakeholders. + Detail-oriented mindset to ensure precise access control configurations and compliance. + Excellent problem-solving and analytical abilities to troubleshoot access issues and design solutions for unique business requirements + Must be a self-starter who takes full ownership of projects from inception to completion , holding oneself accountable for the security and operation integrity of IAM platform. + Ability to manage multiple priorities and meet tight deadlines in a fast-paced M&A environment. + Adaptability to stay ahead of evolving IAM technologies and security threats. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Remain current on security trends, standards, regulations, and tools. Ensure cybersecurity files are maintained and current. Hold security review meetings regularly with relevant stakeholders. Monitor development tool and 3 rd party software items for vulnerabilities and updates. Run regular scans on products using latest tools to detect newest vulnerabilities. Work with development to keep 3 rd party software incorporated in products updated. Review encryption algorithms to make sure current best practices are followed. Ensure code authenticity is managed and secure. Review security training for personnel is completed. Ensure device Windows Images use latest updates and are released regularly.

Proterra offers a dynamic and supportive workplace where our employees can thrive personally and professionally. With cutting-edge facilities and groundbreaking projects, Proterra offers unique opportunities to grow, collaborate, and lead transformative change in the electrification of heavy-duty transportation and equipment. Our commitment to innovation extends beyond our battery solutions to our people, where we create an environment where everyone feels valued, supported, and empowered to drive change for the earth. Here at Proterra we strive to foster a culture of inclusivity, valuing diverse perspectives and encouraging bold ideas, allowing our employees to bring their full selves to work. Our employees benefit from competitive total rewards packages, and opportunities to develop professionally. Position Overview:  The Information Security Engineer will be responsible for developing, enhancing, and executing Information Security Operations at Proterra.  In this position you will assist with the maintenance and implementation of IT security systems to protect Proterra's corporate, manufacturing, cloud and IoT environments from cyber-attacks. You will maintain and lead incident response and escalations with our security operations center, be responsible for vulnerability management and participate in the creation or improvement of company security policies/ procedures.  You will be responsible for conducting/leading risk assessments and participating in and supporting security assessments and audits. Additionally, you will be assisting with evaluation, setup and utilization of new security products and technologies.  About the Role - You will:  Identify and analyze potential threat activity targeting client networks via monitoring systems, alerts, vulnerabilities, SIEM tools and network traffic and respond for immediate remediation. Work with cross functional teams to support security requirements to protect organization's corporate, manufacturing, cloud and IoT environments from cyber-attacks. Oversee and maintain existing security tools as well as overall enterprise security systems that include network and/or host-based intrusion detection systems, anti-virus/advanced EDR, SIEM/event correlation, file integrity monitoring, full packet captures, computer forensics, encryption, vulnerability management, data loss prevention and application scanning.  Responsible for the coordination and actions needed for remediation generated by incident reports and manufacture recommended patching and hotfixes. Identify and analyze potential threat activity targeting client networks via monitoring systems, alerts, vulnerabilities, SIEM tools and network traffic and respond for immediate remediation. Work with cross functional teams to support security requirements to protect organization's corporate, manufacturing, cloud and IoT environments from cyber-attacks   Oversee and maintain existing security tools as well as overall enterprise security systems that include network and/or host-based intrusion detection systems, anti-virus/advanced EDR, SIEM/event correlation, file integrity monitoring, full packet captures, computer forensics, encryption, vulnerability management, data loss prevention and application scanning.  Responsible for the coordination and actions needed for remediation generated by incident reports and manufacture recommended patching and hotfixes. Assist Crowdstrike Falcon Complete team in remediation of critical information security incidents in coordination with 3rd party SOC team.  Implement and maintain security controls and have a suitable knowledge of existing cyber threats to infrastructure and clouded environments.  Participate in scheduled security assessment activities and projects to ensure industry compliance.  Initiate and maintain Security Incident Response Plan (SIRT) and After-Action Reports (AARs) to maintain operational continuity  Identify, analyze and interpret threat actors and malicious activity in client environments act upon and take the appropriate actions towards remediation and documentation.  Differentiate between potential intrusion attempts and pinpoint false alarms by working with EDR, Identity Protection and NextGen SIEM to develop resolution plans. Perform 3rd party vendor assessments and fulfill Proterra security assessments requirements Triage and respond to security events - serve as a primary responder for incidents, taking ownership of incidents and tracking through resolution.  Performs other related duties as assigned.  Your Experience Includes: 3-5 years of related information technology infrastructure experience  with identity and access management [IAM], SSO solutions including (SAML 2, OAuth 2, OIDC). Some experience in securing enterprise networks, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and secure network protocols (e.g., IPsec, SSL/TLS) heavy emphasis in SaaS apps such as Crowdstrike Falcon Complete, Netskope DLP, Nessus Tenable and asset management platforms such as Axionus. Overall Knowledge of endpoint protection technologies (e.g., anti-malware, EDR, DLP), and experience in managing and securing workstations, mobile devices, and servers. Have participated in penetration testing, vulnerability assessments, and red teaming exercises. General understating of industry standards, compliance, and legal requirements (ISO 27001, FedRAMP, NIST 800-171, NIST 800-53, SOC2, etc.)  Excellent trouble-shooting abilities in software and hardware and be able to lead outage calls and trouble-shooting conversations until resolved and provide detailed root cause analysis reports.  Above average understanding in vulnerability reporting using Saas platforms such as Nessus Tenable. Education: Bachelor's degree in computer science, Information Security, Electrical Engineering or Management Information Systems preferred. Equivalent years of consecutive IT security experience with recognized industry certifications may be considered. Certifications: CISSP, CASP+, SSCP+, or other relevant security certificates  Certified Ethical Hacking (CEH) CISSP, CISA Network+, Security+, Linux+ or combination of similar certificates acceptable. Applicants must be authorized to work for any employer in the U.S. There is no immigration sponsorship available for this role (ex: H1-B, OPT, CPT, TN or any other employment sponsorship).  #LI-BJ1

PRIMARY DUTIES & RESPONSIBILITIES: Conducts regular risk assessments to identify potential vulnerabilities and threats within the AWS IL5 environment Develops strategies for risk mitigation and implements necessary controls to address identified risks Maintains a risk register documenting identified risks and corresponding mitigation actions Ensures AWS configurations align with IL5 security requirements, including encryption, access controls, and network segmentation Implements and enforces compliance with relevant security standards and regulations, such as NIST SP 800-53 and DoD IL5 requirements Monitors AWS configurations for deviations from security baselines and promptly remediates any non-compliant settings Implements strong IAM policies to enforce least privilege access across AWS resources Regularly reviews IAM roles and permissions to ensure alignment with the principle of least privilege Enables multi-factor authentication (MFA) for privileged accounts and sensitive operations Deploys robust monitoring tools to detect unauthorized access attempts, suspicious activities, and security breaches Establishes incident response procedures to promptly respond to security incidents and minimize their impact Conducts post-incident reviews to identify lessons learned and improves incident response processes Implements encryption mechanisms to protect data at rest and in transit within the AWS IL5 environment Regularly reviews encryption policies and key management practices to ensure effectiveness Provides regular security training and awareness programs to AWS IL5 users and administrators Educates users about common cyber threats, phishing attacks, and best practices for secure usage of AWS resources Encourages a culture of security awareness and proactive risk mitigation among all stakeholders Conducts periodic security assessments and audits to evaluate the effectiveness of cyber security controls Identifies areas for improvement and implement enhancements to strengthen the security posture of the AWS IL5 Cloud SCCA Stays abreast of emerging cyber threats, vulnerabilities, and industry best practices to adapt security measures accordingly Travels approximately 3-4 days a quarter, as required DESIRED SKILLS & REQUIREMENTS: RMF experience USMC Cyber experience SAFe (Scaled Agile Framework) experience Working Place: North Charleston, South Carolina, United States Company : Scientific Research Corporation

Savannah River National Laboratory (SRNL) is seeking an energetic individual with good interpersonal skills to join the Cyber Assurance, Governance, Risk Management and Compliance team! The selected individual will assist the Information Systems Security Officer (ISSO) and GRC team with NIST Risk Management Framework (RMF) processes to ensure a secure operational security posture is in place and maintained throughout the lifecycle of the system and/or network. Minimum Qualifications: Bachelor's degree in Computer Science, Information Assurance, or related field 4-6 years of relevant experience in NIST Risk Management Framework and Control Sets (i.e., NIST 800-37 and NIST 800-53) as a federal-contractor employee For ability to obtain and maintain a security clearance, US Citizenship is Legally Required Preferred Qualifications: Working knowledge and experience with the NIST Risk Management Framework and Control Sets (i.e., NIST 800-37 and NIST 800-53) in a federal contractor role Attention to detail and strong written communication skills (clear, concise for evidence/control implementation descriptions) Experience with information assurance tools (GRC, Tenable.SC, Nessus, Splunk, etc.) Ability to quickly learn new technologies, concepts, and processes Demonstrated ability to work collaboratively in a team environment with good interpersonal skills Active DOE L clearance Data entry, updates and maintenance of System Security Plans and other documents/evidence in the GRC tool Executing scans security scans (compliance and vulnerability related) Tracking status of temporary risk findings to closure and gathering remediation evidence Pulling configuration compliance reports, STIG checklists, CIS benchmarks Assist with RMF Continuous Monitoring activities and new project Risk Assessments Assist Project Security Officers and ISSOs with preparation of authorization packages for new projects and accreditation boundary Assist with entry of new risks, updates or maintenance in the risk register Assist in performing security impact analysis using approved security policies and SSPs and provide recommendations for meeting requirements with adequate security controls that align with business objectives. Work effectively in a team environment to resolve issues and contribute to continuous process improvement efforts. Participate/assist with compliance assessments/audits and data calls. Interact with customers and peers in a professional and responsive manner.

Title: Security Analyst - Project Lead (8780) Work Mode: Hybrid (3 days onsite per week required) Contract Duration: 12 months (Extension possible) Interview Process: 1 round, virtual video interview required Candidate Requirement: Candidate must be a current South Carolina resident. No relocation allowed. Scope of Work The resource will plan, coordinate, evaluate, document, and report on IRS Pub 1075 compliance activities, including security controls, corrective action plans (CAPs), artifacts, SCSEM requirements, and follow-up remediation. Key Responsibilities • Lead, coordinate, and support preparation efforts for an IRS Safeguard Review. • Review Corrective Action Plans (CAPs) for effectiveness and determine compliance readiness. • Review SSR, SSPs, and SSAs to ensure alignment with IRS Publication 1075. • Identify relevant IRS Safeguard Computer Security Evaluation Matrix (SCSEM) controls and assess agency compliance. • Provide technical advice for remediation of non-compliant SCSEM control areas. • Assist and coordinate follow-up actions after the Safeguard Review, including CAP development for findings. • Provide expert analysis of proposed technical solutions to ensure compliance with IRS Pub 1075. • Conduct research and recommend security improvements for systems and infrastructure. • Use the agency's established project management methods for planning, coordination, communication, and reporting. • Communicate effectively with both technical and non-technical staff, including federal and state stakeholders and executive leadership. Required Skills (Must Have) • 5+ years of expert-level experience as a Security Analyst, including risk assessment, vulnerability management, and incident response. • 3+ years of experience preparing for and actively supporting at least one IRS Safeguard Review at a state agency. • 3+ years of experience working with and applying IRS SCSEM requirements including implementation, compliance assessment, and documentation. • 3+ years of experience with IRS Publication 1075 (Rev. 11-2021) compliance. • Strong proficiency with Microsoft Office, SharePoint, and Microsoft Teams. • Excellent oral and written communication skills across multidisciplinary teams. • Knowledge of applicable IT security standards (e.g., ISO, IEEE). Preferred Skills • Experience with Child Support Enforcement systems or knowledge of Child Support program operations and objectives. • Experience with federal or state regulatory compliance frameworks such as FISMA, NIST, or IRS Publication 1075. • Experience developing and maintaining technical documentation and audit support for safeguard reviews, security audits, and compliance assessments.

Meta Platforms, Inc. (Meta), formerly known as Facebook Inc., builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps and services like Messenger, Instagram, and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. To apply, click "Apply to Job" online on this web page. **Required Skills:** Security Engineer Responsibilities: 1. Build tools that enable connectivity to our infrastructure only from Meta owned and managed devices. 2. Build machine attestation and secure certificate storage solutions to enable strong client trust. 3. Deploy systems that help mitigate security risks by understanding and controlling what software is allowed to execute on our client devices. 4. Develop, validate, and enforce our client security policies. 5. Build and deploy tools and automation that proactively detect and respond to security risks and threats to internal corporate services. 6. Advise and collaborate with other teams. 7. Telecommuting from anywhere in the U.S. allowed. **Minimum Qualifications:** Minimum Qualifications: 8. Requires Bachelor's Degree (or foreign equivalent) in Computer Science, Engineering or a related field and 1 year of experience in the job offered or a computer-related occupation 9. Requires 12 months of experience involving the following: 10. PHP, Golang, Python, C/C++, Rush, or Ruby 11. Designing and deploying security infrastructure such as PKI, key management, and certificate management 12. Endpoint Security & Management 13. Certificate Lifecycle 14. Devices & OS hardening and security policies 15. Identity & Access Management (Authentication & Authorization, SSO) 16. Network Security and 17. Programming and Code Review **Public Compensation:** $178,041/year to $200,200/year + bonus + equity + benefits **Industry:** Internet **Equal Opportunity:** Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Meta participates in the E-Verify program in certain locations, as required by law. Please note that Meta may leverage artificial intelligence and machine learning technologies in connection with applications for employment. Meta is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let us know at accommodations-ext@fb.com.

Cardinal Health, Inc. (NYSE: CAH) is a global healthcare services and products company. We provide customized solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices and patients in the home. We are a distributor of pharmaceuticals and specialty products; a global manufacturer and distributor of medical and laboratory products; an operator of nuclear pharmacies and manufacturing facilities; and a provider of performance and data solutions. Working to be healthcare's most trusted partner, our customer-centric focus drives continuous improvement and leads to innovative solutions that improve the lives of people every day. With approximately 50,000 employees worldwide, Cardinal Health ranks among the top fifteen in the Fortune 500. **_Department Overview:_** **Information Technology** oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value. **Information Security and Risk** develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans, conducts incident responses, threat management, vulnerability scanning, virus management and intrusion detection as well as completes risk assessments. **Responsibilities:** + **M&A Integration Execution:** Collaborate and engage with IAM Lead and other business partners on planning, design, and execution of IAM integration strategies for M&A activities, ensuring alignment with overall business and security objectives. This includes assessing the IAM landscapes of merging entities to identify challenges and solutions. + **Design and Implement Sailpoint IIQ Solutions:** Configure and customize Sailpoint IIQ components (Lifecycel Manager, Compliance Manager etc). Also develop workflows, rules, and connectors for identity governance. + **Application integration with Sailpoint IIQ:** Integrate Sailpoint IIQ with enterprise applications, directories and cloud platforms in addition to developing and maintaining connectros for provisioning and de-provisioning. + **Sailpoint IIQ Development and Scripting:** Write and maintain BeanShell scripts, Java code and XML configurations, develop customer Sailpoint tasks and workflows. + **Identity System Merging & Consolidation:** Manage the complex process of merging disparate identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into the existing infrastructure. + **User Lifecycle Management:** Streamline and automate user provisioning, de-provisioning, and periodic access reviews for employees, contractors, and partners across all integrated systems, ensuring smooth onboarding and offboarding during M&A transitions. + **Security & Compliance:** Ensure IAM systems and processes comply with regulatory requirements (e.g., GDPR, HIPAA, SOX) and internal security policies, providing auditable records of access activities. Protect against data breaches by ensuring only authorized personnel can access sensitive information. + **Technical Troubleshooting & Support:** Troubleshoot, identify, and resolve technical identity and access management-related issues, providing expert support to internal teams and end-users during and after integration. + **Collaboration & Communication:** Coordinate cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM implementation and seamless integration with business processes. Communicate complex security concepts to technical and non-technical stakeholders. + **Documentation & Best Practices:** Develop, review, and maintain comprehensive technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay up-to-date with IAM best practices, regulatory requirements, and security trends. **Qualifications** + Experience with SailPoint IdentityIQ (IIQ) is a must + Experience with SailPoint IIQ Integrations (Workday, Active Directory/LDAP, Webservices, SCIM, JDBC, SAP) + Experience implementing Life Cycle Manager (LCM) Configuration workflow tasks that model business functions, including Lifecycle Requests (Role or Entitlement), Lifecycle Events (Joiner, Mover, or Leaver), and LCM Workflow Details (Workflows and Subprocesses) + Solid understanding of the SailPoint object model, rules, and policies + Experience with both lifecycle manager (LCM) and compliance manager (CM) modules + Knowledge of Active Directory, LDAP, Workday, and cloud platforms (GCP, MS Entra ID) is required + Proven track record of successful IAM implementations including large scale enterprise deployments. + Experience working within regulatory standards and requirements such as, SOX, HIPAA, GDPR etc. is desired. **Anticipated salary range:** $94,900 - $135,600 **Bonus eligible:** No **Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with my FlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs **Application window anticipated to close:** 12/20/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (***************************************************************************************************************************

Proterra offers a dynamic and supportive workplace where our employees can thrive personally and professionally. With cutting-edge facilities and groundbreaking projects, Proterra offers unique opportunities to grow, collaborate, and lead transformative change in the electrification of heavy-duty transportation and equipment. Our commitment to innovation extends beyond our battery solutions to our people, where we create an environment where everyone feels valued, supported, and empowered to drive change for the earth. Here at Proterra we strive to foster a culture of inclusivity, valuing diverse perspectives and encouraging bold ideas, allowing our employees to bring their full selves to work. Our employees benefit from competitive total rewards packages, and opportunities to develop professionally. Position Overview: The Information Security Engineer will be responsible for developing, enhancing, and executing Information Security Operations at Proterra. In this position you will assist with the maintenance and implementation of IT security systems to protect Proterra's corporate, manufacturing, cloud and IoT environments from cyber-attacks. You will maintain and lead incident response and escalations with our security operations center, be responsible for vulnerability management and participate in the creation or improvement of company security policies/ procedures. You will be responsible for conducting/leading risk assessments and participating in and supporting security assessments and audits. Additionally, you will be assisting with evaluation, setup and utilization of new security products and technologies. About the Role - You will: * Identify and analyze potential threat activity targeting client networks via monitoring systems, alerts, vulnerabilities, SIEM tools and network traffic and respond for immediate remediation. * Work with cross functional teams to support security requirements to protect organization's corporate, manufacturing, cloud and IoT environments from cyber-attacks. * Oversee and maintain existing security tools as well as overall enterprise security systems that include network and/or host-based intrusion detection systems, anti-virus/advanced EDR, SIEM/event correlation, file integrity monitoring, full packet captures, computer forensics, encryption, vulnerability management, data loss prevention and application scanning. * Responsible for the coordination and actions needed for remediation generated by incident reports and manufacture recommended patching and hotfixes. * Identify and analyze potential threat activity targeting client networks via monitoring systems, alerts, vulnerabilities, SIEM tools and network traffic and respond for immediate remediation. * Work with cross functional teams to support security requirements to protect organization's corporate, manufacturing, cloud and IoT environments from cyber-attacks * Oversee and maintain existing security tools as well as overall enterprise security systems that include network and/or host-based intrusion detection systems, anti-virus/advanced EDR, SIEM/event correlation, file integrity monitoring, full packet captures, computer forensics, encryption, vulnerability management, data loss prevention and application scanning. * Responsible for the coordination and actions needed for remediation generated by incident reports and manufacture recommended patching and hotfixes. * Assist Crowdstrike Falcon Complete team in remediation of critical information security incidents in coordination with 3rd party SOC team. * Implement and maintain security controls and have a suitable knowledge of existing cyber threats to infrastructure and clouded environments. * Participate in scheduled security assessment activities and projects to ensure industry compliance. * Initiate and maintain Security Incident Response Plan (SIRT) and After-Action Reports (AARs) to maintain operational continuity * Identify, analyze and interpret threat actors and malicious activity in client environments act upon and take the appropriate actions towards remediation and documentation. * Differentiate between potential intrusion attempts and pinpoint false alarms by working with EDR, Identity Protection and NextGen SIEM to develop resolution plans. * Perform 3rd party vendor assessments and fulfill Proterra security assessments requirements * Triage and respond to security events - serve as a primary responder for incidents, taking ownership of incidents and tracking through resolution. * Performs other related duties as assigned. Your Experience Includes: * 3-5 years of related information technology infrastructure experience with identity and access management [IAM], SSO solutions including (SAML 2, OAuth 2, OIDC). * Some experience in securing enterprise networks, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and secure network protocols (e.g., IPsec, SSL/TLS) heavy emphasis in SaaS apps such as Crowdstrike Falcon Complete, Netskope DLP, Nessus Tenable and asset management platforms such as Axionus. * Overall Knowledge of endpoint protection technologies (e.g., anti-malware, EDR, DLP), and experience in managing and securing workstations, mobile devices, and servers. * Have participated in penetration testing, vulnerability assessments, and red teaming exercises. * General understating of industry standards, compliance, and legal requirements (ISO 27001, FedRAMP, NIST 800-171, NIST 800-53, SOC2, etc.) * Excellent trouble-shooting abilities in software and hardware and be able to lead outage calls and trouble-shooting conversations until resolved and provide detailed root cause analysis reports. * Above average understanding in vulnerability reporting using Saas platforms such as Nessus Tenable. Education: * Bachelor's degree in computer science, Information Security, Electrical Engineering or Management Information Systems preferred. Equivalent years of consecutive IT security experience with recognized industry certifications may be considered. Certifications: * CISSP, CASP+, SSCP+, or other relevant security certificates * Certified Ethical Hacking (CEH) CISSP, CISA * Network+, Security+, Linux+ or combination of similar certificates acceptable. Applicants must be authorized to work for any employer in the U.S. There is no immigration sponsorship available for this role (ex: H1-B, OPT, CPT, TN or any other employment sponsorship). #LI-BJ1

Savannah River National Laboratory (SRNL) is seeking an experienced cyber security policy professional to join the Cyber Assurance, Governance, Risk Management and Compliance team! The selected individual will serve as lead policy writer and subject-matter expert for the DOE-SRNL cybersecurity program. Minimum Qualifications Bachelor's degree in Cybersecurity, Information Management/Assurance, or related field 6 to 9 years of experience in Cybersecurity and Policy in a federal-contractor position Excellent and proven writing skills in the cybersecurity field that show the ability to be clear and concise for complex topics. Samples provided may be redacted if needed. For ability to obtain and maintain a security clearance, US Citizenship is Legally Required. Preferred Qualifications Expert knowledge of DOE 205.1x and Cyber Security Program Plans Current or recent experience supporting DOE policies related to cybersecurity Good interpersonal skills and demonstrated ability to work collaboratively in a team environment Certifications in Cyber such as CISSP, CISM, CGRC (formerly ISC2 CAP), or CRISC. Policy-focused certifications (GIAC-GLEG, GSLC or similar) Strong attention to detail Ability to learn new technologies, concepts, and processes quickly Active DOE L clearance Serve as principal author for all new and revised SRNL specific cybersecurity policies and procedures Develop and maintain responses to contracts for DOE Orders and Cyber Security Program Plan Review and advise as to impact to cybersecurity approved policies for other SRNL procedures with cybersecurity references Assist ISSOs with creating and maintaining supplemental program documents, policies and procedures for multiple accreditation boundaries based on approved security controls Perform gap analysis for draft, new, or updated federal mandates (EO 14028, BODS, OMB Memos) and write comprehensive summaries that support efficient decision making where needed Support audits and assessments with policy evidence artifact/packages Review cybersecurity training and develop newly identified training, keeping aligned with approved policies Review and advise ISSOs additional documents such as Risk Assessments, Security Impact Analysis or others as requested. Work effectively in a team environment and contribute to continuous process improvement efforts. Participate/assist with compliance assessments/audits and data calls. Interact with customers and peers in a professional and responsive manner.

Savannah River National Laboratory (SRNL) is seeking a Cyber Security Analyst to join the Cyber Engineering team! The selected individual will work with other team members to ensure robust security controls are selected, implemented, and maintained for a NIST RMF accredited boundaries within unclassified environments. Minimum Qualifications: Bachelor's degree in relevant field of study and 4-6 years of work experience At least 1 general cybersecurity certification and 1 technical certification Technical skills include: understanding security architectures, encryption, firewalls, IDS/IPS, Network security protocols, and applying STIGs. Experience and proficient with cyber tools for vulnerability assessments, SEIM, Endpoint protection and security frameworks. Strong understanding of risk management and experience with familiarity with cloud security principles Soft skills include excellent communication and interpersonal skills, strong attention to detail, ability to multi-task and to collaborate in a team environment For ability to obtain and maintain a security clearance, US Citizenship is Legally Required Preferred Qualifications: Understanding of NIST Risk Management Framework and Control Sets (i.e., NIST 800-37 and NIST 800-53) Current of former experience with DOE cybersecurity or a federal-contractor cybersecurity technical position Experience with zero-trust architecture Ability to learn new technologies, concepts, and processes quickly Splunk or Tenable Certifications Active DOE clearance Team in designing, implementing, and maintaining secure environments applying the NIST RMF framework. Develop strategies for complex security strategies unique to their operating environment. Implement enforceable technical security controls for protection of networks and systems using authorized sources such as STIGs and SRGs Support the ISSO with the technical aspects of the development and ongoing maintenance of security controls and authorization activities Perform and review technical assessments and security reports Work effectively in a team environment to resolve issues and contribute to continuous process improvement efforts Interact with customers and peers in a professional and responsive manner to ensure secure practices. Provide expert support and communicate effectively on security matters